Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjN49KZxhPJpJo3y_f8SDad9OGk.roa
File: sjN49KZxhPJpJo3y_f8SDad9OGk.roa (raw, json)
Hash identifier: pb4QiDsQtK7FCpPlNJKkwMs5s2L3oCnhY9exDPxd1Uw=
Subject key identifier: B2:33:78:F4:A6:71:84:F2:69:26:8D:F2:FD:FF:12:0D:A7:7D:38:69
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B8B646D46BB3177B0DB927AB34234CEB1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjN49KZxhPJpJo3y_f8SDad9OGk.roa
Signing time: Wed 01 Nov 2023 14:58:16 +0000
ROA not before: Wed 01 Nov 2023 14:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
31.13.198.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:64:6d:46:bb:31:77:b0:db:92:7a:b3:42:34:ce:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 1 14:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b23378f4a67184f269268df2fdff120da77d3869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:83:23:5d:92:23:10:e1:9c:79:ac:3d:4c:77:
31:44:fe:e6:4f:96:53:1e:f5:6b:ce:fa:71:ac:a3:
d1:bd:bc:d2:2b:31:b1:7a:c8:9f:ff:84:9b:44:5b:
ad:a9:43:b2:07:88:33:f8:50:32:d5:e2:3d:b8:97:
4c:4a:34:7c:46:9d:07:ec:b4:da:39:fb:bd:c2:8b:
62:a2:5b:0d:70:75:60:2b:ab:ae:22:59:87:05:cf:
07:a4:f0:99:df:4e:f2:56:28:f7:b6:79:16:b1:ab:
49:f1:ed:f1:17:74:9d:6e:f8:a4:63:f9:d3:c0:5c:
e6:6d:f4:d0:f0:0f:17:a5:86:d6:bd:b6:a2:c9:dd:
50:ee:c5:45:c4:cc:52:f2:c5:45:ae:db:6e:4c:40:
7e:fd:71:4a:16:64:85:35:05:bd:52:f3:48:82:64:
5a:3a:27:14:a3:86:64:7e:2c:7c:4a:f1:4e:2c:ea:
9b:be:07:19:6b:5a:41:ff:6b:ed:68:57:ef:0c:cc:
b6:73:ef:f6:0a:73:97:ce:6b:4d:ec:7f:29:08:42:
0a:e1:c2:c4:2d:8b:b4:25:7f:bc:92:a8:39:bd:d9:
39:4c:fe:17:17:7b:a6:d5:66:18:5b:85:3f:9b:3b:
1c:9d:e3:28:2b:ff:2b:76:06:8b:d8:53:63:9b:c3:
71:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:33:78:F4:A6:71:84:F2:69:26:8D:F2:FD:FF:12:0D:A7:7D:38:69
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sjN49KZxhPJpJo3y_f8SDad9OGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.198.0/24
45.8.93.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a0:df:1e:c2:88:ed:f8:46:79:ed:59:63:eb:44:80:a1:70:
98:d4:eb:17:14:5e:f6:67:d8:06:83:95:39:96:bc:5c:f1:6f:
35:fa:e0:12:fa:83:06:9d:0c:51:47:1e:1d:42:37:64:59:dc:
66:0d:d9:b6:51:24:a9:23:3a:53:5c:b9:4b:ea:2e:a2:59:50:
18:ef:e9:17:48:88:52:09:9d:ae:a1:6a:79:17:54:32:5b:a6:
a7:a3:ca:90:3a:2b:ab:95:33:a0:ab:dc:f0:4c:47:fb:3b:97:
fa:39:89:8b:e4:98:9d:c7:dd:20:51:85:18:d9:51:07:0b:56:
83:c0:f6:84:02:20:07:74:10:dc:0f:49:89:c6:10:24:07:be:
1a:8b:5e:98:5d:17:46:cf:26:7c:b6:82:ce:97:f4:0e:88:69:
a3:8d:f8:4b:d6:44:f8:78:c7:9e:13:e7:72:ea:c1:ed:ea:d9:
e9:56:1b:4f:8c:ce:ac:1a:0a:31:31:ed:87:61:f5:98:8a:b8:
40:8d:20:da:65:b9:f7:93:bb:a4:f0:9d:ab:23:45:12:ab:a0:
17:1f:8b:37:c4:29:8c:13:de:bf:dc:99:e6:cc:50:03:02:c8:
e5:53:d6:46:53:77:df:4d:ce:e8:9a:e9:1b:b9:2a:85:94:00:
b1:13:f5:3c
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYuLZG1GuzF3sNuSerNCNM6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAxMTQ1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjMzNzhmNGE2NzE4NGYyNjkyNjhkZjJmZGZmMTIwZGE3N2QzODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIMjXZIjEOGceaw9THcxRP7mT5ZT
HvVrzvpxrKPRvbzSKzGxesif/4SbRFutqUOyB4gz+FAy1eI9uJdMSjR8Rp0H7LTa
Ofu9wotiolsNcHVgK6uuIlmHBc8HpPCZ307yVij3tnkWsatJ8e3xF3SdbvikY/nT
wFzmbfTQ8A8XpYbWvbaiyd1Q7sVFxMxS8sVFrttuTEB+/XFKFmSFNQW9UvNIgmRa
OicUo4Zkfix8SvFOLOqbvgcZa1pB/2vtaFfvDMy2c+/2CnOXzmtN7H8pCEIK4cLE
LYu0JX+8kqg5vdk5TP4XF3um1WYYW4U/mzscneMoK/8rdgaL2FNjm8NxSQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFLIzePSmcYTyaSaN8v3/Eg2nfThpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc2pONDlLWnhoUEpwSm8zeV9mOFNEYWQ5T0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAf
DcYDBAAtCF0DBAAtl1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABd
e3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZI
AwQAsH3/AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmu
AwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQCUoN8ewojt+EZ57Vlj60SAoXCY1OsX
FF72Z9gGg5U5lrxc8W81+uAS+oMGnQxRRx4dQjdkWdxmDdm2USSpIzpTXLlL6i6i
WVAY7+kXSIhSCZ2uoWp5F1QyW6ano8qQOiurlTOgq9zwTEf7O5f6OYmL5Jidx90g
UYUY2VEHC1aDwPaEAiAHdBDcD0mJxhAkB74ai16YXRdGzyZ8toLOl/QOiGmjjfhL
1kT4eMeeE+dy6sHt6tnpVhtPjM6sGgoxMe2HYfWYirhAjSDaZbn3k7uk8J2rI0US
q6AXH4s3xCmME96/3JnmzFADAsjlU9ZGU3ffTc7omukbuSqFlACxE/U8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org