Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pUsH0eilE0Us6solBNs5fm49RZg.roa
File: pUsH0eilE0Us6solBNs5fm49RZg.roa (raw, json)
Hash identifier: rRp4WvQ4me8sTvcjVxq5NepcMj7RvbUX7kcqW9XvWJo=
Subject key identifier: A5:4B:07:D1:E8:A5:13:45:2C:EA:CA:25:04:DB:39:7E:6E:3D:45:98
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01879860508EB4C6FD48105A4720CCCC594D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pUsH0eilE0Us6solBNs5fm49RZg.roa
Signing time: Wed 19 Apr 2023 07:17:41 +0000
ROA not before: Wed 19 Apr 2023 07:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
79.110.50.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:60:50:8e:b4:c6:fd:48:10:5a:47:20:cc:cc:59:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 07:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a54b07d1e8a513452ceaca2504db397e6e3d4598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:b2:2c:b3:71:24:0c:17:eb:c1:c6:ee:f8:
38:e9:24:28:70:03:4a:13:15:c7:a4:89:13:4a:ec:
6d:2c:fd:05:75:4a:8b:e6:71:57:00:d5:01:87:25:
5d:fe:c0:3a:ab:a3:bc:62:aa:4b:5f:1f:f2:0f:9c:
34:4b:8f:69:ad:f3:44:5c:fc:c9:6b:e1:f9:39:91:
8e:83:78:3a:3d:08:87:1a:57:d2:a5:9e:7b:b9:34:
2e:75:45:d4:4a:0d:84:7f:90:61:ba:f3:99:db:85:
27:08:62:5f:6f:56:08:78:ef:1f:1e:2f:3c:ea:50:
5e:3f:7b:3b:92:2c:fa:77:6c:6e:37:74:99:b0:6c:
1e:0d:72:2c:51:27:11:b4:de:71:aa:1c:7e:ba:07:
e8:80:ff:c0:cf:a1:ec:e2:61:5a:b8:1e:12:99:6c:
37:aa:37:33:bf:33:58:50:67:36:f7:c4:1c:ef:2f:
39:1a:a1:8f:10:a3:d1:16:87:ae:0b:8c:16:53:2c:
26:a8:bf:0c:f2:cb:1b:36:a4:9d:b3:3c:54:55:9c:
98:d6:90:10:d0:b0:7a:49:bc:f7:26:95:52:17:9b:
f8:cb:44:cb:7d:2e:d5:09:ae:0b:72:b6:11:50:49:
94:d6:ab:71:a4:ab:98:da:cd:14:09:06:00:52:6c:
3b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4B:07:D1:E8:A5:13:45:2C:EA:CA:25:04:DB:39:7E:6E:3D:45:98
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pUsH0eilE0Us6solBNs5fm49RZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
79.110.50.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
47:95:7c:4e:e2:b4:2e:75:f4:78:2d:83:fd:5e:81:85:7f:43:
18:0e:c6:31:dc:4f:c0:91:65:16:65:58:d3:ac:8b:7d:50:2f:
17:68:01:19:5e:4e:96:79:f6:64:84:75:8c:74:be:ef:83:dd:
9f:57:56:bf:1d:69:7b:d1:31:61:ed:16:97:d3:bf:24:88:b0:
d1:b1:8f:11:51:e2:85:d2:e0:3b:11:40:54:40:35:ad:3f:1a:
f1:b1:28:47:a6:e6:d2:28:62:7b:7e:ad:81:15:51:38:78:f5:
7f:7f:76:95:09:90:75:ea:cd:64:22:44:b2:d8:ff:c5:f7:4c:
2d:6f:d4:60:a7:5d:14:4e:9b:e6:47:da:47:51:bd:b9:1d:f9:
c9:d1:31:ad:38:16:80:34:98:2f:e5:d7:6f:3f:7d:8e:1c:11:
02:06:96:34:b1:b2:9f:70:78:69:6f:d1:b9:e4:70:20:1b:a3:
29:5e:30:e8:eb:7e:50:ac:cc:05:fb:ff:d3:96:58:5f:06:df:
09:d9:6a:5a:30:1c:71:54:91:fa:61:73:8d:fe:57:cf:a5:58:
b6:48:50:b4:7d:4a:a5:82:ba:99:f6:7f:0d:86:b7:78:de:6c:
25:01:77:7b:b1:01:19:44:6e:d8:ee:5f:5a:dd:66:59:62:b7:
63:d4:49:ee
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYeYYFCOtMb9SBBaRyDMzFlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE5MDcxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRiMDdkMWU4YTUxMzQ1MmNlYWNhMjUwNGRiMzk3ZTZlM2Q0NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotuyLLNxJAwX68HG7vg46SQocANK
ExXHpIkTSuxtLP0FdUqL5nFXANUBhyVd/sA6q6O8YqpLXx/yD5w0S49prfNEXPzJ
a+H5OZGOg3g6PQiHGlfSpZ57uTQudUXUSg2Ef5BhuvOZ24UnCGJfb1YIeO8fHi88
6lBeP3s7kiz6d2xuN3SZsGweDXIsUScRtN5xqhx+ugfogP/Az6Hs4mFauB4SmWw3
qjczvzNYUGc298Qc7y85GqGPEKPRFoeuC4wWUywmqL8M8ssbNqSdszxUVZyY1pAQ
0LB6Sbz3JpVSF5v4y0TLfS7VCa4LcrYRUEmU1qtxpKuY2s0UCQYAUmw7+QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFKVLB9HopRNFLOrKJQTbOX5uPUWYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFVzSDBlaWxFMFVzNnNvbEJOczVmbTQ5UlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAt
gOkDBAAtlekDBAAtl1kDBABPbjIDBABSc9EDBABUNjEDBAFXeEADBABXedwDBAFc
d8QDBABeZ30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAqsWSAME
AbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMIxVzANBgkqhkiG9w0BAQsF
AAOCAQEAR5V8TuK0LnX0eC2D/V6BhX9DGA7GMdxPwJFlFmVY06yLfVAvF2gBGV5O
lnn2ZIR1jHS+74Pdn1dWvx1pe9ExYe0Wl9O/JIiw0bGPEVHihdLgOxFAVEA1rT8a
8bEoR6bm0ihie36tgRVROHj1f392lQmQderNZCJEstj/xfdMLW/UYKddFE6b5kfa
R1G9uR35ydExrTgWgDSYL+XXbz99jhwRAgaWNLGyn3B4aW/RueRwIBujKV4w6Ot+
UKzMBfv/05ZYXwbfCdlqWjAccVSR+mFzjf5Xz6VYtkhQtH1KpYK6mfZ/DYa3eN5s
JQF3e7EBGURu2O5fWt1mWWK3Y9RJ7g==
-----END CERTIFICATE-----
Generated at Thu May 1 03:17:01 2025 by rpki-client