Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOCGGVXYirq55le9hxURkt1N3OI.roa
File: xOCGGVXYirq55le9hxURkt1N3OI.roa (raw, json)
Hash identifier: t0ZukBfMcUpF+mhXGRCQSVp1JBNwLEyuq4fvJ05CemQ=
Subject key identifier: C4:E0:86:19:55:D8:8A:BA:B9:E6:57:BD:87:15:11:92:DD:4D:DC:E2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E564E7220E14478744567045BD8412638
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOCGGVXYirq55le9hxURkt1N3OI.roa
Signing time: Tue 19 Mar 2024 10:42:45 +0000
ROA not before: Tue 19 Mar 2024 10:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.129.86.0/23 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:4e:72:20:e1:44:78:74:45:67:04:5b:d8:41:26:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 19 10:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4e0861955d88abab9e657bd87151192dd4ddce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ca:69:7a:d4:d8:7d:1b:84:9a:01:cd:3a:66:
95:55:22:c0:63:f0:15:28:13:6e:bc:81:24:5c:98:
42:92:e2:9e:9d:96:e8:3d:80:77:50:be:49:6d:eb:
26:a7:1a:8f:ef:00:57:b4:a3:fa:c1:d8:34:a4:49:
5e:74:f8:1c:48:9f:40:5b:84:0c:6f:32:c5:25:a1:
52:a7:e6:3a:45:59:c6:ab:67:61:02:b3:ab:51:e0:
b4:ec:f8:28:a8:64:1a:6a:7a:11:82:18:c3:cf:df:
bb:e8:aa:c7:a2:41:f9:6a:6b:ed:82:f8:1a:55:d9:
d4:ab:11:cb:8c:51:74:f0:a1:73:0d:03:2d:a6:29:
ad:6a:3b:de:4c:c0:e8:33:c2:c7:94:88:67:1e:d8:
29:59:d3:8b:c4:5e:8d:82:8e:6c:11:b6:a9:61:75:
13:a0:b5:37:05:87:7a:d7:4b:22:35:8a:0d:7d:5b:
b9:98:48:d2:7d:90:38:31:2f:86:c0:b0:83:35:87:
3b:c2:0b:9d:2e:1a:4d:82:9f:7f:ab:0b:00:08:22:
2d:e2:ea:fd:8a:be:94:69:4e:dd:a9:6a:bc:9c:65:
47:72:7a:fb:7c:e2:fc:78:26:7f:98:ee:77:95:eb:
56:b7:94:29:1a:8b:c1:df:78:b2:bc:1e:fe:81:61:
90:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E0:86:19:55:D8:8A:BA:B9:E6:57:BD:87:15:11:92:DD:4D:DC:E2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xOCGGVXYirq55le9hxURkt1N3OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.129.86.0/23
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
185.254.37.0/24
193.35.19.0/24
193.37.41.0/24
194.55.186.0/24
194.55.224.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4d:49:db:bb:a6:d0:04:bc:16:13:9e:8a:d3:96:a8:b2:25:
cf:a4:66:87:80:a9:7c:e2:bc:28:ad:21:a2:e2:6e:8f:aa:f2:
7a:24:53:ba:bf:2d:4c:c5:72:4c:14:fc:1e:c0:15:ba:8c:67:
fe:81:b6:ab:36:e8:52:08:fe:a8:9a:2e:66:c7:62:36:ac:46:
f6:21:cd:32:07:31:61:30:ba:09:e9:12:1e:35:ae:c9:8e:cc:
3a:b2:24:df:39:4e:aa:7c:7b:f4:74:01:91:f8:a0:a3:75:fb:
c8:6c:a7:3b:e8:26:75:9b:c9:75:a3:04:ac:b3:04:59:dc:87:
f4:96:17:93:7c:85:fa:db:e0:f4:2b:c5:c4:9f:89:5c:d4:51:
21:17:95:56:b0:80:bc:31:3b:d9:f2:0e:94:7b:5f:38:d9:16:
03:59:6b:31:41:69:5f:49:f8:64:a8:8d:40:0a:71:d3:09:1d:
18:c0:a8:d8:2f:59:94:55:8f:2b:56:73:e8:49:a2:67:17:a2:
e0:ac:00:44:48:a1:c7:44:d3:5b:2d:d9:f7:71:99:2c:c1:a4:
3b:b8:42:9b:d3:cc:d7:46:a0:01:10:94:b7:2d:c3:6c:9b:47:
5c:e7:af:7e:9f:26:24:78:05:8c:73:63:f4:b7:25:7f:6b:de:
a7:b8:13:e1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY5WTnIg4UR4dEVnBFvYQSY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE5MTA0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGUwODYxOTU1ZDg4YWJhYjllNjU3YmQ4NzE1MTE5MmRkNGRkY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8ppetTYfRuEmgHNOmaVVSLAY/AV
KBNuvIEkXJhCkuKenZboPYB3UL5JbesmpxqP7wBXtKP6wdg0pEledPgcSJ9AW4QM
bzLFJaFSp+Y6RVnGq2dhArOrUeC07PgoqGQaanoRghjDz9+76KrHokH5amvtgvga
VdnUqxHLjFF08KFzDQMtpimtajveTMDoM8LHlIhnHtgpWdOLxF6Ngo5sEbapYXUT
oLU3BYd610siNYoNfVu5mEjSfZA4MS+GwLCDNYc7wgudLhpNgp9/qwsACCIt4ur9
ir6UaU7dqWq8nGVHcnr7fOL8eCZ/mO53letWt5QpGovB33iyvB7+gWGQ5QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMTghhlV2Iq6ueZXvYcVEZLdTdziMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveE9DR0dWWFlpcnE1NWxlOWh4VVJrdDFOM09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAC
O/8DBAEtgVYDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBAJemqADBAFe
nEgDBABenO8DBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQDBAK52lQDBAC5
/LADBAC5/iUDBADBIxMDBADBJSkDBADCN7oDBADCN+ADBADCqawwDQYJKoZIhvcN
AQELBQADggEBAAhNSdu7ptAEvBYTnorTlqiyJc+kZoeAqXzivCitIaLibo+q8nok
U7q/LUzFckwU/B7AFbqMZ/6Btqs26FII/qiaLmbHYjasRvYhzTIHMWEwugnpEh41
rsmOzDqyJN85Tqp8e/R0AZH4oKN1+8hspzvoJnWbyXWjBKyzBFnch/SWF5N8hfrb
4PQrxcSfiVzUUSEXlVawgLwxO9nyDpR7XzjZFgNZazFBaV9J+GSojUAKcdMJHRjA
qNgvWZRVjytWc+hJomcXouCsAERIocdE01st2fdxmSzBpDu4QpvTzNdGoAEQlLct
w2ybR1znr36fJiR4BYxzY/S3JX9r3qe4E+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:21 2024 by rpki-client on console-fra.rpki-client.org