Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t65-f2oDL5RcMVvXYb1fTXvW0J0.roa
File: t65-f2oDL5RcMVvXYb1fTXvW0J0.roa (raw, json)
Hash identifier: 6/3tQgwCKDf2qBAGwxNATMsN6+qPC+5gd3bg3Zw3kH0=
Subject key identifier: B7:AE:7E:7F:6A:03:2F:94:5C:31:5B:D7:61:BD:5F:4D:7B:D6:D0:9D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187BC4F8A0F228896C10179B31799B2B6F5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t65-f2oDL5RcMVvXYb1fTXvW0J0.roa
Signing time: Wed 26 Apr 2023 06:45:41 +0000
ROA not before: Wed 26 Apr 2023 06:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:4f:8a:0f:22:88:96:c1:01:79:b3:17:99:b2:b6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 26 06:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ae7e7f6a032f945c315bd761bd5f4d7bd6d09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4c:ce:69:c3:19:79:a8:e2:0c:18:a7:d0:ee:
c2:27:f9:89:d3:c6:2f:59:68:2c:1d:3a:a4:6a:38:
4c:a0:a7:66:e4:06:9a:df:28:87:b4:d0:43:7c:5d:
de:86:0b:9e:d9:85:b2:d2:80:70:13:01:1f:84:fb:
73:ef:71:37:2b:36:ef:65:e9:0e:cd:2b:fa:6c:f6:
a8:e5:1a:b0:a0:c6:4c:70:43:c5:c5:8d:3f:b7:59:
f5:2f:da:5b:5f:8b:8b:81:33:51:f5:29:80:e0:2c:
4c:10:51:d3:45:84:f0:4b:b3:b9:1a:bc:6e:6d:1b:
a7:1e:32:96:81:ce:31:b3:72:6b:ae:66:98:82:df:
e0:22:d7:31:a7:12:4f:9b:57:08:e2:c0:e5:53:06:
14:f5:16:97:f1:7c:1e:4a:2b:c5:fb:df:74:b5:d3:
b9:68:e5:82:3e:87:69:46:b6:4d:3d:fc:12:02:13:
1e:81:9d:5f:4d:6c:c2:97:02:fb:9d:ec:70:af:18:
94:b7:2e:35:eb:94:98:b3:51:f4:73:36:2c:2e:2e:
bd:06:b6:55:9b:35:82:64:1e:19:09:0a:64:9b:b5:
eb:81:e3:c4:71:89:ed:8f:92:5b:af:f0:74:e7:aa:
09:87:72:1b:a7:2f:50:a2:69:43:bd:10:e2:cb:95:
4d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AE:7E:7F:6A:03:2F:94:5C:31:5B:D7:61:BD:5F:4D:7B:D6:D0:9D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t65-f2oDL5RcMVvXYb1fTXvW0J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d3:5d:fa:42:d3:0e:1d:cb:4a:2b:2a:e4:7c:ef:3a:a0:54:
bc:94:2c:30:7b:fa:05:51:89:a6:83:f5:db:55:13:9f:4f:36:
e9:ba:6c:52:61:03:98:4d:33:ab:54:4f:0c:aa:3c:bb:3c:58:
67:46:f1:a8:db:ae:0f:7e:38:f1:ce:16:cf:b0:db:8a:a5:fc:
39:a5:4b:50:7b:25:43:8c:3a:58:b9:cc:45:62:59:a9:ed:c7:
d7:eb:ba:13:fa:a3:7e:9b:5d:f0:86:63:49:eb:db:64:93:2e:
ac:36:e4:fc:1f:33:ef:9d:9e:5c:03:b3:be:eb:51:55:3a:f5:
15:c7:82:79:92:8e:63:cb:a8:ab:a3:1c:ff:77:85:76:e5:35:
0e:59:89:c0:0e:8e:8a:b1:02:99:0b:d3:6e:6b:5a:d2:5d:71:
ac:9e:18:ed:02:f3:2d:3b:e3:ee:89:32:57:e4:35:d1:06:67:
d9:66:e8:00:2a:8c:70:99:a1:0c:08:ad:37:2c:a0:4c:eb:03:
e3:62:04:26:16:06:e9:98:ef:03:a1:a7:d5:0d:80:9d:df:25:
b8:27:59:0d:ca:b5:29:10:cb:96:5f:39:3e:28:ba:38:d2:96:
70:e4:df:96:e4:e5:56:cb:9f:25:72:bf:e5:95:a8:d8:b2:1a:
41:f5:b0:b1
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYe8T4oPIoiWwQF5sxeZsrb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI2MDY0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FlN2U3ZjZhMDMyZjk0NWMzMTViZDc2MWJkNWY0ZDdiZDZkMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EzOacMZeajiDBin0O7CJ/mJ08Yv
WWgsHTqkajhMoKdm5Aaa3yiHtNBDfF3ehgue2YWy0oBwEwEfhPtz73E3KzbvZekO
zSv6bPao5RqwoMZMcEPFxY0/t1n1L9pbX4uLgTNR9SmA4CxMEFHTRYTwS7O5Grxu
bRunHjKWgc4xs3JrrmaYgt/gItcxpxJPm1cI4sDlUwYU9RaX8XweSivF+990tdO5
aOWCPodpRrZNPfwSAhMegZ1fTWzClwL7nexwrxiUty4165SYs1H0czYsLi69BrZV
mzWCZB4ZCQpkm7XrgePEcYntj5Jbr/B056oJh3Ibpy9QomlDvRDiy5VNWQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFLeufn9qAy+UXDFb12G9X0171tCdMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdDY1LWYyb0RMNVJjTVZ2WFliMWZUWHZXMEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALZdZAwQB
V3hAAwQAV3ncAwQBXHfEAwQAXmd+MAwDBABemqEDBAJemqADBABemqwDBAGTTmQD
BAKrFkgDBACy1+wDBAK52FQDBAK52lQDBAC52okDBAC5234DBAC59t8wDQYJKoZI
hvcNAQELBQADggEBAJzTXfpC0w4dy0orKuR87zqgVLyULDB7+gVRiaaD9dtVE59P
Num6bFJhA5hNM6tUTwyqPLs8WGdG8ajbrg9+OPHOFs+w24ql/DmlS1B7JUOMOli5
zEViWantx9fruhP6o36bXfCGY0nr22STLqw25PwfM++dnlwDs77rUVU69RXHgnmS
jmPLqKujHP93hXblNQ5ZicAOjoqxApkL025rWtJdcayeGO0C8y074+6JMlfkNdEG
Z9lm6AAqjHCZoQwIrTcsoEzrA+NiBCYWBumY7wOhp9UNgJ3fJbgnWQ3KtSkQy5Zf
OT4oujjSlnDk35bk5VbLnyVyv+WVqNiyGkH1sLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org