Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/raJZvUVArP6MRn3-9ZN8YCGdDdk.roa
File: raJZvUVArP6MRn3-9ZN8YCGdDdk.roa (raw, json)
Hash identifier: CW2ZRf3h8XYQXJTFjmuoRINIgysPxVisQCCZg6iuTjg=
Subject key identifier: AD:A2:59:BD:45:40:AC:FE:8C:46:7D:FE:F5:93:7C:60:21:9D:0D:D9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01870478A33E0C3CCFC268035FA470849441
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/raJZvUVArP6MRn3-9ZN8YCGdDdk.roa
Signing time: Tue 21 Mar 2023 14:00:27 +0000
ROA not before: Tue 21 Mar 2023 14:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:78:a3:3e:0c:3c:cf:c2:68:03:5f:a4:70:84:94:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 21 14:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ada259bd4540acfe8c467dfef5937c60219d0dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d8:08:5d:9d:0a:d3:c0:31:9a:24:f5:0d:4e:
a3:ec:53:cd:61:d3:91:1e:34:ba:51:f8:5f:bc:61:
8e:c3:be:30:74:a9:e6:ae:5e:65:2d:bb:1a:c9:fb:
07:1c:5c:f2:03:7a:63:86:d7:57:46:1a:58:bb:a1:
ae:73:49:49:e4:61:39:5c:2f:be:bf:d3:4e:39:39:
0e:37:4b:8e:84:bd:23:3e:61:b3:16:80:34:a1:e3:
f7:4e:06:d0:76:9a:de:ae:0a:09:44:dd:21:c8:06:
4b:94:26:1d:f5:3b:6b:09:c2:76:31:ae:58:59:12:
1a:16:2f:bf:24:f2:b4:02:6c:6e:e7:83:9b:9e:b4:
98:77:1f:8a:41:89:82:1e:b2:2c:ce:b7:19:d6:d3:
29:3a:a0:7a:36:ab:bc:85:e0:92:76:24:81:38:82:
2f:1d:f1:c7:d9:23:18:b5:51:3d:0d:62:b3:dc:d6:
08:9f:5a:06:75:eb:75:70:3f:bd:55:88:02:55:b7:
a9:50:c9:1e:0e:e8:45:bf:f6:d2:28:25:bd:d5:09:
34:f1:fd:22:72:f1:a2:4e:c9:c0:3a:00:14:0b:2a:
2d:6d:44:75:7f:f0:25:30:4e:74:f5:93:e8:fc:dd:
0f:df:66:44:66:05:c6:36:d1:a3:d2:d4:c1:ec:47:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A2:59:BD:45:40:AC:FE:8C:46:7D:FE:F5:93:7C:60:21:9D:0D:D9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/raJZvUVArP6MRn3-9ZN8YCGdDdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
84.54.49.0/24
87.120.64.0/23
87.121.124.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
164.40.185.0/24
171.22.19.0/24
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
51:4b:bd:32:80:64:0b:07:9b:85:31:bb:22:73:29:f6:8d:7c:
7a:23:b4:f7:c4:a9:2c:9d:73:81:81:9f:0d:b4:24:95:8e:6d:
c6:c2:77:49:b9:e7:fc:9e:9b:d7:7c:b1:ac:fb:c7:93:11:11:
81:75:b3:e1:26:cd:cc:90:c5:90:6a:c5:66:49:5e:ac:67:29:
8a:94:a7:66:c0:e7:52:08:2c:47:cf:77:32:86:d8:76:69:28:
58:82:1b:f7:ae:71:57:c0:ec:1e:3d:09:f5:5e:76:70:0f:2c:
87:d1:dc:84:33:3b:a8:21:a3:26:3f:40:6f:84:83:4a:64:ba:
57:aa:7c:1c:8e:22:18:88:35:ef:1c:13:0a:76:3b:ac:93:f2:
b3:16:3c:94:45:34:8a:e8:38:52:ec:84:19:18:3d:7e:e7:31:
bf:6e:5e:b2:5e:42:17:e8:98:f1:95:f0:28:a1:20:a9:2a:db:
97:a3:76:91:3d:0b:48:76:58:2b:6c:0e:f5:56:76:78:50:4f:
50:af:6a:ff:4e:c3:2f:a8:c0:24:10:1c:e3:aa:18:91:28:43:
aa:d9:ec:a7:5d:7a:0b:99:41:f2:76:5a:79:d3:35:90:a2:9b:
12:f9:2e:1c:b1:18:96:34:3e:32:92:1f:b1:ec:d1:98:37:38:
8b:6d:34:39
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYcEeKM+DDzPwmgDX6RwhJRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzIxMTQwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGEyNTliZDQ1NDBhY2ZlOGM0NjdkZmVmNTkzN2M2MDIxOWQwZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNgIXZ0K08AxmiT1DU6j7FPNYdOR
HjS6UfhfvGGOw74wdKnmrl5lLbsayfsHHFzyA3pjhtdXRhpYu6Guc0lJ5GE5XC++
v9NOOTkON0uOhL0jPmGzFoA0oeP3TgbQdprergoJRN0hyAZLlCYd9TtrCcJ2Ma5Y
WRIaFi+/JPK0Amxu54ObnrSYdx+KQYmCHrIszrcZ1tMpOqB6Nqu8heCSdiSBOIIv
HfHH2SMYtVE9DWKz3NYIn1oGdet1cD+9VYgCVbepUMkeDuhFv/bSKCW91Qk08f0i
cvGiTsnAOgAUCyotbUR1f/AlME509ZPo/N0P32ZEZgXGNtGj0tTB7EeT8wIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFK2iWb1FQKz+jEZ9/vWTfGAhnQ3ZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcmFKWnZVVkFyUDZNUm4zLTlaTjhZQ0dkRGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAt
gOkDBAAtlekDBAAtl1kDBABUNjEDBAFXeEADBAFXeXwDBABXedwDBAFcd8QDBABe
Z30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAKQouQMEAKsWEwME
AqsWSAMEAbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEALn8sAMEAMIxVzAN
BgkqhkiG9w0BAQsFAAOCAQEAUUu9MoBkCwebhTG7InMp9o18eiO098SpLJ1zgYGf
DbQklY5txsJ3Sbnn/J6b13yxrPvHkxERgXWz4SbNzJDFkGrFZklerGcpipSnZsDn
UggsR893MobYdmkoWIIb965xV8DsHj0J9V52cA8sh9HchDM7qCGjJj9Ab4SDSmS6
V6p8HI4iGIg17xwTCnY7rJPysxY8lEU0iug4UuyEGRg9fucxv25esl5CF+iY8ZXw
KKEgqSrbl6N2kT0LSHZYK2wO9VZ2eFBPUK9q/07DL6jAJBAc46oYkShDqtnsp116
C5lB8nZaedM1kKKbEvkuHLEYljQ+MpIfsezRmDc4i200OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org