Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jirkHs-KPGmCTQQCPsLKIvE8pCQ.roa
File: jirkHs-KPGmCTQQCPsLKIvE8pCQ.roa (raw, json)
Hash identifier: tixmSLwrKmUYFTsm31i3lTl5Yy49OSplKjbaEA5NkdY=
Subject key identifier: 8E:2A:E4:1E:CF:8A:3C:69:82:4D:04:02:3E:C2:CA:22:F1:3C:A4:24
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D2327DE3BE91C67F1C492C156B9FC7194
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jirkHs-KPGmCTQQCPsLKIvE8pCQ.roa
Signing time: Fri 19 Jan 2024 19:17:11 +0000
ROA not before: Fri 19 Jan 2024 19:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.84.89.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.172.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
95.214.24.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.173.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:27:de:3b:e9:1c:67:f1:c4:92:c1:56:b9:fc:71:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 19 19:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e2ae41ecf8a3c69824d04023ec2ca22f13ca424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b0:e7:4e:b1:00:e0:88:ae:76:b0:a7:51:b7:
ac:06:ba:34:16:a5:69:66:9d:7d:4d:4a:2f:a1:8c:
ac:d2:78:43:95:34:18:e5:5d:0b:a3:de:f4:c2:ba:
72:44:a0:b8:de:a4:e0:c2:80:7a:d0:1b:ce:66:cc:
87:fe:29:2b:b9:e0:ef:15:17:5b:7a:0a:68:06:b0:
d2:66:ff:a4:e2:ce:68:c6:b8:da:34:67:b5:c9:8d:
8b:65:63:3a:a3:81:7a:44:47:ba:94:1d:15:74:b4:
b4:34:c0:c4:90:32:95:01:03:16:8a:e8:8c:bc:c2:
c2:95:58:00:46:db:36:91:0b:02:3b:44:ef:c8:5c:
9b:c5:10:74:f9:af:fe:7a:0b:19:5e:4c:12:b9:9d:
cb:9b:12:80:14:98:77:72:b1:57:5f:70:9f:76:a8:
a9:4b:5a:c8:19:74:8d:7f:49:de:27:f2:23:b3:96:
5d:27:8a:7c:d6:51:3d:6b:27:61:63:bc:ac:b3:56:
a0:81:c7:f8:d7:f6:da:d2:30:7e:e1:16:84:75:ec:
5d:1b:e2:0f:cb:54:96:f9:a6:fb:2d:05:06:96:c4:
d1:85:b4:8b:f9:c9:0d:49:92:e1:2a:4d:9f:75:0a:
d6:f4:03:16:3d:01:8e:97:0e:d2:1a:df:42:58:07:
04:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2A:E4:1E:CF:8A:3C:69:82:4D:04:02:3E:C2:CA:22:F1:3C:A4:24
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jirkHs-KPGmCTQQCPsLKIvE8pCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
94.156.248.0/24
95.214.24.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b1:35:8d:52:63:71:f1:f5:eb:9d:20:b3:56:13:dd:3f:4f:
63:c7:22:ec:82:0f:27:3a:15:ef:9f:32:83:54:e8:ad:11:ca:
f0:6d:79:1c:41:32:91:ac:fc:2d:4d:94:bc:44:73:f8:4a:e5:
40:4d:39:d2:6b:a8:af:ea:31:f6:ef:c6:e9:e4:fc:f4:48:8a:
b8:00:54:e9:0e:7a:56:7a:a8:47:b9:12:8e:3b:ff:80:e1:19:
01:9d:e3:29:77:a4:75:34:21:74:db:d0:8c:26:2e:c9:81:d4:
f9:ad:4e:dd:fe:95:32:35:da:06:5c:92:96:3b:91:57:cb:2e:
43:ee:8a:66:b9:03:ce:da:9b:ed:d1:42:bf:63:e0:e8:d0:25:
97:46:7e:96:b4:4f:ae:6e:a1:2d:eb:8e:5c:ed:bf:a1:7a:de:
7b:d7:b5:ef:42:3a:c9:ac:43:a4:1a:97:4a:06:8e:e7:4c:b2:
61:53:64:47:f7:56:76:c1:a0:9d:74:cb:2e:15:eb:1d:50:8d:
97:7a:e3:dc:ce:87:b0:25:99:a7:18:a5:64:d3:08:a7:db:f3:
46:fe:85:02:61:6d:ce:99:07:93:12:78:28:e9:d3:c1:72:f5:
45:06:62:3b:02:87:be:a1:02:59:54:93:a3:f2:03:06:34:cc:
9e:01:70:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY0jJ9476Rxn8cSSwVa5/HGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE5MTkxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJhZTQxZWNmOGEzYzY5ODI0ZDA0MDIzZWMyY2EyMmYxM2NhNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7DnTrEA4IiudrCnUbesBro0FqVp
Zp19TUovoYys0nhDlTQY5V0Lo970wrpyRKC43qTgwoB60BvOZsyH/ikrueDvFRdb
egpoBrDSZv+k4s5oxrjaNGe1yY2LZWM6o4F6REe6lB0VdLS0NMDEkDKVAQMWiuiM
vMLClVgARts2kQsCO0TvyFybxRB0+a/+egsZXkwSuZ3LmxKAFJh3crFXX3Cfdqip
S1rIGXSNf0neJ/Ijs5ZdJ4p81lE9aydhY7yss1aggcf41/ba0jB+4RaEdexdG+IP
y1SW+ab7LQUGlsTRhbSL+ckNSZLhKk2fdQrW9AMWPQGOlw7SGt9CWAcETwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFI4q5B7Pijxpgk0EAj7CyiLxPKQkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvamlya0hzLUtQR21DVFFRQ1BzTEtJdkU4cENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
VFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QwDAMEAF6aoQME
Al6aoAMEAF6arAMEAF6c7wMEAF6c+AMEAF/WGDAMAwQAk05lAwQAk05mAwQCqxZI
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAufywMA0GCSqGSIb3DQEB
CwUAA4IBAQA7sTWNUmNx8fXrnSCzVhPdP09jxyLsgg8nOhXvnzKDVOitEcrwbXkc
QTKRrPwtTZS8RHP4SuVATTnSa6iv6jH278bp5Pz0SIq4AFTpDnpWeqhHuRKOO/+A
4RkBneMpd6R1NCF029CMJi7JgdT5rU7d/pUyNdoGXJKWO5FXyy5D7opmuQPO2pvt
0UK/Y+Do0CWXRn6WtE+ubqEt645c7b+het5717XvQjrJrEOkGpdKBo7nTLJhU2RH
91Z2waCddMsuFesdUI2XeuPczoewJZmnGKVk0win2/NG/oUCYW3OmQeTEngo6dPB
cvVFBmI7Aoe+oQJZVJOj8gMGNMyeAXCA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org