Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rNy9Nwvl5p-d4J64_bLmY53W90g.roa
File: rNy9Nwvl5p-d4J64_bLmY53W90g.roa (raw, json)
Hash identifier: VgQP/T1ggfHR1iH71PZk0J9Ty5CioXF2eRaQ0Xmkqmg=
Subject key identifier: AC:DC:BD:37:0B:E5:E6:9F:9D:E0:9E:B8:FD:B2:E6:63:9D:D6:F7:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189DA083911A928555ED6B7D4519185C552
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rNy9Nwvl5p-d4J64_bLmY53W90g.roa
Signing time: Wed 09 Aug 2023 11:21:59 +0000
ROA not before: Wed 09 Aug 2023 11:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 91.92.21.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:08:39:11:a9:28:55:5e:d6:b7:d4:51:91:85:c5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 9 11:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acdcbd370be5e69f9de09eb8fdb2e6639dd6f748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:40:ae:81:57:ec:56:b7:63:af:ad:b9:dd:17:
ea:ae:14:88:2c:dd:b8:4c:dc:f5:c3:9b:a7:7e:cc:
b8:6d:99:68:f0:7a:3b:7d:8a:55:78:d2:ed:f8:66:
ef:fc:d0:d3:14:65:cf:f9:d0:b8:7a:99:4f:df:e7:
5e:99:2d:61:bb:ae:09:9b:68:5a:c7:94:99:fc:ef:
7d:3f:01:ab:98:35:c6:b2:be:87:27:62:c0:e7:5f:
e4:b5:68:c8:bd:96:6c:53:a3:db:f4:65:07:bb:7b:
7a:1f:06:20:61:d6:42:92:c0:5e:b9:99:2b:f5:68:
f3:f3:ec:e6:a7:75:cc:74:6d:d0:1c:9b:5c:e9:41:
b5:d4:11:14:e5:f9:e1:f2:0b:44:e1:3e:b0:df:c2:
8a:9a:4b:21:54:ce:a1:96:84:cc:a1:75:d2:77:e0:
91:c1:71:e9:56:6e:c5:c1:bb:84:68:15:2f:55:35:
0f:df:29:50:89:d6:0f:b5:ed:af:4c:0d:71:2e:e3:
e1:be:6c:ee:f2:39:e7:e0:0a:fb:1c:1f:00:2e:19:
bf:58:3f:21:7d:0e:13:0d:9e:f0:10:b8:c1:58:36:
26:3a:a4:1d:25:a9:e6:14:f4:82:e1:0c:5e:6a:f3:
20:9a:81:df:d2:8c:44:8a:e4:30:04:cd:f3:33:54:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DC:BD:37:0B:E5:E6:9F:9D:E0:9E:B8:FD:B2:E6:63:9D:D6:F7:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rNy9Nwvl5p-d4J64_bLmY53W90g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.128.99.0/24
79.110.50.0/24
83.143.113.0/24
85.209.132.0/24
85.217.145.0/24
91.92.21.0/24
93.123.85.0/24
94.156.176.0/24
176.125.252.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
39:6a:7d:9d:59:0d:72:cf:d0:ea:e3:d9:a1:be:2d:0a:21:17:
a3:5d:b2:1b:71:eb:93:5c:2b:3e:a4:19:29:99:c5:56:50:34:
06:42:b4:ce:07:8f:f7:6e:a3:ad:2b:ef:6b:11:33:42:cd:d0:
02:47:e8:d0:f1:88:86:f6:ce:d0:f8:00:5f:45:5e:07:f9:f3:
bb:9f:cd:9a:ec:d0:2a:da:85:35:3e:d9:05:c6:00:04:53:a8:
76:f4:7f:22:2d:91:56:4b:3b:75:52:83:ee:e2:70:e3:7a:90:
7a:b6:bb:39:a1:24:62:a7:06:73:6e:dc:02:1e:d1:a3:38:27:
75:69:25:0f:2f:56:f9:eb:97:7f:2d:09:88:3d:1d:68:67:d3:
7b:37:dc:65:27:26:db:a9:ff:b7:c7:0f:eb:91:22:19:70:52:
84:32:e4:bb:5c:b9:a5:10:91:8d:3f:62:ee:e5:78:87:42:fb:
c6:c3:c1:c5:d5:f4:44:e0:aa:89:d5:5a:f3:08:fa:70:f3:94:
df:e6:10:63:6b:0a:0b:9f:96:35:56:73:55:01:8f:c1:a6:d2:
9e:80:f1:0c:24:bb:06:93:6b:76:ca:6a:bc:3e:2f:b8:5d:d1:
8b:8f:98:10:e2:63:aa:02:90:63:aa:22:87:36:27:f0:7b:d7:
eb:9c:9a:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYnaCDkRqShVXta31FGRhcVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODA5MTEyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2RjYmQzNzBiZTVlNjlmOWRlMDllYjhmZGIyZTY2MzlkZDZmNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhECugVfsVrdjr6253RfqrhSILN24
TNz1w5unfsy4bZlo8Ho7fYpVeNLt+Gbv/NDTFGXP+dC4eplP3+demS1hu64Jm2ha
x5SZ/O99PwGrmDXGsr6HJ2LA51/ktWjIvZZsU6Pb9GUHu3t6HwYgYdZCksBeuZkr
9Wjz8+zmp3XMdG3QHJtc6UG11BEU5fnh8gtE4T6w38KKmkshVM6hloTMoXXSd+CR
wXHpVm7FwbuEaBUvVTUP3ylQidYPte2vTA1xLuPhvmzu8jnn4Ar7HB8ALhm/WD8h
fQ4TDZ7wELjBWDYmOqQdJanmFPSC4QxeavMgmoHf0oxEiuQwBM3zM1TEjQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKzcvTcL5eafneCeuP2y5mOd1vdIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvck55OU53dmw1cC1kNEo2NF9iTG1ZNTNXOTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQALVRaAwQA
LYBjAwQAT24yAwQAU49xAwQAVdGEAwQAVdmRAwQAW1wVAwQAXXtVAwQAXpywAwQA
sH38AwQAstftAwQAud6jAwQAwSoiAwQAwS88AwQAwS8/AwQAwjD5AwQAwjD7MA0G
CSqGSIb3DQEBCwUAA4IBAQA5an2dWQ1yz9Dq49mhvi0KIRejXbIbceuTXCs+pBkp
mcVWUDQGQrTOB4/3bqOtK+9rETNCzdACR+jQ8YiG9s7Q+ABfRV4H+fO7n82a7NAq
2oU1PtkFxgAEU6h29H8iLZFWSzt1UoPu4nDjepB6trs5oSRipwZzbtwCHtGjOCd1
aSUPL1b565d/LQmIPR1oZ9N7N9xlJybbqf+3xw/rkSIZcFKEMuS7XLmlEJGNP2Lu
5XiHQvvGw8HF1fRE4KqJ1VrzCPpw85Tf5hBjawoLn5Y1VnNVAY/BptKegPEMJLsG
k2t2ymq8Pi+4XdGLj5gQ4mOqApBjqiKHNifwe9frnJr/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org