Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VeGyeI7CpIKOh0eKpGr3EVI0q6I.roa
File: VeGyeI7CpIKOh0eKpGr3EVI0q6I.roa (raw, json)
Hash identifier: 3fnL+0cf+VsIC7cZFrscMxr+6BJ97VoZgJTIvncQe6Q=
Subject key identifier: 55:E1:B2:78:8E:C2:A4:82:8E:87:47:8A:A4:6A:F7:11:52:34:AB:A2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019178925B1016E197C7D2E8BBC78BA23499
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VeGyeI7CpIKOh0eKpGr3EVI0q6I.roa
Signing time: Thu 22 Aug 2024 05:32:22 +0000
ROA not before: Thu 22 Aug 2024 05:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.88.90.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
84.54.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.37.41.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:78:92:5b:10:16:e1:97:c7:d2:e8:bb:c7:8b:a2:34:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 22 05:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55e1b2788ec2a4828e87478aa46af7115234aba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:80:a8:1f:67:1a:13:a5:9c:ed:45:40:aa:c7:
21:33:af:8c:cb:e5:64:a8:31:39:22:ac:e5:c5:7a:
a9:ad:e4:bf:2c:b1:b1:02:bf:e9:ff:07:d7:08:9a:
e5:16:b4:a8:0d:97:4a:3e:65:c9:60:28:3b:a3:97:
ae:4d:53:49:b5:b0:19:41:78:3a:a0:2a:75:cf:3c:
ae:ef:48:85:cf:dc:77:7d:ba:5c:6d:bd:d1:d5:d8:
91:97:22:0c:66:56:14:9a:de:e2:21:63:51:41:b8:
30:36:d2:12:69:de:9d:11:26:4a:bc:21:09:90:60:
86:7a:a8:f4:9d:73:ad:f5:fa:3f:13:c3:37:3b:eb:
f7:15:b8:44:c6:d6:1f:a5:1c:2c:3a:88:18:4d:95:
f3:78:13:8b:59:57:d7:a1:b8:dc:5b:aa:51:53:44:
dc:2e:c8:73:86:5f:1a:30:da:5d:73:ee:aa:69:f5:
be:ec:96:47:b5:6b:13:42:9a:bd:3d:a4:8a:03:ff:
5c:7d:13:66:6f:78:a8:16:11:1d:32:f1:1f:92:91:
1c:c5:d1:79:d3:a0:86:72:fa:4e:1e:33:e4:a7:07:
55:9e:8f:d9:59:d3:c4:70:25:9d:dc:80:e8:d6:9a:
c3:44:65:23:3e:36:1c:cf:4c:0e:c1:e8:78:3c:b7:
84:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E1:B2:78:8E:C2:A4:82:8E:87:47:8A:A4:6A:F7:11:52:34:AB:A2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VeGyeI7CpIKOh0eKpGr3EVI0q6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.144.154.0/24
45.151.89.0/24
80.76.51.0/24
81.161.238.0/24
83.219.97.0/24
84.21.174.0/23
84.54.48.0/24
85.31.47.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.69.0/24
87.121.221.0/24
92.119.196.0/23
93.123.39.0/24
94.103.125.0/24
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.103.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.37.41.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
07:21:99:a0:08:42:e0:c3:57:ef:a7:85:f6:a2:48:44:be:30:
b4:26:f7:f4:51:16:99:52:ba:bb:01:63:87:45:f3:a2:c3:98:
c2:30:4b:07:94:e1:d5:33:b1:f6:64:ae:e9:3e:d4:38:4c:6d:
8c:b6:cb:ab:7e:e7:02:a5:58:43:d3:91:f4:12:58:30:ad:8c:
a0:fb:a8:71:11:ef:48:82:f8:57:90:4d:63:b4:19:99:3f:6d:
00:e4:1b:6f:fb:8b:f8:1e:c5:b8:d5:60:53:77:9f:da:3b:61:
6d:03:85:a2:a5:b5:48:76:0d:d6:3b:38:b3:5e:10:70:48:4e:
3f:95:64:24:1c:30:8a:8d:f8:1c:95:bf:f0:20:30:ec:be:06:
f7:e8:4d:ee:a5:1a:5e:c4:5e:5d:e7:39:61:e1:82:a9:ee:99:
98:67:e4:53:e3:76:ae:bd:03:66:bf:1f:ac:ef:59:09:22:c9:
4b:9d:6a:68:4c:87:7d:54:e4:8a:60:78:e9:cb:0e:54:7a:a5:
a1:50:b1:bd:20:3e:f3:8b:13:e1:ed:63:2f:32:6d:e0:1c:b1:
16:a1:ba:35:64:26:10:7f:9f:b3:26:cb:65:cd:56:b6:66:a3:
ce:71:cc:04:bf:dc:e6:4d:38:a4:0d:7e:ee:16:8e:fe:02:55:
6d:4c:e5:80
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZF4klsQFuGXx9Lou8eLojSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODIyMDUzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWUxYjI3ODhlYzJhNDgyOGU4NzQ3OGFhNDZhZjcxMTUyMzRhYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oCoH2caE6Wc7UVAqschM6+My+Vk
qDE5IqzlxXqpreS/LLGxAr/p/wfXCJrlFrSoDZdKPmXJYCg7o5euTVNJtbAZQXg6
oCp1zzyu70iFz9x3fbpcbb3R1diRlyIMZlYUmt7iIWNRQbgwNtISad6dESZKvCEJ
kGCGeqj0nXOt9fo/E8M3O+v3FbhExtYfpRwsOogYTZXzeBOLWVfXobjcW6pRU0Tc
Lshzhl8aMNpdc+6qafW+7JZHtWsTQpq9PaSKA/9cfRNmb3ioFhEdMvEfkpEcxdF5
06CGcvpOHjPkpwdVno/ZWdPEcCWd3IDo1prDRGUjPjYcz0wOweh4PLeEAQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFFXhsniOwqSCjodHiqRq9xFSNKuiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVmVHeWVJN0NwSUtPaDBlS3BHcjNFVkkwcTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAt
WFoDBAAtkJoDBAAtl1kDBABQTDMDBABRoe4DBABT22EDBAFUFa4DBABUNjADBABV
Hy8DBABXeFcDBABXeF0DBABXeS0DBABXeUUDBABXed0DBAFcd8QDBABdeycDBABe
Z30DBAJemqADBABenAsDBACNYgEDBACTTmcDBAKrFkgDBACy1+ADBAK52FQDBAK5
2lQDBADBJSkDBADB3mADBADCMPswDQYJKoZIhvcNAQELBQADggEBAAchmaAIQuDD
V++nhfaiSES+MLQm9/RRFplSursBY4dF86LDmMIwSweU4dUzsfZkruk+1DhMbYy2
y6t+5wKlWEPTkfQSWDCtjKD7qHER70iC+FeQTWO0GZk/bQDkG2/7i/gexbjVYFN3
n9o7YW0DhaKltUh2DdY7OLNeEHBITj+VZCQcMIqN+ByVv/AgMOy+BvfoTe6lGl7E
Xl3nOWHhgqnumZhn5FPjdq69A2a/H6zvWQkiyUudamhMh31U5IpgeOnLDlR6paFQ
sb0gPvOLE+HtYy8ybeAcsRahujVkJhB/n7Mmy2XNVrZmo85xzAS/3OZNOKQNfu4W
jv4CVW1M5YA=
-----END CERTIFICATE-----
Generated at Tue May 13 18:30:25 2025 by rpki-client