Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mHEfRz2hHxt8ngpNL88illHS2Rk.roa
File: mHEfRz2hHxt8ngpNL88illHS2Rk.roa (raw, json)
Hash identifier: uWyqUlsyWGcncajTU8oy6dZQ6g60McZNpGB4k5Je3Eo=
Subject key identifier: 98:71:1F:47:3D:A1:1F:1B:7C:9E:0A:4D:2F:CF:22:96:51:D2:D9:19
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018616F0E02E63D18D12004A46C29D0DAE42
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mHEfRz2hHxt8ngpNL88illHS2Rk.roa
Signing time: Fri 03 Feb 2023 11:02:10 +0000
ROA not before: Fri 03 Feb 2023 11:02:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 81.161.230.0/24 maxlen: 24
94.156.234.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:f0:e0:2e:63:d1:8d:12:00:4a:46:c2:9d:0d:ae:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 3 11:02:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98711f473da11f1b7c9e0a4d2fcf229651d2d919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d7:cc:a1:94:c0:02:df:20:90:33:ef:39:ec:
b0:91:42:47:df:11:1a:a8:de:ad:fb:ad:05:66:36:
b8:c4:ff:73:c6:84:3c:fd:b3:b0:1e:a8:39:a9:04:
ac:7c:83:a7:23:ca:01:c3:b7:f7:a8:88:0f:f5:ef:
bf:15:58:9a:9c:bf:74:33:6e:ff:87:a9:10:dc:9e:
6c:49:79:1d:a7:17:a8:f1:df:77:76:f2:62:07:52:
a0:5c:56:25:ff:30:a4:1c:cf:a3:15:6a:67:5d:c1:
cf:97:87:c4:a4:bc:a3:90:59:5c:9d:fa:bd:4e:37:
f2:38:f4:fa:59:92:fa:6c:d1:02:aa:a6:c6:14:8e:
35:74:03:f6:ff:61:9f:fd:2b:dc:03:a3:95:89:37:
92:da:82:ab:f0:a3:20:13:c9:ae:1f:f1:79:14:7f:
e9:a8:13:8c:89:09:65:be:2a:af:ba:b4:80:f9:8a:
11:4e:94:bb:88:f5:cc:88:b9:05:5e:12:6f:2e:38:
de:65:ec:31:11:ae:d6:c9:73:a5:1b:c8:1c:e3:9b:
99:94:de:6f:47:77:c3:6f:65:7e:76:92:33:2b:07:
13:68:ba:63:a7:3f:0a:bc:48:2c:42:72:f1:b3:7c:
86:a8:c0:b1:95:82:e5:19:31:07:1a:25:b0:2e:ab:
46:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:71:1F:47:3D:A1:1F:1B:7C:9E:0A:4D:2F:CF:22:96:51:D2:D9:19
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mHEfRz2hHxt8ngpNL88illHS2Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.84.91.0/24
45.88.64.0/24
45.129.84.0/24
45.129.86.0/24
81.161.230.0/24
94.154.162.0/24
94.156.160.0/24
94.156.234.0/24
178.215.226.0/24
185.222.160.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b4:13:8d:78:88:35:47:6e:6c:4c:a6:30:c0:ce:ca:22:ca:
2e:ec:58:22:95:99:58:02:3c:da:72:3e:35:b4:c5:a2:f8:c1:
f1:35:2a:7c:4f:8a:1a:63:ad:df:15:43:de:0e:cc:2b:30:62:
e8:0e:ea:ca:2d:f5:e5:e1:f7:6c:a8:a4:db:c7:d4:2f:41:2e:
b0:72:98:2d:84:be:28:b7:ac:ba:da:2b:b4:7b:d8:87:53:ae:
44:0d:36:b6:22:f6:53:d1:6c:29:d3:60:42:72:fb:d2:a1:01:
e3:1f:a4:8f:cb:f8:3a:2b:0f:a7:9d:e9:ea:2e:91:13:2c:14:
7d:ef:f5:07:00:af:a0:c9:df:a4:7b:0c:3f:37:26:93:11:43:
bc:2d:c4:51:2d:4b:7b:65:3b:67:fe:df:46:77:8c:da:dd:d1:
ce:1d:3a:cb:05:e5:14:6b:89:42:dc:83:79:55:b9:47:88:3b:
0b:4b:68:e9:33:da:32:a3:27:58:a4:b3:04:91:94:6f:3e:65:
42:d9:92:cb:c3:e9:13:19:57:5c:79:55:da:5b:5f:5c:49:ad:
05:0d:c6:ea:4c:1a:ef:c0:a8:d1:88:6e:c5:8a:26:41:d1:49:
88:ac:07:ea:79:b8:ea:a9:cd:c3:01:eb:27:d9:c9:24:86:01:
10:2c:10:d0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYYW8OAuY9GNEgBKRsKdDa5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjAzMTEwMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODcxMWY0NzNkYTExZjFiN2M5ZTBhNGQyZmNmMjI5NjUxZDJkOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdfMoZTAAt8gkDPvOeywkUJH3xEa
qN6t+60FZja4xP9zxoQ8/bOwHqg5qQSsfIOnI8oBw7f3qIgP9e+/FVianL90M27/
h6kQ3J5sSXkdpxeo8d93dvJiB1KgXFYl/zCkHM+jFWpnXcHPl4fEpLyjkFlcnfq9
TjfyOPT6WZL6bNECqqbGFI41dAP2/2Gf/SvcA6OViTeS2oKr8KMgE8muH/F5FH/p
qBOMiQllviqvurSA+YoRTpS7iPXMiLkFXhJvLjjeZewxEa7WyXOlG8gc45uZlN5v
R3fDb2V+dpIzKwcTaLpjpz8KvEgsQnLxs3yGqMCxlYLlGTEHGiWwLqtGewIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJhxH0c9oR8bfJ4KTS/PIpZR0tkZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbUhFZlJ6MmhIeHQ4bmdwTkw4OGlsbEhTMlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0JnAME
AC0M/wMEAC1C5AMEAC1UWwMEAC1YQAMEAC2BVAMEAC2BVgMEAFGh5gMEAF6aogME
AF6coAMEAF6c6gMEALLX4gMEALneoAMEAMEqIgMEAMEvPAMEAMEvPwMEAcI34AME
AMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAGrQTjXiINUdubEymMMDOyiLKLuxYIpWZ
WAI82nI+NbTFovjB8TUqfE+KGmOt3xVD3g7MKzBi6A7qyi315eH3bKik28fUL0Eu
sHKYLYS+KLesutortHvYh1OuRA02tiL2U9FsKdNgQnL70qEB4x+kj8v4OisPp53p
6i6REywUfe/1BwCvoMnfpHsMPzcmkxFDvC3EUS1Le2U7Z/7fRneM2t3Rzh06ywXl
FGuJQtyDeVW5R4g7C0to6TPaMqMnWKSzBJGUbz5lQtmSy8PpExlXXHlV2ltfXEmt
BQ3G6kwa78Co0YhuxYomQdFJiKwH6nm46qnNwwHrJ9nJJIYBECwQ0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org