Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/poJ8wK5egQqO_qF_R00Ngw9-Mlg.roa
File: poJ8wK5egQqO_qF_R00Ngw9-Mlg.roa (raw, json)
Hash identifier: Rne8WCud2rOFydiwUEBBXSXGXqiixHRQwFs8iF+2Bac=
Subject key identifier: A6:82:7C:C0:AE:5E:81:0A:8E:FE:A1:7F:47:4D:0D:83:0F:7E:32:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E413A5390FDAD7E28172814F61FB577E8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/poJ8wK5egQqO_qF_R00Ngw9-Mlg.roa
Signing time: Fri 15 Mar 2024 08:28:45 +0000
ROA not before: Fri 15 Mar 2024 08:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.129.86.0/23 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:3a:53:90:fd:ad:7e:28:17:28:14:f6:1f:b5:77:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 15 08:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6827cc0ae5e810a8efea17f474d0d830f7e3258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:ff:ae:46:b0:31:04:21:09:44:e9:b8:0d:
e3:5d:1e:57:94:02:63:47:df:5b:ec:96:60:85:18:
02:fa:85:9a:59:49:9f:3c:cf:fb:7c:52:61:d6:d6:
56:8b:4c:55:ef:c3:85:8b:4c:ed:4a:25:e2:c7:5f:
e0:51:73:e2:fa:a2:ec:a6:bb:9d:58:98:c1:c9:8e:
ce:a9:c3:a7:47:60:43:97:bd:b4:ed:7e:e2:55:e5:
38:ef:8c:0c:4c:3b:ce:95:47:e2:31:ca:b5:22:47:
63:5c:5d:76:b8:0e:22:26:84:e0:9c:a3:b9:63:e4:
7a:2b:79:6e:53:ba:ca:a3:14:b5:79:5d:4f:40:c3:
64:7e:4e:c4:06:08:c5:cd:18:40:0c:86:11:32:97:
91:cc:35:de:b4:74:c9:24:a8:91:4b:31:54:a0:cf:
b0:cf:9f:49:29:df:b0:dc:43:ea:71:b3:76:32:59:
22:ac:63:aa:2c:db:9e:19:e3:2f:53:5b:f7:a1:be:
ef:07:8a:df:22:b4:a1:4a:16:a9:62:c2:f6:0b:bb:
94:59:26:21:e8:02:e4:b8:d5:87:b7:91:6a:b4:bc:
7f:e5:09:8f:36:f8:55:01:af:61:d4:67:5a:d8:07:
c1:f3:24:f5:67:02:85:e9:19:02:bd:e2:cb:36:04:
d6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:82:7C:C0:AE:5E:81:0A:8E:FE:A1:7F:47:4D:0D:83:0F:7E:32:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/poJ8wK5egQqO_qF_R00Ngw9-Mlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.129.86.0/23
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.10.0/24
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.55.186.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ff:04:20:e0:ad:d6:54:8d:3e:fa:03:90:b2:a4:69:92:cd:
30:c3:66:77:d1:8e:72:a0:0f:08:5e:b8:df:96:35:c0:ba:b5:
f7:74:59:2d:5a:3f:36:f6:a3:24:28:31:2d:39:d4:76:bf:f7:
8d:3c:6f:b4:4f:de:4d:0a:20:a2:59:7d:79:48:6f:4d:3f:77:
98:d0:29:93:5c:b0:46:62:26:1c:57:19:43:7f:0a:c4:bb:c4:
a1:f5:77:93:e4:d8:88:73:3b:0f:3f:26:68:97:cf:0f:ce:23:
77:9f:1d:d4:3b:7c:ca:65:00:42:b3:22:0e:3d:a8:0a:23:75:
94:f6:bd:4e:02:b6:b0:1b:b4:06:64:1b:25:db:c4:6d:06:44:
1f:c1:33:f8:d3:d3:bf:06:7d:e1:53:f8:45:e1:e5:20:fd:61:
51:dd:5c:30:b2:2a:a2:a2:47:5a:62:6e:24:2c:17:8b:11:5e:
05:21:a9:ab:0e:a1:50:d1:43:a7:20:f3:56:33:b1:e2:c2:c6:
bb:44:dd:1e:b1:ac:f9:de:1a:35:9c:13:fd:b3:28:21:85:8d:
8e:fb:16:38:c8:e6:a8:8a:82:12:79:b2:b8:56:02:dc:be:7e:
a5:f2:7a:d6:f7:60:6c:5d:32:49:34:8d:52:d0:12:c4:a9:9e:
4a:13:77:58
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY5BOlOQ/a1+KBcoFPYftXfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE1MDgyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjgyN2NjMGFlNWU4MTBhOGVmZWExN2Y0NzRkMGQ4MzBmN2UzMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU7/rkawMQQhCUTpuA3jXR5XlAJj
R99b7JZghRgC+oWaWUmfPM/7fFJh1tZWi0xV78OFi0ztSiXix1/gUXPi+qLsprud
WJjByY7OqcOnR2BDl7207X7iVeU474wMTDvOlUfiMcq1IkdjXF12uA4iJoTgnKO5
Y+R6K3luU7rKoxS1eV1PQMNkfk7EBgjFzRhADIYRMpeRzDXetHTJJKiRSzFUoM+w
z59JKd+w3EPqcbN2MlkirGOqLNueGeMvU1v3ob7vB4rfIrShShapYsL2C7uUWSYh
6ALkuNWHt5FqtLx/5QmPNvhVAa9h1Gda2AfB8yT1ZwKF6RkCveLLNgTWtQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFKaCfMCuXoEKjv6hf0dNDYMPfjJYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcG9KOHdLNWVnUXFPX3FGX1IwME5ndzktTWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAC
O/8DBAEtgVYDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBABe
nAoDBAFenEgDBABenO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK5
2lQDBAC5/LADBAC5/iUDBADBJSkDBADCN7oDBADCN+AwDQYJKoZIhvcNAQELBQAD
ggEBAAr/BCDgrdZUjT76A5CypGmSzTDDZnfRjnKgDwheuN+WNcC6tfd0WS1aPzb2
oyQoMS051Ha/9408b7RP3k0KIKJZfXlIb00/d5jQKZNcsEZiJhxXGUN/CsS7xKH1
d5Pk2IhzOw8/JmiXzw/OI3efHdQ7fMplAEKzIg49qAojdZT2vU4CtrAbtAZkGyXb
xG0GRB/BM/jT078GfeFT+EXh5SD9YVHdXDCyKqKiR1pibiQsF4sRXgUhqasOoVDR
Q6cg81YzseLCxrtE3R6xrPneGjWcE/2zKCGFjY77FjjI5qiKghJ5srhWAty+fqXy
etb3YGxdMkk0jVLQEsSpnkoTd1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org