Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tYyXrP0Ga-ER61Z6YuUqw61rrLw.roa
File: tYyXrP0Ga-ER61Z6YuUqw61rrLw.roa (raw, json)
Hash identifier: ExVkMZb30pLsGDDPlBEFNEOPQfWqLxFs3R9uvh7Oypo=
Subject key identifier: B5:8C:97:AC:FD:06:6B:E1:11:EB:56:7A:62:E5:2A:C3:AD:6B:AC:BC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8D1BFBBD980770409306E708952B53FF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tYyXrP0Ga-ER61Z6YuUqw61rrLw.roa
Signing time: Thu 21 Dec 2023 16:01:10 +0000
ROA not before: Thu 21 Dec 2023 16:01:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:1b:fb:bd:98:07:70:40:93:06:e7:08:95:2b:53:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 21 16:01:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b58c97acfd066be111eb567a62e52ac3ad6bacbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:1f:b3:68:ef:f4:3e:a2:40:2c:59:73:ec:
ed:cc:aa:9e:cc:d4:02:fb:c4:f8:37:e3:69:be:fb:
16:74:14:1e:24:bb:13:dc:ad:d3:72:cb:15:bb:5c:
c7:e5:fe:30:84:6c:51:48:c0:a9:96:84:b8:09:10:
bf:c5:5f:d0:99:0b:b0:ad:b4:92:d7:7f:c0:a6:05:
7d:59:05:8a:5b:43:2e:66:17:78:c3:ee:87:52:dc:
23:76:67:ac:bb:67:d0:96:fc:4a:57:d3:84:be:61:
91:de:8d:6d:c5:2c:10:f6:f9:39:35:f3:49:61:69:
2d:4b:f0:ff:18:62:90:32:7b:a2:1a:c3:9a:01:88:
42:c7:0f:cc:a9:69:83:c8:88:db:b7:f5:3a:a1:1b:
37:ee:e4:2c:f6:5e:49:56:a6:79:e5:22:e2:62:de:
e1:d2:3c:3f:58:36:8e:48:f4:e0:76:73:c4:72:5d:
db:76:09:e0:9f:53:88:a6:33:fb:0b:5e:31:7d:8f:
25:a1:00:55:9a:59:33:da:1a:f0:32:cf:55:b5:3a:
75:ac:f2:f5:cf:ec:76:8f:29:c0:24:5d:a3:d6:8c:
8a:d5:66:bc:f9:57:db:a3:7c:55:d6:e3:46:7c:28:
95:30:82:28:08:91:fa:d0:82:fe:b9:6a:fb:d9:93:
5d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8C:97:AC:FD:06:6B:E1:11:EB:56:7A:62:E5:2A:C3:AD:6B:AC:BC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tYyXrP0Ga-ER61Z6YuUqw61rrLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.12.255.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.37.47.0/24
193.149.28.0/22
194.49.86.0/24
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:62:1b:d9:11:22:04:76:ab:11:c8:e6:3b:eb:48:da:20:cb:
29:92:58:ef:e4:3f:d3:b3:64:64:5d:6a:cd:76:b6:c1:78:fb:
29:11:20:d2:85:c8:40:e2:f7:25:8a:b3:5b:20:80:a9:06:b9:
38:34:73:75:fc:60:4e:59:b7:23:dc:b2:45:69:bf:4b:c5:9a:
c9:2f:e0:ce:06:c1:a9:7d:6d:ad:9c:d2:c2:b5:ff:66:0a:45:
71:b0:6d:9b:db:ed:58:40:95:de:1d:54:71:da:fb:2b:b0:2b:
e4:db:62:55:f4:fb:03:1b:82:bd:62:ba:e8:f3:df:60:bf:2a:
1b:32:71:79:c0:5a:a1:1c:91:6d:3b:22:7f:33:87:b3:74:69:
60:05:8e:10:19:de:a9:f7:57:61:09:c1:8b:a6:fa:8f:4f:8b:
11:b3:a9:85:5c:38:6d:1d:dd:19:23:42:2b:aa:0f:83:5c:6b:
25:7d:e2:f3:fc:33:72:99:d6:e3:92:d8:ab:6e:62:24:99:6a:
0c:c1:7f:ed:e8:6f:79:a0:0f:65:0e:ed:25:28:26:ff:83:d8:
4c:84:80:1c:3d:ee:c0:3f:f6:3a:b1:ff:a3:ef:97:94:60:de:
eb:cc:dd:d7:5c:90:c5:0b:b2:af:7d:a8:cc:ad:bd:bd:95:62:
1e:43:2d:80
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYyNG/u9mAdwQJMG5wiVK1P/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMTYwMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThjOTdhY2ZkMDY2YmUxMTFlYjU2N2E2MmU1MmFjM2FkNmJhY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWUfs2jv9D6iQCxZc+ztzKqezNQC
+8T4N+NpvvsWdBQeJLsT3K3TcssVu1zH5f4whGxRSMCploS4CRC/xV/QmQuwrbSS
13/ApgV9WQWKW0MuZhd4w+6HUtwjdmesu2fQlvxKV9OEvmGR3o1txSwQ9vk5NfNJ
YWktS/D/GGKQMnuiGsOaAYhCxw/MqWmDyIjbt/U6oRs37uQs9l5JVqZ55SLiYt7h
0jw/WDaOSPTgdnPEcl3bdgngn1OIpjP7C14xfY8loQBVmlkz2hrwMs9VtTp1rPL1
z+x2jynAJF2j1oyK1Wa8+Vfbo3xV1uNGfCiVMIIoCJH60IL+uWr72ZNdYwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLWMl6z9BmvhEetWemLlKsOta6y8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdFl5WHJQMEdhLUVSNjFaNll1VXF3NjFyckx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhdAwQA
LQz/AwQALULkAwQALZdaAwQAT24yAwQAV3lpAwQAXpywAwQAueKvAwQAwSUvAwQC
wZUcAwQAwjFWAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQBPYhvZESIE
dqsRyOY760jaIMspkljv5D/Ts2RkXWrNdrbBePspESDShchA4vclirNbIICpBrk4
NHN1/GBOWbcj3LJFab9LxZrJL+DOBsGpfW2tnNLCtf9mCkVxsG2b2+1YQJXeHVRx
2vsrsCvk22JV9PsDG4K9Yrro899gvyobMnF5wFqhHJFtOyJ/M4ezdGlgBY4QGd6p
91dhCcGLpvqPT4sRs6mFXDhtHd0ZI0Irqg+DXGslfeLz/DNymdbjktirbmIkmWoM
wX/t6G95oA9lDu0lKCb/g9hMhIAcPe7AP/Y6sf+j75eUYN7rzN3XXJDFC7KvfajM
rb29lWIeQy2A
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org