Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sn7rXoCEZU4eu5h3-MrzxdUsH9c.roa
File: Sn7rXoCEZU4eu5h3-MrzxdUsH9c.roa (raw, json)
Hash identifier: wlU9comEac6m34dKbA0+LVPLVpiN3oiiZRQh7c9j2FQ=
Subject key identifier: 4A:7E:EB:5E:80:84:65:4E:1E:BB:98:77:F8:CA:F3:C5:D5:2C:1F:D7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B8B52448C294160FDA30BB6E834DC3450
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sn7rXoCEZU4eu5h3-MrzxdUsH9c.roa
Signing time: Wed 01 Nov 2023 14:38:26 +0000
ROA not before: Wed 01 Nov 2023 14:38:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:52:44:8c:29:41:60:fd:a3:0b:b6:e8:34:dc:34:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 1 14:38:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a7eeb5e8084654e1ebb9877f8caf3c5d52c1fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b7:f4:fb:9b:33:1a:d5:d5:6c:2d:38:b0:79:
ea:71:d7:48:11:70:b0:79:42:03:00:89:64:ed:eb:
38:ac:13:c9:ee:69:f5:90:ff:27:cb:c3:62:fa:ad:
7d:39:95:a1:19:51:06:50:b8:3d:98:5d:c5:a3:8b:
2d:42:2c:44:d2:31:d0:d5:6f:8e:12:40:d0:c6:d5:
0e:cc:b8:bd:9b:52:3c:59:17:46:04:0e:8e:2d:f0:
aa:35:01:e8:4c:7e:2f:4f:c8:6a:ae:3e:a1:e2:83:
f6:56:ff:84:0b:36:bc:53:6e:ce:47:5d:5a:c8:6a:
7e:76:29:f0:4f:c6:3c:c5:c5:75:85:de:bf:f7:d6:
de:99:9c:bd:d4:24:5d:ee:54:4a:03:79:19:b1:cd:
ee:36:bc:52:f7:25:e4:b1:91:ca:fd:a4:5d:45:56:
40:ef:48:d5:fb:18:b8:e2:77:a5:d0:39:34:4f:02:
9a:d8:74:d1:e0:a7:d5:5c:1c:d9:1a:ce:43:79:cd:
e5:32:d6:ec:6b:63:94:d1:24:b4:70:7e:75:36:26:
c8:8d:87:a6:c4:94:2b:c3:e6:2d:95:0e:51:b0:93:
f6:06:89:8c:c1:05:ed:86:f6:8c:2d:95:de:ad:90:
1a:8c:21:89:5b:1a:15:8d:d9:f1:86:da:3d:e1:51:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7E:EB:5E:80:84:65:4E:1E:BB:98:77:F8:CA:F3:C5:D5:2C:1F:D7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Sn7rXoCEZU4eu5h3-MrzxdUsH9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
176.125.255.0/24
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:22:0b:02:81:1d:0c:df:3a:29:29:2c:0a:50:5b:b3:78:d9:
76:f5:da:f1:cb:d8:ef:bd:7d:6e:99:1d:c2:9b:e2:5c:bc:09:
69:07:9d:71:b7:8c:74:ab:d7:10:fa:2b:fa:12:a0:86:84:44:
fb:59:e2:8e:e6:9c:cf:f4:01:34:14:7f:dc:1a:ac:01:fd:23:
04:cc:57:24:e0:64:16:ca:70:d6:03:1d:e7:63:84:6d:24:0f:
d7:de:fa:f2:5c:3d:e2:ed:14:d5:2b:cf:56:91:bf:60:9a:d3:
8c:8e:a8:70:27:96:f0:fc:7c:95:23:4a:f2:d0:38:37:5a:b4:
c6:06:21:bf:6c:56:2a:0d:67:ff:d0:95:02:5a:fd:2c:c5:c3:
bb:5c:29:17:e9:57:a6:4a:43:4b:39:a3:2e:a8:29:fd:bb:eb:
ed:f6:71:02:e9:3c:d8:33:db:a5:ff:01:47:d8:c2:7e:0c:4a:
8e:70:b3:90:d7:28:52:9f:25:6f:2c:c1:e0:cc:56:dd:12:e2:
bf:7b:02:80:ae:6c:2a:2f:52:38:44:86:75:5d:36:bd:a5:b4:
25:b9:fb:3e:20:9c:e9:79:71:29:db:7b:17:ea:9f:ae:bc:20:
a6:48:70:e5:7b:0b:73:c0:3f:c0:e3:15:76:2d:42:79:9e:fc:
c2:a0:b4:95
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYuLUkSMKUFg/aMLtug03DRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAxMTQzODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdlZWI1ZTgwODQ2NTRlMWViYjk4NzdmOGNhZjNjNWQ1MmMxZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrf0+5szGtXVbC04sHnqcddIEXCw
eUIDAIlk7es4rBPJ7mn1kP8ny8Ni+q19OZWhGVEGULg9mF3Fo4stQixE0jHQ1W+O
EkDQxtUOzLi9m1I8WRdGBA6OLfCqNQHoTH4vT8hqrj6h4oP2Vv+ECza8U27OR11a
yGp+dinwT8Y8xcV1hd6/99bemZy91CRd7lRKA3kZsc3uNrxS9yXksZHK/aRdRVZA
70jV+xi44nel0Dk0TwKa2HTR4KfVXBzZGs5Dec3lMtbsa2OU0SS0cH51NibIjYem
xJQrw+YtlQ5RsJP2BomMwQXthvaMLZXerZAajCGJWxoVjdnxhto94VG33QIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFEp+616AhGVOHruYd/jK88XVLB/XMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU243clhvQ0VaVTRldTVoMy1Ncnp4ZFVzSDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
CF0DBAAtl1kDBABXeFcDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAsH3/
AwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKvAwQAufywAwQAwqmuAwQAwrQy
MA0GCSqGSIb3DQEBCwUAA4IBAQBaIgsCgR0M3zopKSwKUFuzeNl29drxy9jvvX1u
mR3Cm+JcvAlpB51xt4x0q9cQ+iv6EqCGhET7WeKO5pzP9AE0FH/cGqwB/SMEzFck
4GQWynDWAx3nY4RtJA/X3vryXD3i7RTVK89Wkb9gmtOMjqhwJ5bw/HyVI0ry0Dg3
WrTGBiG/bFYqDWf/0JUCWv0sxcO7XCkX6VemSkNLOaMuqCn9u+vt9nEC6TzYM9ul
/wFH2MJ+DEqOcLOQ1yhSnyVvLMHgzFbdEuK/ewKArmwqL1I4RIZ1XTa9pbQlufs+
IJzpeXEp23sX6p+uvCCmSHDlewtzwD/A4xV2LUJ5nvzCoLSV
-----END CERTIFICATE-----
Generated at Tue May 13 20:34:51 2025 by rpki-client