Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-uZh2CeOn1KRIT0g-27UJ5lR-FA.roa
File: 1-uZh2CeOn1KRIT0g-27UJ5lR-FA.roa (raw, json)
Hash identifier: tBVmKgim9/Y9/RKgupSb2Fl/Tghsqg9216kRrTzMcQY=
Subject key identifier: FA:E6:61:D8:27:8E:9F:52:91:21:3D:20:FB:6E:D4:27:99:51:F8:50
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCC7753241602E7B4D569B3BF2CA9A697
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-uZh2CeOn1KRIT0g-27UJ5lR-FA.roa
Signing time: Wed 21 Feb 2024 16:19:48 +0000
ROA not before: Wed 21 Feb 2024 16:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 2.59.252.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:77:53:24:16:02:e7:b4:d5:69:b3:bf:2c:a9:a6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 16:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fae661d8278e9f5291213d20fb6ed4279951f850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:64:e8:db:e5:16:38:55:76:04:cc:51:f6:c6:
87:fe:10:61:cd:f9:2f:b7:50:80:44:60:53:0d:2c:
7a:ef:57:b3:05:cc:d7:e1:79:af:6e:87:85:2a:ad:
2b:c3:8b:4f:ce:48:06:b7:d2:2b:a3:7d:87:16:9d:
d2:88:51:b9:ae:19:df:fb:0e:f5:20:70:0b:54:0e:
8e:1b:70:47:eb:d3:d1:09:03:f7:d4:67:0e:fb:3a:
6c:67:5b:44:fa:5c:17:8f:e6:09:7e:fd:dd:8b:02:
b1:98:f4:92:65:12:cd:f7:92:be:ed:bd:03:fb:85:
73:b9:6e:eb:13:50:fc:7a:9b:bb:3b:93:2f:f6:40:
18:3d:23:5c:b6:3f:41:a2:58:b3:2a:d3:be:e3:cc:
bf:60:1c:a8:41:b5:56:3c:10:99:4c:f4:c7:80:36:
dd:4f:3f:4e:aa:90:bb:9a:29:80:78:bb:c9:f9:22:
97:c9:ca:c8:e2:a3:84:77:d4:68:d4:6d:b3:53:8b:
10:6e:51:d7:c0:61:d3:6f:e5:62:6d:49:6a:49:93:
b7:bd:8b:7f:64:dd:20:f5:74:18:13:cd:d3:47:a9:
c2:2f:b7:56:22:da:b4:a0:4a:68:88:62:de:8e:58:
af:08:19:20:32:20:2e:9d:9c:e6:53:2a:2f:d7:b1:
c6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E6:61:D8:27:8E:9F:52:91:21:3D:20:FB:6E:D4:27:99:51:F8:50
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-uZh2CeOn1KRIT0g-27UJ5lR-FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
45.9.157.0/24
45.14.164.0/24
45.66.229.0/24
45.81.241.0/24
45.149.233.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
88.218.76.0/22
94.103.126.0/24
94.156.78.0/24
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
37:0a:06:5e:b8:75:b8:88:77:97:c4:5a:e2:f3:dd:1b:af:2f:
ab:aa:a1:75:dd:e3:5d:62:6b:cd:72:55:c3:ce:65:9d:0e:2e:
a3:4b:e9:e1:be:69:7e:6e:cf:f2:cf:8a:cd:57:4e:82:b6:e1:
27:fd:14:e3:52:7b:66:14:ad:0b:3e:4b:a3:8d:2d:0f:51:eb:
21:9f:14:00:29:b4:d5:36:a0:dd:7d:e3:1e:be:85:16:7e:83:
69:9d:d9:3c:a5:13:5c:ad:70:e5:63:e2:44:d5:f9:09:ae:4e:
90:ce:cf:17:4f:66:36:b9:f8:dc:4f:ce:35:6c:b7:95:06:e3:
c6:4e:2f:b8:fe:1e:a1:be:26:7f:bb:58:29:f2:37:b6:4e:70:
9f:af:09:c5:53:bd:ca:ac:e8:86:ee:99:83:12:c2:e6:03:99:
24:88:05:13:2d:90:54:aa:da:d8:b9:05:5b:81:19:71:06:e7:
e6:3e:34:65:4e:79:d5:9b:45:31:dc:4b:02:11:58:e1:d4:ac:
25:10:c0:4f:c2:36:1b:cf:aa:86:e4:07:86:02:3f:34:c3:7b:
7d:12:28:a7:0d:71:62:13:e4:06:ca:c3:71:78:d3:44:b4:23:
70:42:e4:79:76:8f:6b:6d:c2:bd:3b:30:73:bf:f7:e5:c5:c9:
db:db:0a:86
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAY3Md1MkFgLntNVps78sqaaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMTYxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWU2NjFkODI3OGU5ZjUyOTEyMTNkMjBmYjZlZDQyNzk5NTFmODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumTo2+UWOFV2BMxR9saH/hBhzfkv
t1CARGBTDSx671ezBczX4XmvboeFKq0rw4tPzkgGt9Iro32HFp3SiFG5rhnf+w71
IHALVA6OG3BH69PRCQP31GcO+zpsZ1tE+lwXj+YJfv3diwKxmPSSZRLN95K+7b0D
+4VzuW7rE1D8epu7O5Mv9kAYPSNctj9BolizKtO+48y/YByoQbVWPBCZTPTHgDbd
Tz9OqpC7mimAeLvJ+SKXycrI4qOEd9Ro1G2zU4sQblHXwGHTb+VibUlqSZO3vYt/
ZN0g9XQYE83TR6nCL7dWItq0oEpoiGLejlivCBkgMiAunZzmUyov17HGqQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFPrmYdgnjp9SkSE9IPtu1CeZUfhQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS11WmgyQ2VPbjFLUklUMGctMjdVSjVsUi1GQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBiwYIKwYBBQUHAQcBAf8EfDB6MHgEAgABMHIDBAACO/wD
BAAtCZ0DBAAtDqQDBAAtQuUDBAAtUfEDBAAtlekDBABUFa0DBABXeCADBAFXeCID
BAFXeEADBABXeFkDBAFXeNwDBAFXeTgDBAFXeWQDBAJY2kwDBABeZ34DBABenE4D
BADCOx4DBADCqa4wDQYJKoZIhvcNAQELBQADggEBADcKBl64dbiId5fEWuLz3Ruv
L6uqoXXd411ia81yVcPOZZ0OLqNL6eG+aX5uz/LPis1XToK24Sf9FONSe2YUrQs+
S6ONLQ9R6yGfFAAptNU2oN194x6+hRZ+g2md2TylE1ytcOVj4kTV+QmuTpDOzxdP
Zja5+NxPzjVst5UG48ZOL7j+HqG+Jn+7WCnyN7ZOcJ+vCcVTvcqs6IbumYMSwuYD
mSSIBRMtkFSq2ti5BVuBGXEG5+Y+NGVOedWbRTHcSwIRWOHUrCUQwE/CNhvPqobk
B4YCPzTDe30SKKcNcWIT5AbKw3F400S0I3BC5Hl2j2ttwr07MHO/9+XFydvbCoY=
-----END CERTIFICATE-----
Generated at Tue May 13 18:01:32 2025 by rpki-client