Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mO4Sg2DQ6NamwddBzjx4dp1y5lI.roa
File: mO4Sg2DQ6NamwddBzjx4dp1y5lI.roa (raw, json)
Hash identifier: 4/5SxbwuBX3KtvQZzz+cEwU9jNyV8MpnUpDPcvCCJug=
Subject key identifier: 98:EE:12:83:60:D0:E8:D6:A6:C1:D7:41:CE:3C:78:76:9D:72:E6:52
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C11009D12F4BAD1C5BC4A8F3A54B58166
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mO4Sg2DQ6NamwddBzjx4dp1y5lI.roa
Signing time: Mon 27 Nov 2023 13:38:21 +0000
ROA not before: Mon 27 Nov 2023 13:38:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:00:9d:12:f4:ba:d1:c5:bc:4a:8f:3a:54:b5:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 27 13:38:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98ee128360d0e8d6a6c1d741ce3c78769d72e652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e1:d7:5d:0b:be:b6:2f:1b:a5:cd:ca:03:c4:
d8:0a:29:38:43:fd:be:b0:9b:91:59:ba:ab:9d:7d:
5e:ce:80:86:3d:a3:cb:26:4e:4b:3f:fe:27:ea:e7:
bb:fc:ea:0e:44:9e:af:aa:09:2e:78:1a:95:65:11:
5b:a7:28:70:81:ac:a7:a2:bf:29:80:1f:72:a3:8d:
29:18:a8:dc:34:7e:11:30:4a:62:bc:a5:d6:bd:ba:
40:07:d0:8c:d7:a3:6a:60:14:bb:1d:9f:d7:a1:82:
83:a0:2e:68:4c:e7:1f:7e:08:eb:93:c5:5b:5a:33:
fd:a5:ee:90:07:8b:b0:a2:e4:a4:89:b9:45:d8:e8:
db:11:7a:3c:64:1a:55:6d:ce:be:12:40:2b:42:0a:
e7:86:c6:dd:5f:33:44:3c:f1:b2:9d:ea:ea:f0:92:
fd:1d:d9:98:90:71:11:e7:fd:11:1d:e6:18:ec:bb:
91:57:52:b7:aa:e7:d6:a0:4b:1a:6a:d5:e4:8b:b4:
2d:59:d6:84:f5:53:d5:70:96:45:70:2a:66:58:9b:
f5:d9:bc:4b:a4:1a:ac:81:eb:47:65:fd:31:91:d1:
c3:67:44:83:88:85:ae:c2:f3:bb:40:5f:c1:ea:58:
f5:2c:e8:7f:6b:c8:bc:e3:9f:e1:ca:75:30:04:c0:
cd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EE:12:83:60:D0:E8:D6:A6:C1:D7:41:CE:3C:78:76:9D:72:E6:52
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mO4Sg2DQ6NamwddBzjx4dp1y5lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.12.255.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/24
82.115.211.0/24
84.54.49.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.37.47.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
30:12:8a:bf:15:ac:d5:29:d4:d9:28:71:58:af:c9:98:06:6c:
d2:2c:73:55:f3:4f:62:5e:11:90:6f:84:25:b6:cc:ac:f1:07:
2c:22:b5:de:58:49:76:3d:de:b1:9d:50:b3:ab:af:ae:99:69:
8c:21:52:b2:90:eb:7a:72:76:d5:10:9b:e0:1d:df:15:95:9c:
86:f1:05:83:25:4d:bf:2b:40:4f:84:b7:57:5e:23:f5:61:e1:
c8:75:b1:7e:8e:bd:f7:26:2e:7b:fe:ed:18:c8:09:77:a7:bf:
5c:d0:0b:90:9c:6b:28:14:3f:04:2b:42:61:36:bd:80:56:9e:
22:b2:39:e1:2c:cf:54:4c:06:65:03:0e:7d:e7:f6:d8:21:61:
d3:14:a4:03:6a:e0:d3:0f:50:a4:88:eb:b7:75:94:53:bf:1a:
14:2f:3b:1b:93:b8:f6:83:40:e0:72:66:62:c5:25:4a:e4:a0:
87:87:ae:19:82:83:fc:dc:29:dc:a9:c9:ab:54:10:fa:d2:23:
a1:b2:0d:f0:9c:ce:6c:91:06:8d:3d:93:82:96:4d:c0:bf:19:
ce:c3:ce:05:92:7a:93:3a:c1:0d:53:82:af:5f:0f:b6:91:bc:
1e:34:e4:47:21:71:7e:60:82:80:ac:d7:bc:e8:c6:ce:e7:3e:
a0:4d:c8:ca
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYwRAJ0S9LrRxbxKjzpUtYFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI3MTMzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVlMTI4MzYwZDBlOGQ2YTZjMWQ3NDFjZTNjNzg3NjlkNzJlNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OHXXQu+ti8bpc3KA8TYCik4Q/2+
sJuRWbqrnX1ezoCGPaPLJk5LP/4n6ue7/OoORJ6vqgkueBqVZRFbpyhwgaynor8p
gB9yo40pGKjcNH4RMEpivKXWvbpAB9CM16NqYBS7HZ/XoYKDoC5oTOcffgjrk8Vb
WjP9pe6QB4uwouSkiblF2OjbEXo8ZBpVbc6+EkArQgrnhsbdXzNEPPGynerq8JL9
HdmYkHER5/0RHeYY7LuRV1K3qufWoEsaatXki7QtWdaE9VPVcJZFcCpmWJv12bxL
pBqsgetHZf0xkdHDZ0SDiIWuwvO7QF/B6lj1LOh/a8i845/hynUwBMDNxwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJjuEoNg0OjWpsHXQc48eHadcuZSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbU80U2cyRFE2TmFtd2RkQnpqeDRkcDF5NWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALQhdAwQA
LQz/AwQALULkAwQALZdaAwQAT24yAwQAUnPTAwQAVDYxAwQAV3lpAwQAXpywAwQA
ueKvAwQAwSUvAwQCwZUcAwQAwjFWAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAw
Eoq/FazVKdTZKHFYr8mYBmzSLHNV809iXhGQb4Qltsys8QcsIrXeWEl2Pd6xnVCz
q6+umWmMIVKykOt6cnbVEJvgHd8VlZyG8QWDJU2/K0BPhLdXXiP1YeHIdbF+jr33
Ji57/u0YyAl3p79c0AuQnGsoFD8EK0JhNr2AVp4isjnhLM9UTAZlAw595/bYIWHT
FKQDauDTD1CkiOu3dZRTvxoULzsbk7j2g0DgcmZixSVK5KCHh64ZgoP83Cncqcmr
VBD60iOhsg3wnM5skQaNPZOClk3AvxnOw84FknqTOsENU4KvXw+2kbweNORHIXF+
YIKArNe86MbO5z6gTcjK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:42 2024 by rpki-client on console-ams.rpki-client.org