Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/loGl5w1rv_9b7D-Kq8WcQv02QuM.roa
File: loGl5w1rv_9b7D-Kq8WcQv02QuM.roa (raw, json)
Hash identifier: /aP7oYuyk0KbDx+IfQUZ6lSNmsHrHZIxzm9HVwSeMJ0=
Subject key identifier: 96:81:A5:E7:0D:6B:BF:FF:5B:EC:3F:8A:AB:C5:9C:42:FD:36:42:E3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01874580FFC363C89690073171AD9DDD9905
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/loGl5w1rv_9b7D-Kq8WcQv02QuM.roa
Signing time: Mon 03 Apr 2023 05:04:54 +0000
ROA not before: Mon 03 Apr 2023 05:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:80:ff:c3:63:c8:96:90:07:31:71:ad:9d:dd:99:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 3 05:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9681a5e70d6bbfff5bec3f8aabc59c42fd3642e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5c:38:2f:39:8c:49:61:f3:1b:15:df:8d:8f:
00:22:36:18:28:3a:cf:a3:73:bd:83:34:ff:2a:c1:
71:1f:e7:e6:9f:83:49:21:1a:e0:43:73:22:35:2e:
d5:1b:74:6b:b7:03:18:e7:a8:d1:49:a9:89:bb:da:
0e:1b:69:04:91:43:64:5f:0c:72:45:bd:c5:f5:8d:
00:6a:a0:45:dc:07:55:6d:be:51:e9:2f:73:d6:30:
64:35:da:23:b8:c9:c8:39:86:f1:3a:f7:81:c5:44:
c1:c4:28:95:ef:e3:75:ad:ae:35:3f:74:e4:72:63:
19:b7:07:c0:de:c9:57:d4:3b:66:5f:ff:01:3e:25:
fa:11:de:25:3d:7a:92:be:75:50:c1:c8:63:14:b5:
3c:58:ad:6e:1d:4f:68:e5:c3:8f:57:27:a5:17:bd:
c0:67:ff:5d:8a:1e:3a:31:94:ec:16:8a:a0:4d:9c:
87:29:02:61:fb:68:6f:46:87:72:9c:c1:4b:d4:44:
9a:81:c4:1b:c6:6c:11:42:f7:4f:32:98:07:98:c6:
31:84:02:ba:95:e7:2c:e9:1a:82:0c:f0:27:75:28:
c8:ef:84:fb:d0:a2:1f:9a:a0:2c:af:12:1b:ef:40:
91:45:7b:79:5e:90:3a:30:02:2e:df:c1:ee:6d:69:
a4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:81:A5:E7:0D:6B:BF:FF:5B:EC:3F:8A:AB:C5:9C:42:FD:36:42:E3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/loGl5w1rv_9b7D-Kq8WcQv02QuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.124.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.19.0/24
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.221.64.0/24
193.25.217.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:cd:83:0b:78:a2:f1:d6:12:73:0d:d3:0d:3e:5a:8b:73:41:
8d:a3:2d:5b:c5:b1:3a:2d:e2:61:2f:08:4b:31:6c:32:7d:89:
f7:df:78:76:77:eb:08:50:52:fa:ae:73:ce:bd:63:6a:c6:1f:
23:c1:88:07:ba:52:b3:ce:26:ce:9d:07:66:39:42:63:7e:cb:
1b:4d:c4:1e:8b:6b:fc:03:59:0f:d8:30:fe:7c:28:8d:0b:5d:
cd:6d:22:76:c1:d4:7d:e6:10:e7:4b:c2:b9:81:46:0f:a4:4f:
72:20:14:d4:f3:52:6e:4e:ca:15:cd:8b:43:97:62:88:f9:ec:
7d:e5:bb:5f:19:c1:84:79:85:03:a4:a0:5c:ea:aa:76:e5:bf:
cb:dc:33:64:39:c4:fc:a6:cb:15:ee:1d:12:92:eb:30:ea:89:
b6:81:d1:b7:87:57:c6:6c:bc:78:32:fa:1c:f5:3c:1b:8c:bd:
d6:6c:70:b2:60:70:e3:45:6d:17:ee:d5:44:09:bf:0a:32:8c:
06:5d:d1:a8:d5:1f:bf:ed:9f:a1:c3:26:67:4c:81:99:97:b0:
43:a9:9e:2d:89:12:53:27:c0:91:6a:f5:84:4f:05:45:63:65:
ce:0c:4e:f6:14:62:b3:c2:3c:af:fa:72:29:f0:40:ed:d8:da:
9b:c1:54:23
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYdFgP/DY8iWkAcxca2d3ZkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDAzMDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgxYTVlNzBkNmJiZmZmNWJlYzNmOGFhYmM1OWM0MmZkMzY0MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlw4LzmMSWHzGxXfjY8AIjYYKDrP
o3O9gzT/KsFxH+fmn4NJIRrgQ3MiNS7VG3RrtwMY56jRSamJu9oOG2kEkUNkXwxy
Rb3F9Y0AaqBF3AdVbb5R6S9z1jBkNdojuMnIOYbxOveBxUTBxCiV7+N1ra41P3Tk
cmMZtwfA3slX1DtmX/8BPiX6Ed4lPXqSvnVQwchjFLU8WK1uHU9o5cOPVyelF73A
Z/9dih46MZTsFoqgTZyHKQJh+2hvRodynMFL1ESagcQbxmwRQvdPMpgHmMYxhAK6
lecs6RqCDPAndSjI74T70KIfmqAsrxIb70CRRXt5XpA6MAIu38HubWmkDwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJaBpecNa7//W+w/iqvFnEL9NkLjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbG9HbDV3MXJ2XzliN0QtS3E4V2NRdjAyUXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAt
gOkDBAAtlekDBAAtl1kDBABSc9EDBABUNjEDBAFXeEADBAFXeXwDBABXedwDBAFc
d8QDBABeZ30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAKsWEwME
AqsWSAMEAbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEALndQAMEAMEZ2QME
AMIxVzANBgkqhkiG9w0BAQsFAAOCAQEAm82DC3ii8dYScw3TDT5ai3NBjaMtW8Wx
Oi3iYS8ISzFsMn2J9994dnfrCFBS+q5zzr1jasYfI8GIB7pSs84mzp0HZjlCY37L
G03EHotr/ANZD9gw/nwojQtdzW0idsHUfeYQ50vCuYFGD6RPciAU1PNSbk7KFc2L
Q5diiPnsfeW7XxnBhHmFA6SgXOqqduW/y9wzZDnE/KbLFe4dEpLrMOqJtoHRt4dX
xmy8eDL6HPU8G4y91mxwsmBw40VtF+7VRAm/CjKMBl3RqNUfv+2focMmZ0yBmZew
Q6meLYkSUyfAkWr1hE8FRWNlzgxO9hRis8I8r/pyKfBA7djam8FUIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org