Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uWZUOK3ZHZOITPaalbsm9UhWc4M.roa
File: uWZUOK3ZHZOITPaalbsm9UhWc4M.roa (raw, json)
Hash identifier: jk+ZwWeUP2in10KxwKo7Ai5fDbqoNOaOPMi8Rs4Zu4I=
Subject key identifier: B9:66:54:38:AD:D9:1D:93:88:4C:F6:9A:95:BB:26:F5:48:56:73:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C0F960F2CF240AF5B7E7430500E5FAAD4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uWZUOK3ZHZOITPaalbsm9UhWc4M.roa
Signing time: Mon 27 Nov 2023 07:02:21 +0000
ROA not before: Mon 27 Nov 2023 07:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 45.9.156.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:96:0f:2c:f2:40:af:5b:7e:74:30:50:0e:5f:aa:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 27 07:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9665438add91d93884cf69a95bb26f548567383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:16:ef:e9:25:66:3b:7a:83:8e:1a:54:48:6c:
36:51:4e:d7:55:64:0f:a0:51:66:78:18:07:0e:46:
bb:ac:86:f6:1f:e1:c1:60:f4:f0:8f:f1:58:88:c9:
56:8e:b0:e2:80:5e:ec:ab:6e:b5:f9:7b:ba:3a:4e:
f4:8e:d2:2b:bf:40:75:31:e3:a4:b5:f7:a3:33:da:
e2:83:3d:04:fc:de:06:18:34:fb:92:63:3e:4b:6f:
18:43:82:3f:42:8d:36:2c:ad:93:0c:4a:31:83:9f:
b0:16:55:06:1c:81:07:31:41:08:84:27:a0:eb:0e:
d2:b1:27:ee:83:fd:41:59:27:d9:ce:2b:4a:c9:75:
22:57:a4:43:29:47:34:f6:9f:ac:96:bf:74:8a:e6:
d3:e9:0c:76:b7:89:4a:41:7e:fe:2d:a7:5a:51:15:
00:04:c9:7e:5b:d0:a0:9a:26:d5:9d:43:e6:3a:11:
e1:8a:4c:24:a8:95:6d:b0:ee:df:a3:2b:cf:f5:85:
f9:b7:16:91:73:de:a0:39:45:8e:11:c8:a9:da:75:
93:7f:ab:d8:8d:2a:05:2d:79:f8:6d:69:96:57:e7:
ee:07:83:bf:74:fd:a0:4a:67:02:d3:20:ae:58:b1:
80:76:d5:fb:9c:e9:6b:d7:08:0c:42:d6:20:30:32:
12:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:66:54:38:AD:D9:1D:93:88:4C:F6:9A:95:BB:26:F5:48:56:73:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uWZUOK3ZHZOITPaalbsm9UhWc4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
45.141.158.0/24
79.110.61.0/24
81.161.230.0/24
81.161.239.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
178.215.226.0/24
193.25.216.0/24
193.35.19.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a8:71:f8:ee:96:90:e7:7b:40:bf:88:87:5b:02:1f:48:d5:
14:dd:78:7d:18:89:ad:29:61:ae:72:90:6d:00:c5:20:85:b8:
05:c6:e6:97:b7:39:ad:5c:70:68:fd:f0:af:c6:ba:20:fc:65:
05:bd:96:2e:21:ff:cc:05:f0:3e:9b:c3:48:17:cd:d6:4c:d4:
4c:c9:a1:d4:e7:8b:99:f7:42:30:1b:36:80:cd:15:f4:7e:82:
cd:0f:8d:18:b8:17:06:4a:70:ae:31:62:f8:f6:33:b9:86:f2:
47:0b:cc:af:3d:13:ca:c4:45:8d:dd:19:70:82:d3:ed:e9:e5:
7f:f1:a1:2d:16:b6:ef:55:0e:61:95:28:a3:30:4a:89:f7:9a:
ee:b4:83:20:4f:f2:01:a6:1a:02:5d:97:64:67:5c:e8:40:c2:
37:17:78:e8:fb:44:32:37:13:50:1c:23:1e:81:33:63:b9:3a:
b6:f8:9e:a0:d6:a6:c5:7d:51:bc:82:96:02:25:e1:42:3d:b8:
26:35:93:78:5b:6d:4e:53:02:f6:4f:92:bc:ce:06:af:79:9b:
87:79:bb:98:9d:fa:06:90:4e:69:7c:41:67:12:33:34:f9:8d:
e1:be:64:37:da:8e:91:22:7a:87:1a:3d:f1:2c:43:b2:2f:1f:
4f:4a:2d:1b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYwPlg8s8kCvW350MFAOX6rUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI3MDcwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY2NTQzOGFkZDkxZDkzODg0Y2Y2OWE5NWJiMjZmNTQ4NTY3MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxbv6SVmO3qDjhpUSGw2UU7XVWQP
oFFmeBgHDka7rIb2H+HBYPTwj/FYiMlWjrDigF7sq261+Xu6Ok70jtIrv0B1MeOk
tfejM9rigz0E/N4GGDT7kmM+S28YQ4I/Qo02LK2TDEoxg5+wFlUGHIEHMUEIhCeg
6w7SsSfug/1BWSfZzitKyXUiV6RDKUc09p+slr90iubT6Qx2t4lKQX7+LadaURUA
BMl+W9CgmibVnUPmOhHhikwkqJVtsO7foyvP9YX5txaRc96gOUWOEcip2nWTf6vY
jSoFLXn4bWmWV+fuB4O/dP2gSmcC0yCuWLGAdtX7nOlr1wgMQtYgMDISFQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLlmVDit2R2TiEz2mpW7JvVIVnODMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdVdaVU9LM1pIWk9JVFBhYWxic205VWhXYzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAl
i4IDBAAtCZwDBAAtgVQDBAAtgVYDBAAti2gDBAAtjZ4DBABPbj0DBABRoeYDBABR
oe8DBABT22EDBAFXeXwDBABXeaIDBAJbyMADBABc+TADBABemqwDBABenPgDBABe
nPoDBAGTTmQwDAMEAKsWEQMEAKsWEgMEAKsWHwMEALLX4gMEAMEZ2AMEAMEjEwME
AMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAYahx+O6WkOd7QL+Ih1sCH0jVFN14fRiJ
rSlhrnKQbQDFIIW4Bcbml7c5rVxwaP3wr8a6IPxlBb2WLiH/zAXwPpvDSBfN1kzU
TMmh1OeLmfdCMBs2gM0V9H6CzQ+NGLgXBkpwrjFi+PYzuYbyRwvMrz0TysRFjd0Z
cILT7enlf/GhLRa271UOYZUoozBKifea7rSDIE/yAaYaAl2XZGdc6EDCNxd46PtE
MjcTUBwjHoEzY7k6tvieoNamxX1RvIKWAiXhQj24JjWTeFttTlMC9k+SvM4Gr3mb
h3m7mJ36BpBOaXxBZxIzNPmN4b5kN9qOkSJ6hxo98SxDsi8fT0otGw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:39:59 2025 by rpki-client