Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qaSSHDrvlfnKYG4r3JzNPZvqv84.roa
File: qaSSHDrvlfnKYG4r3JzNPZvqv84.roa (raw, json)
Hash identifier: lXf2/C53s2Dk5Ht9znTJARtuhz92i2hOxhsVx62mq/8=
Subject key identifier: A9:A4:92:1C:3A:EF:95:F9:CA:60:6E:2B:DC:9C:CD:3D:9B:EA:BF:CE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EC2EF656E05240D34A4C82068EA3E1FBD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qaSSHDrvlfnKYG4r3JzNPZvqv84.roa
Signing time: Tue 09 Apr 2024 12:57:32 +0000
ROA not before: Tue 09 Apr 2024 12:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
94.156.75.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:ef:65:6e:05:24:0d:34:a4:c8:20:68:ea:3e:1f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 9 12:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9a4921c3aef95f9ca606e2bdc9ccd3d9beabfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e1:20:98:24:7a:26:f2:e7:59:19:70:5d:9d:
74:39:4f:c1:1e:12:67:94:12:65:7f:20:63:4c:79:
91:d5:b6:66:95:10:a5:88:97:90:c8:c3:bc:59:a4:
e3:c6:f0:24:41:e0:67:c1:b0:39:4e:5c:a6:a8:d2:
e0:eb:dd:54:40:3e:01:bd:e8:fe:0d:fe:cd:b0:db:
88:34:1d:6e:fe:5f:5f:6e:62:3c:d3:45:ac:47:ca:
5a:86:0a:e3:2d:ec:03:0e:72:59:e6:cd:bf:9d:af:
8c:67:63:69:93:f6:3a:34:bc:52:09:04:fa:0e:87:
3f:d0:6e:70:51:d1:12:f8:a0:ae:44:e6:10:88:26:
58:d0:22:bd:79:0e:ac:8d:51:7c:85:bb:33:81:4d:
c3:a3:84:56:23:67:a6:05:34:8a:a5:62:b4:3b:2b:
d0:1d:c7:34:53:5d:32:a8:4d:b5:d2:13:1f:8d:6d:
4c:3a:3f:36:0d:e1:fb:83:84:b0:9d:26:c9:5f:fb:
a5:e8:f4:d9:a4:8b:4d:83:c7:46:84:a9:5c:6a:95:
97:93:2b:58:39:a0:f3:b8:f8:d8:82:be:5d:50:74:
00:19:0d:79:3f:b4:94:96:f2:31:6a:1b:61:a2:c3:
44:00:4a:3d:3f:74:21:c2:a0:2a:e7:3e:40:92:92:
4f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A4:92:1C:3A:EF:95:F9:CA:60:6E:2B:DC:9C:CD:3D:9B:EA:BF:CE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qaSSHDrvlfnKYG4r3JzNPZvqv84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.88.64.0/24
79.110.51.0/24
83.219.97.0/24
87.120.166.0/24
92.119.198.0/24
94.154.162.0/24
94.156.75.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.161.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.55.187.0/24
194.55.225.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
58:26:f9:33:14:75:e7:db:4d:f9:59:4c:f1:7d:82:4f:66:16:
15:e7:d3:1a:0a:e7:5e:33:84:66:b5:74:d8:85:f9:fe:37:f1:
95:ac:ac:23:8a:3f:e3:01:d2:a8:b0:22:41:80:09:bc:9a:ea:
d4:0a:96:6f:31:e4:9c:36:b7:0d:af:a8:c3:80:f7:54:70:99:
1d:00:c7:ac:b6:fe:5e:f4:3d:e0:e7:1b:9d:17:4e:e2:27:af:
a6:c4:58:30:c7:57:0e:37:89:cb:e0:81:78:1f:6f:1a:b8:22:
a9:f4:8a:39:bb:04:10:ad:60:e6:87:10:ac:f6:c7:3d:e4:00:
1e:21:b8:33:74:a2:aa:c2:82:78:28:da:5c:f5:f5:b6:b8:7e:
79:cb:66:f7:31:c9:0d:64:4e:81:89:91:d3:de:16:b9:44:d9:
ea:f4:c7:34:00:a0:55:7a:1b:e0:1b:be:e9:af:db:8f:b2:6a:
65:26:0d:ab:dc:ca:dc:94:b8:20:6d:52:9c:2c:24:36:e3:9e:
ff:1c:df:b6:bb:34:ba:e3:65:fb:47:f9:94:82:58:c1:e2:a3:
ba:f7:6a:65:80:2e:46:13:93:00:c9:60:80:ea:a8:f2:68:34:
f3:9f:cf:70:89:48:27:33:73:f2:07:5f:9b:fa:f5:6d:c1:25:
4d:4c:88:68
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY7C72VuBSQNNKTIIGjqPh+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA5MTI1NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE0OTIxYzNhZWY5NWY5Y2E2MDZlMmJkYzljY2QzZDliZWFiZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeEgmCR6JvLnWRlwXZ10OU/BHhJn
lBJlfyBjTHmR1bZmlRCliJeQyMO8WaTjxvAkQeBnwbA5TlymqNLg691UQD4Bvej+
Df7NsNuINB1u/l9fbmI800WsR8pahgrjLewDDnJZ5s2/na+MZ2Npk/Y6NLxSCQT6
Doc/0G5wUdES+KCuROYQiCZY0CK9eQ6sjVF8hbszgU3Do4RWI2emBTSKpWK0OyvQ
Hcc0U10yqE210hMfjW1MOj82DeH7g4SwnSbJX/ul6PTZpItNg8dGhKlcapWXkytY
OaDzuPjYgr5dUHQAGQ15P7SUlvIxahthosNEAEo9P3QhwqAq5z5AkpJPAQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKmkkhw675X5ymBuK9yczT2b6r/OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcWFTU0hEcnZsZm5LWUc0cjNKek5QWnZxdjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAC
O/0DBAAtWEADBABPbjMDBABT22EDBABXeKYDBABcd8YDBABemqIDBABenEsDBABt
zu8DBACy1+EDBACy1+MDBACy1+wwDAMEALneoQMEALneogMEALn23wMEAMEZ2QME
AMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMI3uwMEAMI34QMEAMK0JjAN
BgkqhkiG9w0BAQsFAAOCAQEAWCb5MxR159tN+VlM8X2CT2YWFefTGgrnXjOEZrV0
2IX5/jfxlaysI4o/4wHSqLAiQYAJvJrq1AqWbzHknDa3Da+ow4D3VHCZHQDHrLb+
XvQ94OcbnRdO4ievpsRYMMdXDjeJy+CBeB9vGrgiqfSKObsEEK1g5ocQrPbHPeQA
HiG4M3SiqsKCeCjaXPX1trh+ectm9zHJDWROgYmR094WuUTZ6vTHNACgVXob4Bu+
6a/bj7JqZSYNq9zK3JS4IG1SnCwkNuOe/xzftrs0uuNl+0f5lIJYweKjuvdqZYAu
RhOTAMlggOqo8mg085/PcIlIJzNz8gdfm/r1bcElTUyIaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org