Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z4FRuLEI38Dnq6z46BbwcpInI2E.roa
File: z4FRuLEI38Dnq6z46BbwcpInI2E.roa (raw, json)
Hash identifier: cDmUWRyrF9lFKHxs8rnRApO7Im0456XSoZJG5zNX6Pg=
Subject key identifier: CF:81:51:B8:B1:08:DF:C0:E7:AB:AC:F8:E8:16:F0:72:92:27:23:61
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D1C8A24F0D0D33CB5CC731B7080A6E12D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z4FRuLEI38Dnq6z46BbwcpInI2E.roa
Signing time: Thu 18 Jan 2024 12:27:11 +0000
ROA not before: Thu 18 Jan 2024 12:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:8a:24:f0:d0:d3:3c:b5:cc:73:1b:70:80:a6:e1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 18 12:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf8151b8b108dfc0e7abacf8e816f07292272361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:61:d5:0e:c9:99:f2:4c:e4:3f:ae:15:a0:9c:
da:a4:06:e9:75:f8:3a:5e:8d:cd:c2:7a:66:08:6e:
a8:1d:22:0c:47:96:f6:67:9d:6d:dc:78:e5:8a:77:
ac:50:99:74:52:59:96:f1:a4:e1:14:0e:1e:79:44:
f8:b1:60:e8:8c:9c:23:1f:5f:9e:82:c7:ea:86:51:
70:de:57:32:dc:1a:1b:a8:8f:b1:5e:b7:9f:49:76:
a8:bc:9e:c0:11:28:72:94:bf:f4:3b:f3:51:d9:86:
4e:a3:01:fe:e2:32:e7:da:f2:76:72:4f:91:5a:99:
b3:c8:6f:09:82:cb:37:04:49:84:28:b8:33:7d:3a:
d5:54:19:b8:cc:e3:c8:88:7f:72:7d:d3:77:6a:58:
62:92:30:92:a3:54:73:8f:d6:ac:a7:8b:38:3d:84:
22:ae:ad:bd:ce:34:66:70:6c:66:5c:28:f6:79:ea:
20:80:2f:e9:c3:5e:a9:2b:06:64:0e:60:b8:42:6d:
a0:d4:74:1e:1e:4b:11:de:94:d4:17:a3:35:2a:54:
b1:53:02:b2:ab:f3:90:cb:d7:1d:23:68:64:06:6a:
ae:02:c1:65:f8:30:39:f9:83:8a:85:fa:8b:82:85:
8b:d4:1a:a2:1e:9f:cd:da:52:63:25:8f:52:57:23:
0c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:81:51:B8:B1:08:DF:C0:E7:AB:AC:F8:E8:16:F0:72:92:27:23:61
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z4FRuLEI38Dnq6z46BbwcpInI2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.9.156.0/24
45.84.89.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
79.110.51.0/24
82.115.208.0/24
83.219.97.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.246.223.0/24
193.25.217.0/24
193.35.19.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.224.0/23
194.169.172.0/24
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:84:48:dc:bd:c9:cf:34:c6:66:d5:75:c9:0b:f0:1e:44:3c:
70:a4:7d:c8:96:3a:bc:9c:0f:61:7a:d8:3a:5b:28:22:98:0c:
64:a4:10:f8:9f:f5:f2:15:04:18:91:ac:7c:0f:86:3f:3d:15:
87:b8:f0:d1:a3:68:f9:da:c6:f9:d6:51:ee:6b:5e:11:9a:64:
fa:f1:02:c9:4a:4c:e1:79:24:77:90:52:b9:ca:2f:42:67:3c:
7d:dd:40:c0:91:25:dd:67:a8:61:70:e0:db:46:f0:31:83:d2:
78:cc:ff:b8:3b:4e:04:1d:f6:23:f0:d9:16:20:13:98:61:76:
c7:55:b5:79:9d:ee:33:ab:60:c1:20:b8:20:96:9c:b5:1a:bd:
c2:46:42:97:b0:31:24:88:ef:5e:43:4b:cc:72:b7:2a:d8:2e:
d6:42:c5:60:1f:cf:5c:14:66:2d:66:2a:68:e6:96:6b:c4:24:
42:d0:e4:52:58:78:ba:f4:08:c1:79:77:2e:d2:da:a8:9b:9c:
fd:62:65:42:f6:0d:a2:4f:37:a4:12:18:83:49:ef:d6:39:07:
07:65:3a:37:fc:3a:46:52:19:3d:2e:2c:2d:30:f4:1f:13:b2:
02:16:49:76:d7:1f:64:88:ab:5f:46:34:02:8b:af:a9:21:e5:
a8:1d:49:cc
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY0ciiTw0NM8tcxzG3CApuEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE4MTIyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjgxNTFiOGIxMDhkZmMwZTdhYmFjZjhlODE2ZjA3MjkyMjcyMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWHVDsmZ8kzkP64VoJzapAbpdfg6
Xo3NwnpmCG6oHSIMR5b2Z51t3HjlinesUJl0UlmW8aThFA4eeUT4sWDojJwjH1+e
gsfqhlFw3lcy3BobqI+xXrefSXaovJ7AEShylL/0O/NR2YZOowH+4jLn2vJ2ck+R
WpmzyG8Jgss3BEmEKLgzfTrVVBm4zOPIiH9yfdN3alhikjCSo1Rzj9asp4s4PYQi
rq29zjRmcGxmXCj2eeoggC/pw16pKwZkDmC4Qm2g1HQeHksR3pTUF6M1KlSxUwKy
q/OQy9cdI2hkBmquAsFl+DA5+YOKhfqLgoWL1BqiHp/N2lJjJY9SVyMMcwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFM+BUbixCN/A56us+OgW8HKSJyNhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvejRGUnVMRUkzOERucTZ6NDZCYndjcEluSTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAC
O/0DBAAtCZwDBAAtVFkDBAAtVFsDBAAtWEADBAAtWFsDBABPbjMDBABSc9ADBABT
22EDBABcd8YDBABc+TIDBABemqIDBABtzu8DBACy1+EDBACy1+MDBACy1+wwDAME
BbneoAMEALneogMEALn23wMEAMEZ2QMEAMEjEwMEAMElKAMEAMElKgMEAMElLAME
AMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwMEAcI34AMEAMKprAMEAcK0JjAN
BgkqhkiG9w0BAQsFAAOCAQEATIRI3L3JzzTGZtV1yQvwHkQ8cKR9yJY6vJwPYXrY
OlsoIpgMZKQQ+J/18hUEGJGsfA+GPz0Vh7jw0aNo+drG+dZR7mteEZpk+vECyUpM
4Xkkd5BSucovQmc8fd1AwJEl3WeoYXDg20bwMYPSeMz/uDtOBB32I/DZFiATmGF2
x1W1eZ3uM6tgwSC4IJactRq9wkZCl7AxJIjvXkNLzHK3Ktgu1kLFYB/PXBRmLWYq
aOaWa8QkQtDkUlh4uvQIwXl3LtLaqJuc/WJlQvYNok83pBIYg0nv1jkHB2U6N/w6
RlIZPS4sLTD0HxOyAhZJdtcfZIirX0Y0AouvqSHlqB1JzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:47 2024 by rpki-client on console-ams.rpki-client.org