Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2CG6lCZgZJq1ZlO2RO_65SXRceo.roa
File: 2CG6lCZgZJq1ZlO2RO_65SXRceo.roa (raw, json)
Hash identifier: XGAhzzNfOcukYMDVsXAr7qrKZcdKDAH3vPsf5kGIYqE=
Subject key identifier: D8:21:BA:94:26:60:64:9A:B5:66:53:B6:44:EF:FA:E5:25:D1:71:EA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018906691A1E13CCAE0A8E41894908BBE847
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2CG6lCZgZJq1ZlO2RO_65SXRceo.roa
Signing time: Thu 29 Jun 2023 09:08:18 +0000
ROA not before: Thu 29 Jun 2023 09:08:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
94.103.124.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:69:1a:1e:13:cc:ae:0a:8e:41:89:49:08:bb:e8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 29 09:08:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d821ba942660649ab56653b644effae525d171ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:31:65:d3:bb:96:42:a2:ac:af:c7:41:26:
46:39:c2:d1:ec:30:67:7d:af:b6:05:72:a0:9c:9c:
fc:9c:dd:d3:37:16:aa:47:f2:44:b8:cd:4c:6b:67:
25:1c:8a:73:6a:98:35:c3:3a:66:5e:b6:e7:fe:71:
00:54:03:bb:87:d7:8a:95:3c:cd:3e:71:c5:32:4d:
b9:c9:3d:89:95:79:96:43:41:1a:7e:fa:b6:45:16:
03:3e:4e:1b:ca:f2:1d:c5:c6:e4:48:2b:00:de:04:
8a:4c:cf:a6:3a:b5:6c:c6:06:3c:eb:6e:83:bd:92:
35:dc:5c:bc:c2:69:36:55:46:b4:45:dd:df:6e:72:
1d:cc:0f:c1:fc:4a:a4:e8:82:b1:da:a5:9a:c3:7f:
c7:7e:ef:64:eb:90:cf:06:14:08:d7:90:f0:09:6e:
3d:0c:9b:9b:e6:a8:06:4d:98:42:9d:bc:f5:60:53:
5e:a9:40:c8:cb:af:ba:62:03:60:ce:3c:62:89:c7:
ab:3a:3d:b5:94:8c:e6:cf:7d:a1:9f:15:1e:73:1a:
9b:48:bb:fa:4f:c2:c4:a0:66:c9:15:53:84:28:75:
d6:7a:66:f9:e8:5f:be:54:b8:6d:c4:7c:55:5e:92:
65:f7:8e:96:c0:41:d4:66:26:89:91:f0:1c:67:48:
96:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:21:BA:94:26:60:64:9A:B5:66:53:B6:44:EF:FA:E5:25:D1:71:EA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2CG6lCZgZJq1ZlO2RO_65SXRceo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.151.89.0/24
92.119.196.0/23
94.103.124.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.55.227.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
36:37:61:60:c4:9f:94:b4:1c:a1:8a:1f:59:b2:7f:60:97:e9:
ce:b1:d0:f6:65:ef:36:ee:f1:3f:56:5d:bc:64:52:d5:39:7a:
c2:4e:64:ad:a0:1e:0d:9d:8e:66:95:e7:00:bb:53:b9:8a:f3:
32:b7:92:86:b6:04:07:df:fe:bf:d9:cf:db:ed:63:9d:1f:6d:
9f:fd:84:77:3f:6c:28:9e:28:74:8b:fc:4e:04:b1:ca:59:28:
6f:d7:ae:ba:4a:13:8c:07:c9:8f:55:47:1f:d3:be:70:54:0c:
17:9a:6e:b9:2c:51:86:2f:18:49:4e:31:66:a1:91:eb:30:b0:
76:f5:78:c8:fc:b6:79:d6:9b:9a:b2:4e:01:37:da:c9:0e:42:
2d:a0:c2:b0:95:84:9b:07:5c:ed:b7:ab:99:bf:3d:15:bb:61:
23:4b:4d:ad:29:35:06:20:96:c0:33:90:0c:42:c4:cc:21:02:
57:cb:60:ad:77:8f:8f:f5:41:31:f4:bf:a9:81:19:b6:dc:68:
28:db:0a:55:2b:89:f7:0c:f3:86:93:5f:a3:b7:83:a6:d3:18:
da:13:d3:d0:05:e9:2c:b9:a1:46:de:ad:0a:d4:54:5d:40:cc:
35:a1:6b:24:63:f2:5a:18:65:08:1b:58:44:56:ab:fa:eb:ae:
e0:1c:31:6c
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYkGaRoeE8yuCo5BiUkIu+hHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjI5MDkwODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIxYmE5NDI2NjA2NDlhYjU2NjUzYjY0NGVmZmFlNTI1ZDE3MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX0xZdO7lkKirK/HQSZGOcLR7DBn
fa+2BXKgnJz8nN3TNxaqR/JEuM1Ma2clHIpzapg1wzpmXrbn/nEAVAO7h9eKlTzN
PnHFMk25yT2JlXmWQ0Eafvq2RRYDPk4byvIdxcbkSCsA3gSKTM+mOrVsxgY8626D
vZI13Fy8wmk2VUa0Rd3fbnIdzA/B/Eqk6IKx2qWaw3/Hfu9k65DPBhQI15DwCW49
DJub5qgGTZhCnbz1YFNeqUDIy6+6YgNgzjxiicerOj21lIzmz32hnxUecxqbSLv6
T8LEoGbJFVOEKHXWemb56F++VLhtxHxVXpJl946WwEHUZiaJkfAcZ0iWvwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFNghupQmYGSatWZTtkTv+uUl0XHqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMkNHNmxDWmdaSnExWmxPMlJPXzY1U1hSY2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAi1fAAME
AC2XWQMEAVx3xAMEAF5nfDAMAwQAXpqhAwQCXpqgAwQAXpzvAwQBk05kAwQCqxZI
AwQAstfsAwQCudhUAwQCudpUAwQAudqJAwQAudt+AwQAufywAwQAwjfjAwQCwnEk
AwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IBAQA2N2FgxJ+UtByhih9Zsn9gl+nOsdD2
Ze827vE/Vl28ZFLVOXrCTmStoB4NnY5mlecAu1O5ivMyt5KGtgQH3/6/2c/b7WOd
H22f/YR3P2wonih0i/xOBLHKWShv1666ShOMB8mPVUcf075wVAwXmm65LFGGLxhJ
TjFmoZHrMLB29XjI/LZ51puask4BN9rJDkItoMKwlYSbB1ztt6uZvz0Vu2EjS02t
KTUGIJbAM5AMQsTMIQJXy2Ctd4+P9UEx9L+pgRm23Ggo2wpVK4n3DPOGk1+jt4Om
0xjaE9PQBeksuaFG3q0K1FRdQMw1oWskY/JaGGUIG1hEVqv6667gHDFs
-----END CERTIFICATE-----
Generated at Tue May 13 20:55:03 2025 by rpki-client