Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSqNhrZRjCETiPQF_epMAGg9Ino.roa
File: rSqNhrZRjCETiPQF_epMAGg9Ino.roa (raw, json)
Hash identifier: 4uhQweCqBS9GPjSeoqMWdie2dxXgLizg911UVh4JKgs=
Subject key identifier: AD:2A:8D:86:B6:51:8C:21:13:88:F4:05:FD:EA:4C:00:68:3D:22:7A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EF536B1D3A78CE15F027CFA938B712A84
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSqNhrZRjCETiPQF_epMAGg9Ino.roa
Signing time: Fri 19 Apr 2024 07:16:26 +0000
ROA not before: Fri 19 Apr 2024 07:16:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
85.209.133.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.163.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:36:b1:d3:a7:8c:e1:5f:02:7c:fa:93:8b:71:2a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 07:16:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad2a8d86b6518c211388f405fdea4c00683d227a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:42:19:f6:13:69:ed:4d:95:ac:c5:17:c4:06:
d5:5c:db:8c:6d:17:b0:c4:93:6d:10:97:b7:6c:63:
7a:47:9a:29:87:d5:70:e5:64:43:7d:67:6c:f0:ea:
07:0e:56:97:63:75:e7:55:1e:6e:92:f9:22:04:cc:
6b:0f:2a:c3:08:99:8e:1d:fe:f2:fb:2c:58:0a:8f:
37:37:cc:72:08:e4:f7:f6:dd:15:42:90:47:74:9a:
f9:60:54:08:c9:8a:e4:da:7a:ca:46:42:9a:6d:ed:
f1:31:5f:54:41:9e:d0:9a:f9:bf:d5:21:b2:e0:d0:
1f:7f:5a:b9:62:95:01:4d:51:29:71:23:61:ec:48:
97:86:0b:b3:d9:3a:ab:dd:3a:2f:91:09:41:89:d7:
54:51:2d:4a:41:f5:1b:33:0e:32:4e:3c:82:26:a5:
47:ca:35:f6:70:ea:20:71:f4:95:4a:a1:b1:e2:9d:
31:a1:dd:1e:b5:b0:c2:8c:84:91:61:ad:e8:5c:3f:
d1:d3:6c:6c:73:5d:d9:63:5c:6e:41:d9:3c:e2:03:
42:60:a7:2d:0e:5b:11:b5:00:31:a6:9a:68:59:64:
b1:09:9a:63:d5:40:1d:a2:d3:8c:9a:39:f7:47:e6:
1e:14:3c:19:94:74:2a:93:d9:9c:cf:23:6e:7a:ec:
ae:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2A:8D:86:B6:51:8C:21:13:88:F4:05:FD:EA:4C:00:68:3D:22:7A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rSqNhrZRjCETiPQF_epMAGg9Ino.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.88.88.0/24
45.151.89.0/24
83.219.97.0/24
84.21.174.0/23
85.209.133.0/24
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
95.214.25.0-95.214.26.255
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
194.48.248.0/24
194.55.186.0/24
194.55.224.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
65:74:0f:1a:b2:2a:af:5d:b6:e0:3a:99:2b:a1:8c:82:78:08:
aa:b6:48:57:19:d6:31:75:4d:97:ef:41:1b:65:af:41:ae:e3:
24:29:62:4a:b3:6d:42:59:ff:f3:8f:3f:6a:0e:13:92:32:06:
5f:9a:04:d7:79:6a:d8:d8:d3:09:0e:ac:da:94:d6:8f:d5:87:
0b:77:e2:7f:9b:31:b0:92:f9:4c:63:c6:8f:6c:ff:6e:e1:5d:
1f:ec:61:7e:41:33:5c:c2:fc:08:14:4d:0e:bd:5e:6d:ff:5a:
79:46:de:c2:25:5e:4d:95:9a:b1:a1:84:a9:c1:a9:11:48:f2:
c4:92:d0:b0:ed:11:c9:1a:59:ea:cb:e0:a6:09:5a:a8:2e:e9:
aa:8a:4f:97:8d:9a:27:d6:1b:d8:90:67:85:a2:af:9e:05:ca:
1d:08:57:71:b7:6e:a4:ac:6d:fb:58:ab:ce:f8:0d:7d:18:da:
9b:5f:42:79:16:03:cf:d4:9d:c5:b4:bd:0f:dc:1d:60:28:15:
b8:70:aa:51:9f:37:5d:98:d5:ae:53:38:77:e7:e2:65:9b:15:
84:d8:a1:4c:a9:75:d4:5c:d6:82:b5:5d:1c:3c:70:c3:6e:07:
b3:ac:78:56:ec:e5:e9:e3:ed:48:ff:6f:73:51:5a:68:a0:8b:
88:a7:af:a7
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAY71NrHTp4zhXwJ8+pOLcSqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDE5MDcxNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDJhOGQ4NmI2NTE4YzIxMTM4OGY0MDVmZGVhNGMwMDY4M2QyMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkIZ9hNp7U2VrMUXxAbVXNuMbRew
xJNtEJe3bGN6R5oph9Vw5WRDfWds8OoHDlaXY3XnVR5ukvkiBMxrDyrDCJmOHf7y
+yxYCo83N8xyCOT39t0VQpBHdJr5YFQIyYrk2nrKRkKabe3xMV9UQZ7Qmvm/1SGy
4NAff1q5YpUBTVEpcSNh7EiXhguz2Tqr3TovkQlBiddUUS1KQfUbMw4yTjyCJqVH
yjX2cOogcfSVSqGx4p0xod0etbDCjISRYa3oXD/R02xsc13ZY1xuQdk84gNCYKct
DlsRtQAxpppoWWSxCZpj1UAdotOMmjn3R+YeFDwZlHQqk9mczyNueuyuGQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFK0qjYa2UYwhE4j0Bf3qTABoPSJ6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvclNxTmhyWlJqQ0VUaVBRRl9lcE1BR2c5SW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAt
CZwDBAAtWFgDBAAtl1kDBABT22EDBAFUFa4DBABV0YUDBABXeFcDBABXeS0DBAFX
eVYDBABXed0DBAFcd8QDBAJemqADBAFenEgDBABenO8wDAMEAF/WGQMEAF/WGgME
AJNOZgMEAqsWSAMEALLX4AMEALLX7AMEArnYVAMEArnaVAMEAcEqIAMEAMIw+AME
AMI3ugMEAMI34AMEAMI7HzANBgkqhkiG9w0BAQsFAAOCAQEAZXQPGrIqr1224DqZ
K6GMgngIqrZIVxnWMXVNl+9BG2WvQa7jJCliSrNtQln/848/ag4TkjIGX5oE13lq
2NjTCQ6s2pTWj9WHC3fif5sxsJL5TGPGj2z/buFdH+xhfkEzXML8CBRNDr1ebf9a
eUbewiVeTZWasaGEqcGpEUjyxJLQsO0RyRpZ6svgpglaqC7pqopPl42aJ9Yb2JBn
haKvngXKHQhXcbdupKxt+1irzvgNfRjam19CeRYDz9SdxbS9D9wdYCgVuHCqUZ83
XZjVrlM4d+fiZZsVhNihTKl11FzWgrVdHDxww24Hs6x4Vuzl6ePtSP9vc1FaaKCL
iKevpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org