Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vnTutXqgSYHlHXUQqaDi8pd1PuU.roa
File: vnTutXqgSYHlHXUQqaDi8pd1PuU.roa (raw, json)
Hash identifier: C243PHbMWs49ZUPY6kq1oZEoho/JpUol/vxWIWh9xPc=
Subject key identifier: BE:74:EE:B5:7A:A0:49:81:E5:1D:75:10:A9:A0:E2:F2:97:75:3E:E5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018810898B900E7C9488482FF721B3028CA4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vnTutXqgSYHlHXUQqaDi8pd1PuU.roa
Signing time: Fri 12 May 2023 15:17:09 +0000
ROA not before: Fri 12 May 2023 15:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:89:8b:90:0e:7c:94:88:48:2f:f7:21:b3:02:8c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 12 15:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be74eeb57aa04981e51d7510a9a0e2f297753ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:80:23:a8:d8:9c:3a:7e:f3:00:b4:a9:b8:58:
02:7d:e2:bb:03:bf:d0:2f:5a:fb:cb:8e:42:4f:21:
dc:d8:b5:c8:56:5c:bc:47:f9:d6:bf:60:c7:5b:24:
69:1f:1d:42:24:8d:71:8e:15:89:b9:c2:76:03:d4:
40:d0:49:93:96:24:67:0e:b1:47:97:d5:0a:32:de:
8f:78:c7:82:7e:d3:5f:51:fd:83:a3:f9:99:db:d9:
fe:b6:c3:24:7e:bc:c7:3a:9f:4b:aa:b5:e6:73:2d:
97:c0:03:1b:c5:d3:70:46:f6:b1:6b:5f:2a:47:9c:
02:86:88:c2:80:03:c5:e2:f3:9b:50:8f:4d:bf:2b:
30:2f:df:5a:64:b9:24:2f:1a:4b:88:34:de:b3:d8:
b4:fb:8b:d8:94:04:38:18:a3:c2:c3:fd:fa:53:76:
27:46:ff:71:af:90:f5:88:10:37:d5:c4:29:30:28:
24:9f:0c:49:50:bd:c0:14:f9:f1:9d:37:86:cd:66:
61:61:bd:55:e1:44:7c:7c:5a:d6:6f:0b:bd:50:65:
23:03:a0:09:cd:6a:bb:1d:b4:32:e5:2c:80:20:95:
7a:0b:97:56:a4:7f:74:d4:b5:25:21:5e:33:2f:59:
af:09:8b:39:30:88:52:bc:cf:22:5a:a4:37:ce:80:
a7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:74:EE:B5:7A:A0:49:81:E5:1D:75:10:A9:A0:E2:F2:97:75:3E:E5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vnTutXqgSYHlHXUQqaDi8pd1PuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
Signature Algorithm: sha256WithRSAEncryption
50:65:fe:4a:9e:13:49:58:44:d4:4a:ff:4f:e9:14:e3:1c:c6:
57:b5:cc:4c:5d:fc:13:a1:81:65:db:ea:1d:b7:fa:8c:9d:97:
ed:2b:05:4a:44:81:79:5b:16:c8:0d:23:30:4d:88:de:fe:bb:
54:09:af:08:3d:c0:9c:55:0d:2e:8d:89:ed:a2:7f:71:19:d0:
2a:5f:6d:8d:87:41:e3:5b:10:c5:2a:0b:16:58:5a:82:07:86:
d2:86:a7:e5:f0:e3:fd:01:9c:ce:7c:68:3d:72:38:d7:4e:2d:
06:60:44:c0:9f:07:04:c9:26:02:58:35:13:c5:24:61:ea:e0:
1e:bb:f6:a5:ec:39:c8:9a:89:44:95:76:1b:13:fa:af:1d:32:
e8:c3:47:27:9e:c9:70:23:9c:9a:34:9e:66:01:89:c6:4f:2c:
88:2a:2f:b7:f2:34:6a:a9:34:59:95:d6:4e:7a:a1:4a:a9:37:
60:c5:35:f7:15:14:0f:48:58:b9:d8:16:04:60:4c:9e:c1:a8:
75:0e:d0:a0:4c:df:28:a1:a5:59:af:f5:05:31:fe:81:36:c2:
a9:93:31:e9:8c:24:d1:be:5f:86:88:d3:a2:b4:05:26:7b:a4:
5d:71:e1:ec:aa:30:3a:d9:82:72:5d:ad:f7:2c:08:93:f3:d2:
02:ee:80:72
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYgQiYuQDnyUiEgv9yGzAoykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTEyMTUxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc0ZWViNTdhYTA0OTgxZTUxZDc1MTBhOWEwZTJmMjk3NzUzZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYAjqNicOn7zALSpuFgCfeK7A7/Q
L1r7y45CTyHc2LXIVly8R/nWv2DHWyRpHx1CJI1xjhWJucJ2A9RA0EmTliRnDrFH
l9UKMt6PeMeCftNfUf2Do/mZ29n+tsMkfrzHOp9LqrXmcy2XwAMbxdNwRvaxa18q
R5wChojCgAPF4vObUI9NvyswL99aZLkkLxpLiDTes9i0+4vYlAQ4GKPCw/36U3Yn
Rv9xr5D1iBA31cQpMCgknwxJUL3AFPnxnTeGzWZhYb1V4UR8fFrWbwu9UGUjA6AJ
zWq7HbQy5SyAIJV6C5dWpH901LUlIV4zL1mvCYs5MIhSvM8iWqQ3zoCnKwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFL507rV6oEmB5R11EKmg4vKXdT7lMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdm5UdXRYcWdTWUhsSFhVUXFhRGk4cGQxUHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBAGTTmQDBAKrFkgDBACy1+wDBAK52FQD
BAK52lQDBAC52okDBAC5234wDQYJKoZIhvcNAQELBQADggEBAFBl/kqeE0lYRNRK
/0/pFOMcxle1zExd/BOhgWXb6h23+oydl+0rBUpEgXlbFsgNIzBNiN7+u1QJrwg9
wJxVDS6Nie2if3EZ0CpfbY2HQeNbEMUqCxZYWoIHhtKGp+Xw4/0BnM58aD1yONdO
LQZgRMCfBwTJJgJYNRPFJGHq4B679qXsOciaiUSVdhsT+q8dMujDRyeeyXAjnJo0
nmYBicZPLIgqL7fyNGqpNFmV1k56oUqpN2DFNfcVFA9IWLnYFgRgTJ7BqHUO0KBM
3yihpVmv9QUx/oE2wqmTMemMJNG+X4aI06K0BSZ7pF1x4eyqMDrZgnJdrfcsCJPz
0gLugHI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:21 2024 by rpki-client on console-fra.rpki-client.org