Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yezOkQtEJ7KnuAVrckgMCrjolXE.roa
File: yezOkQtEJ7KnuAVrckgMCrjolXE.roa (raw, json)
Hash identifier: tZany32z8a6ITvq31M+GgV24juPwQ80yfxh+IFiizfM=
Subject key identifier: C9:EC:CE:91:0B:44:27:B2:A7:B8:05:6B:72:48:0C:0A:B8:E8:95:71
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A4021EEE1A5818349C8C077E9608FC3A7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yezOkQtEJ7KnuAVrckgMCrjolXE.roa
Signing time: Tue 29 Aug 2023 07:11:20 +0000
ROA not before: Tue 29 Aug 2023 07:11:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:21:ee:e1:a5:81:83:49:c8:c0:77:e9:60:8f:c3:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 29 07:11:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9ecce910b4427b2a7b8056b72480c0ab8e89571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:dd:65:96:8d:0e:98:37:09:36:e5:44:3e:d0:
a3:a0:ab:52:ed:0b:c8:aa:25:aa:2d:99:e2:7f:7b:
bf:cb:32:b3:6d:bf:12:a7:5b:07:13:1c:ee:96:30:
41:c2:b1:89:58:65:1b:7c:23:69:ac:ed:f2:b3:11:
15:36:52:49:f6:4b:f3:4e:b8:e3:be:50:86:ef:a0:
9b:8b:f0:af:43:3d:aa:ff:95:31:8f:dd:1a:d3:38:
9f:61:cd:b2:8e:03:a2:6d:80:10:1f:51:7b:b2:fd:
d3:ab:0b:f8:06:3f:cf:60:b8:36:8b:22:d5:f2:9a:
c5:9b:00:f0:c6:3f:74:bd:cb:eb:cb:48:87:08:4e:
f0:3f:ec:48:14:51:8c:6f:d4:ac:f8:d6:5e:da:6e:
11:61:36:77:44:c2:50:49:5e:a4:c4:34:79:7c:9d:
00:37:30:77:5a:cd:94:e6:51:7b:68:2d:d7:fd:e4:
b5:56:5b:11:bd:99:ad:e8:42:a6:00:6b:09:7d:88:
64:49:40:62:71:de:0e:e0:ef:b8:f0:3d:b4:c2:74:
11:3a:a2:5f:96:36:d4:77:ae:03:76:9a:fa:c9:a5:
fe:3c:c0:ab:37:9e:83:98:d4:75:4f:27:6d:7e:d3:
4b:68:b1:02:a9:6f:26:6c:79:06:28:9d:7a:1d:df:
9b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EC:CE:91:0B:44:27:B2:A7:B8:05:6B:72:48:0C:0A:B8:E8:95:71
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yezOkQtEJ7KnuAVrckgMCrjolXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.87.0/24
87.121.59.0/24
91.92.24.0/23
93.123.116.0/24
94.154.163.0/24
176.125.255.0/24
193.149.28.0/22
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:db:12:db:98:04:39:15:2a:7e:71:0b:19:60:f7:88:fd:83:
b0:da:1b:68:d2:11:99:7f:3b:0b:d9:53:b5:b7:0f:ee:63:e2:
19:2d:fb:d4:c7:f1:af:63:03:9d:e1:de:79:35:3a:c5:5d:60:
7c:7e:c7:0c:7a:f1:3c:40:e4:66:d3:b2:76:4d:df:a1:4d:d8:
a3:87:03:73:53:e4:49:d1:95:41:29:ae:c6:63:04:6d:ce:63:
14:2a:19:66:c4:7b:97:30:e4:de:5b:8f:97:9a:8f:60:e0:4d:
e9:66:e2:37:50:13:51:12:08:62:95:be:1e:d6:56:92:ea:83:
46:e5:b8:6d:32:d1:fb:10:e1:39:4a:bb:af:ee:a0:01:a0:37:
7f:30:ec:54:81:d7:08:83:12:40:3f:f8:e3:7d:58:cd:0d:ea:
18:49:90:6c:61:2d:84:d4:26:1e:e8:54:33:84:88:07:a6:32:
c5:57:9d:fa:56:ae:bd:29:7a:91:22:d1:e8:36:85:55:1e:c2:
7f:b5:ec:bb:68:96:dd:29:62:00:de:bf:52:b1:52:f6:a4:7b:
3f:68:25:19:b6:61:c4:8b:95:43:5c:11:7e:9a:c0:6e:d8:f1:
3c:08:a7:36:ce:36:58:6e:07:4e:b1:9b:af:d7:27:3a:9a:26:
fe:d8:cc:18
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYpAIe7hpYGDScjAd+lgj8OnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODI5MDcxMTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVjY2U5MTBiNDQyN2IyYTdiODA1NmI3MjQ4MGMwYWI4ZTg5NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt1llo0OmDcJNuVEPtCjoKtS7QvI
qiWqLZnif3u/yzKzbb8Sp1sHExzuljBBwrGJWGUbfCNprO3ysxEVNlJJ9kvzTrjj
vlCG76Cbi/CvQz2q/5Uxj90a0zifYc2yjgOibYAQH1F7sv3Tqwv4Bj/PYLg2iyLV
8prFmwDwxj90vcvry0iHCE7wP+xIFFGMb9Ss+NZe2m4RYTZ3RMJQSV6kxDR5fJ0A
NzB3Ws2U5lF7aC3X/eS1VlsRvZmt6EKmAGsJfYhkSUBicd4O4O+48D20wnQROqJf
ljbUd64Ddpr6yaX+PMCrN56DmNR1TydtftNLaLECqW8mbHkGKJ16Hd+buwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMnszpELRCeyp7gFa3JIDAq46JVxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveWV6T2tRdEVKN0tudUFWcmNrZ01DcmpvbFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAV3hXAwQA
V3k7AwQBW1wYAwQAXXt0AwQAXpqjAwQAsH3/AwQCwZUcAwQAwrQyMA0GCSqGSIb3
DQEBCwUAA4IBAQCj2xLbmAQ5FSp+cQsZYPeI/YOw2hto0hGZfzsL2VO1tw/uY+IZ
LfvUx/GvYwOd4d55NTrFXWB8fscMevE8QORm07J2Td+hTdijhwNzU+RJ0ZVBKa7G
YwRtzmMUKhlmxHuXMOTeW4+Xmo9g4E3pZuI3UBNREghilb4e1laS6oNG5bhtMtH7
EOE5Sruv7qABoDd/MOxUgdcIgxJAP/jjfVjNDeoYSZBsYS2E1CYe6FQzhIgHpjLF
V536Vq69KXqRItHoNoVVHsJ/tey7aJbdKWIA3r9SsVL2pHs/aCUZtmHEi5VDXBF+
msBu2PE8CKc2zjZYbgdOsZuv1yc6mib+2MwY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org