Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/sijaK0O8_1Yf5fVX3NQio0Jv74s.roa
File: sijaK0O8_1Yf5fVX3NQio0Jv74s.roa (raw, json)
Hash identifier: pE0fgNv1gMYD2+IE2iLh0Xu4xcrlsWFIy55loWjSOMs=
Subject key identifier: B2:28:DA:2B:43:BC:FF:56:1F:E5:F5:57:DC:D4:22:A3:42:6F:EF:8B
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018F72220EFDF3C41E1C1A429B795294A179
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/sijaK0O8_1Yf5fVX3NQio0Jv74s.roa
Signing time: Mon 13 May 2024 13:26:25 +0000
ROA not before: Mon 13 May 2024 13:26:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12615
IP address blocks: 78.108.249.0/24 maxlen: 24
87.246.4.0/24 maxlen: 24
109.160.44.0/24 maxlen: 24
109.160.45.0/24 maxlen: 24
109.160.118.0/24 maxlen: 24
109.160.119.0/24 maxlen: 24
185.43.59.0/24 maxlen: 24
212.70.130.0/23 maxlen: 23
212.70.132.0/24 maxlen: 24
212.70.133.0/24 maxlen: 24
212.70.134.0/24 maxlen: 24
212.70.135.0/24 maxlen: 24
212.70.144.0/22 maxlen: 22
212.70.144.0/24 maxlen: 24
212.70.145.0/24 maxlen: 24
212.70.146.0/24 maxlen: 24
212.70.147.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:22:0e:fd:f3:c4:1e:1c:1a:42:9b:79:52:94:a1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: May 13 13:26:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b228da2b43bcff561fe5f557dcd422a3426fef8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:54:cc:a5:31:bb:02:d6:5b:0e:45:44:88:1e:
05:2a:f2:a2:85:01:f0:62:19:70:77:dd:04:62:c4:
19:ba:7a:22:31:8a:87:e3:ec:20:01:60:d9:4c:d5:
d0:58:2f:5a:d7:ab:22:1c:a8:f1:74:f3:1a:54:1f:
38:31:fc:e9:ad:46:2d:2c:e8:e7:c4:26:54:66:f3:
f9:b8:46:dc:b2:35:88:aa:5f:eb:5b:94:69:a5:fc:
46:77:e1:d1:8a:3b:37:05:89:bb:55:d7:ac:4f:0d:
29:0e:bc:4c:62:ce:ec:d2:ae:f8:10:4c:67:06:0f:
68:1a:76:f8:f2:56:00:d2:86:ab:53:4e:ef:3f:32:
27:73:39:29:f0:22:e5:4b:4b:2e:50:64:f4:b1:69:
c4:9f:1b:0d:e8:ac:91:5e:5e:32:5c:e6:bd:2b:51:
b5:cc:56:00:d2:cd:70:94:ea:15:91:30:67:20:62:
b9:b7:0a:fb:1a:e2:20:a3:a9:d7:47:e7:b0:30:b1:
6e:5b:e8:12:94:97:70:6f:2b:a4:4b:28:27:da:5b:
1d:25:4d:37:b5:3c:ef:6c:0e:5a:e0:b0:87:af:63:
0d:90:0f:70:e2:64:cc:4e:06:0d:b4:90:c6:cd:50:
7a:13:32:81:48:3b:81:0e:d0:92:c7:55:68:fc:53:
74:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:28:DA:2B:43:BC:FF:56:1F:E5:F5:57:DC:D4:22:A3:42:6F:EF:8B
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/sijaK0O8_1Yf5fVX3NQio0Jv74s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.249.0/24
87.246.4.0/24
109.160.44.0/23
109.160.118.0/23
185.43.59.0/24
212.70.130.0-212.70.135.255
212.70.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:d5:0e:f9:3b:42:f6:1d:d6:38:98:c9:73:dd:8d:7c:78:9e:
af:75:b3:c5:4b:47:16:ef:67:83:ab:74:fb:18:e9:dc:7a:79:
b4:d7:93:9f:a6:e7:48:ab:08:80:9e:24:c8:0d:bd:29:59:49:
f4:39:d7:ed:aa:a1:65:d4:c7:ad:b1:19:40:fb:ee:9e:2d:14:
70:c1:51:c6:df:8b:4f:04:69:98:97:99:27:43:51:39:eb:b4:
28:bb:0f:3f:3f:94:8c:6d:0a:79:94:d2:f1:45:7d:5f:2c:92:
b7:5e:5e:1e:79:d0:97:38:95:2e:07:c3:ab:04:be:94:32:0a:
94:6c:0e:42:55:f1:b6:15:ee:46:32:dc:3b:28:2e:6e:dc:6a:
61:7e:5c:c2:03:ec:89:41:29:81:38:37:e3:a4:33:48:40:d9:
60:57:52:aa:c6:87:ae:e9:82:92:74:bf:dc:a1:a4:b4:a0:be:
a9:d5:35:c2:e0:d1:82:63:bf:c3:18:18:44:c5:4e:b1:2b:2a:
8b:c3:a9:65:30:b9:a6:12:f4:39:76:43:d6:b3:c4:c8:63:de:
2d:d8:50:e6:33:55:c2:ed:f9:61:51:54:47:b4:e9:ed:08:28:
20:0b:82:a6:29:2e:8c:ab:b1:20:db:66:e7:af:83:bd:84:b3:
d1:39:6d:82
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY9yIg7988QeHBpCm3lSlKF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwNTEzMTMyNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjI4ZGEyYjQzYmNmZjU2MWZlNWY1NTdkY2Q0MjJhMzQyNmZlZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVTMpTG7AtZbDkVEiB4FKvKihQHw
Yhlwd90EYsQZunoiMYqH4+wgAWDZTNXQWC9a16siHKjxdPMaVB84MfzprUYtLOjn
xCZUZvP5uEbcsjWIql/rW5RppfxGd+HRijs3BYm7VdesTw0pDrxMYs7s0q74EExn
Bg9oGnb48lYA0oarU07vPzInczkp8CLlS0suUGT0sWnEnxsN6KyRXl4yXOa9K1G1
zFYA0s1wlOoVkTBnIGK5twr7GuIgo6nXR+ewMLFuW+gSlJdwbyukSygn2lsdJU03
tTzvbA5a4LCHr2MNkA9w4mTMTgYNtJDGzVB6EzKBSDuBDtCSx1Vo/FN0dwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLIo2itDvP9WH+X1V9zUIqNCb++LMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvc2lqYUswTzhfMVlmNWZWWDNOUWlvMEp2NzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATmz5AwQA
V/YEAwQBbaAsAwQBbaB2AwQAuSs7MAwDBAHURoIDBAPURoADBALURpAwDQYJKoZI
hvcNAQELBQADggEBAG7VDvk7QvYd1jiYyXPdjXx4nq91s8VLRxbvZ4OrdPsY6dx6
ebTXk5+m50irCICeJMgNvSlZSfQ51+2qoWXUx62xGUD77p4tFHDBUcbfi08EaZiX
mSdDUTnrtCi7Dz8/lIxtCnmU0vFFfV8skrdeXh550Jc4lS4Hw6sEvpQyCpRsDkJV
8bYV7kYy3DsoLm7camF+XMID7IlBKYE4N+OkM0hA2WBXUqrGh67pgpJ0v9yhpLSg
vqnVNcLg0YJjv8MYGETFTrErKovDqWUwuaYS9Dl2Q9azxMhj3i3YUOYzVcLt+WFR
VEe06e0IKCALgqYpLoyrsSDbZuevg72Es9E5bYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org