Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s2TJ2BpkNBDNe7VUpwmcUQot5Cg.roa
File: s2TJ2BpkNBDNe7VUpwmcUQot5Cg.roa (raw, json)
Hash identifier: r1pY25t+SESnzPak9f348C5KxylvrxxO2pqwLuhG7xc=
Subject key identifier: B3:64:C9:D8:1A:64:34:10:CD:7B:B5:54:A7:09:9C:51:0A:2D:E4:28
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CB0D241A6FC48C612DC615E07EEE1A2AE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s2TJ2BpkNBDNe7VUpwmcUQot5Cg.roa
Signing time: Thu 28 Dec 2023 14:26:58 +0000
ROA not before: Thu 28 Dec 2023 14:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d2:41:a6:fc:48:c6:12:dc:61:5e:07:ee:e1:a2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 28 14:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b364c9d81a643410cd7bb554a7099c510a2de428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:7c:ea:da:5e:56:57:74:d9:60:f2:6b:b1:
3b:8d:01:37:dc:d4:be:94:64:2f:fc:1a:86:e0:df:
83:ae:16:69:2f:34:4a:0b:0c:cf:7f:5a:2e:8c:fd:
b9:bd:77:c9:96:d1:69:00:32:6c:0a:da:bd:30:2f:
9a:a0:5a:81:5b:e6:8e:b3:24:34:45:b6:65:36:2d:
8b:97:8a:f6:77:d9:f5:c1:8c:7a:78:06:3e:fa:fc:
41:66:51:1b:b4:84:da:36:97:27:ad:aa:5f:f9:65:
45:b1:3f:5b:cf:a7:da:37:b7:c6:59:29:e1:5b:23:
38:96:db:30:70:1f:69:ca:c8:27:00:78:d9:96:4f:
ad:ae:ba:8e:0a:76:9c:65:90:b1:d0:1e:c5:5d:4e:
7c:75:00:6f:b0:df:31:c1:ce:03:e3:6f:4f:66:f4:
74:a6:50:eb:ec:2e:1c:8d:14:13:ae:13:c8:bf:5e:
23:2d:c3:ec:42:d1:42:94:0c:5a:53:aa:f0:77:79:
f2:6d:9a:49:68:f8:02:19:5b:1d:84:04:21:17:ca:
34:8b:6a:8a:78:5f:5c:88:b2:a1:c2:0a:01:5d:f1:
2f:bb:ce:04:31:f0:8f:00:4b:53:4c:be:57:8f:2a:
73:61:b6:d2:50:34:2c:3b:4f:64:08:aa:50:f8:b8:
91:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:64:C9:D8:1A:64:34:10:CD:7B:B5:54:A7:09:9C:51:0A:2D:E4:28
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s2TJ2BpkNBDNe7VUpwmcUQot5Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
83.219.97.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
92.249.48.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
37:8e:11:c7:59:ee:04:93:40:51:80:b9:a2:f6:3a:ef:86:88:
7e:e1:c0:9f:e9:05:90:af:5f:0f:1f:ec:9f:17:f5:c2:6c:ed:
b7:39:6e:c9:50:d5:32:75:dc:85:f8:f2:2c:6f:e1:5a:45:8e:
57:27:07:ef:da:1c:01:6c:3d:16:a1:31:86:d0:04:1e:23:b2:
af:5d:1e:6a:8d:c6:20:cf:b6:82:b2:31:98:7d:f6:04:c5:ff:
7e:02:1d:17:2a:40:c7:4f:1b:f3:5a:25:d6:d8:d9:31:36:72:
9a:07:d9:11:92:24:e2:21:16:b5:a5:b7:ce:62:c0:31:1a:0b:
4d:d0:0e:68:79:93:5a:64:6b:c7:52:27:02:64:a9:2f:da:bc:
ee:d6:f4:3d:fb:f3:c8:e8:c0:dc:6e:38:b0:fb:79:79:ae:06:
28:40:30:09:89:1f:cf:8b:31:14:f3:d2:09:b9:c6:e5:1d:8b:
31:bc:fe:d0:34:0f:73:f4:aa:5f:8c:71:3b:3a:f4:05:c0:ef:
9c:dc:55:fb:8e:2c:95:26:2a:aa:af:65:17:43:c4:4b:76:db:
bf:8d:43:a7:96:2e:1e:d2:b8:de:e7:eb:8f:03:5e:a0:4b:ce:
df:4c:1e:1a:00:46:a2:61:e9:22:47:81:c6:d6:09:15:e5:94:
1b:8d:a6:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYyw0kGm/EjGEtxhXgfu4aKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI4MTQyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY0YzlkODFhNjQzNDEwY2Q3YmI1NTRhNzA5OWM1MTBhMmRlNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0V86tpeVld02WDya7E7jQE33NS+
lGQv/BqG4N+DrhZpLzRKCwzPf1oujP25vXfJltFpADJsCtq9MC+aoFqBW+aOsyQ0
RbZlNi2Ll4r2d9n1wYx6eAY++vxBZlEbtITaNpcnrapf+WVFsT9bz6faN7fGWSnh
WyM4ltswcB9pysgnAHjZlk+trrqOCnacZZCx0B7FXU58dQBvsN8xwc4D429PZvR0
plDr7C4cjRQTrhPIv14jLcPsQtFClAxaU6rwd3nybZpJaPgCGVsdhAQhF8o0i2qK
eF9ciLKhwgoBXfEvu84EMfCPAEtTTL5XjypzYbbSUDQsO09kCKpQ+LiR6QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFLNkydgaZDQQzXu1VKcJnFEKLeQoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvczJUSjJCcGtOQkROZTdWVXB3bWNVUW90NUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
WFoDBAAtl1kDBABT22EDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABc+TAwDAME
AF6aoQMEAl6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywMA0GCSqGSIb3DQEB
CwUAA4IBAQA3jhHHWe4Ek0BRgLmi9jrvhoh+4cCf6QWQr18PH+yfF/XCbO23OW7J
UNUyddyF+PIsb+FaRY5XJwfv2hwBbD0WoTGG0AQeI7KvXR5qjcYgz7aCsjGYffYE
xf9+Ah0XKkDHTxvzWiXW2NkxNnKaB9kRkiTiIRa1pbfOYsAxGgtN0A5oeZNaZGvH
UicCZKkv2rzu1vQ9+/PI6MDcbjiw+3l5rgYoQDAJiR/PizEU89IJucblHYsxvP7Q
NA9z9KpfjHE7OvQFwO+c3FX7jiyVJiqqr2UXQ8RLdtu/jUOnli4e0rje5+uPA16g
S87fTB4aAEaiYekiR4HG1gkV5ZQbjaaH
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:32:03 2025 by rpki-client