Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpV7auczSFWxH2hzArouaC2NPbw.roa
File: WpV7auczSFWxH2hzArouaC2NPbw.roa (raw, json)
Hash identifier: nxY3PI1y3yo+wx6BT81O4fd2FPndn+/a1SBuEtrZ8mQ=
Subject key identifier: 5A:95:7B:6A:E7:33:48:55:B1:1F:68:73:02:BA:2E:68:2D:8D:3D:BC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CB0BF07BF03A0B1992F92776A4A563152
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpV7auczSFWxH2hzArouaC2NPbw.roa
Signing time: Thu 28 Dec 2023 14:05:58 +0000
ROA not before: Thu 28 Dec 2023 14:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:bf:07:bf:03:a0:b1:99:2f:92:77:6a:4a:56:31:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 28 14:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a957b6ae7334855b11f687302ba2e682d8d3dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:38:ed:37:59:dd:1b:dc:cc:ef:44:1f:8f:f4:
11:a5:d2:c3:c3:41:2c:fb:cd:d8:b3:4d:0c:46:1b:
3d:c3:d8:a2:69:27:67:ef:24:66:f4:15:d3:70:02:
0c:1e:f2:ec:3b:14:cc:85:a2:ad:0f:ae:e7:09:36:
7f:67:cc:05:ea:20:14:0c:81:48:71:86:87:2d:31:
67:18:84:04:12:35:1b:e6:37:b9:59:a2:8a:bf:b9:
d4:bd:6f:4c:4c:96:0e:ad:d2:f2:f6:6d:1e:89:bc:
ce:bd:bf:95:ba:14:26:22:f4:34:4c:8e:34:93:80:
80:64:af:1f:30:5e:f6:1f:23:9b:07:51:23:c0:26:
8b:39:55:50:ec:ec:6b:b4:37:11:dd:fb:6e:39:85:
74:c8:58:5f:d6:8c:e2:88:0c:c6:96:16:59:29:0d:
db:9e:75:2f:eb:25:5d:df:52:28:ac:6b:d4:47:7a:
61:86:d7:7a:f7:ee:03:00:ae:52:70:a9:5d:ba:17:
f2:68:35:66:08:44:0e:de:15:44:50:35:61:1b:4e:
06:cc:18:75:36:a0:bc:1c:bf:3f:f2:8d:58:1e:bf:
03:0e:36:5c:e8:27:1c:2d:d7:d3:74:70:1c:b5:5c:
f6:ed:41:82:1b:b7:a6:aa:03:83:d1:fc:64:c4:52:
ca:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:95:7B:6A:E7:33:48:55:B1:1F:68:73:02:BA:2E:68:2D:8D:3D:BC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpV7auczSFWxH2hzArouaC2NPbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
83.219.97.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
92.249.48.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c8:0b:0b:49:fe:4f:1f:c6:e2:96:06:cc:1a:d3:8a:5d:de:
93:e0:2a:6e:dc:28:69:bb:71:46:7f:06:ea:15:a1:0e:f5:26:
8b:2a:6c:e2:8f:3c:58:7a:73:29:db:d3:63:4c:3e:a1:d6:4d:
56:aa:79:68:05:79:af:ff:88:31:4a:7d:3b:1d:59:2a:ce:36:
a4:7c:95:f8:3c:d5:9a:ce:fc:19:58:fd:b1:77:46:42:97:a6:
c9:00:11:5e:ab:b5:7a:09:fd:ec:bb:fc:21:fa:9e:48:b2:af:
d5:6b:ed:42:cd:a2:ec:3a:33:a3:bc:16:5c:15:a9:9b:ef:0d:
00:7e:b2:e9:97:01:7f:09:d2:e7:69:83:ce:d6:4e:e7:06:2c:
88:38:e1:a7:ba:fd:e9:bf:5b:4b:45:7a:c7:60:dc:f9:0e:cb:
7a:80:a7:26:c6:d6:6f:d6:9a:aa:8c:e7:3c:e5:03:1f:b8:2f:
4b:99:ef:98:d2:48:26:70:16:5a:28:2a:e9:aa:c0:78:31:0e:
60:ca:31:93:23:92:56:a5:93:15:04:dc:84:7c:9d:d5:6f:41:
51:a8:1d:9c:aa:e6:fb:61:21:e7:96:6f:55:e3:03:86:86:f6:
21:9a:c0:20:90:08:a3:41:bf:53:c6:c6:f7:2f:9c:66:0c:62:
9c:c2:3a:de
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYywvwe/A6CxmS+Sd2pKVjFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI4MTQwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk1N2I2YWU3MzM0ODU1YjExZjY4NzMwMmJhMmU2ODJkOGQzZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTjtN1ndG9zM70Qfj/QRpdLDw0Es
+83Ys00MRhs9w9iiaSdn7yRm9BXTcAIMHvLsOxTMhaKtD67nCTZ/Z8wF6iAUDIFI
cYaHLTFnGIQEEjUb5je5WaKKv7nUvW9MTJYOrdLy9m0eibzOvb+VuhQmIvQ0TI40
k4CAZK8fMF72HyObB1EjwCaLOVVQ7OxrtDcR3ftuOYV0yFhf1oziiAzGlhZZKQ3b
nnUv6yVd31IorGvUR3phhtd69+4DAK5ScKlduhfyaDVmCEQO3hVEUDVhG04GzBh1
NqC8HL8/8o1YHr8DDjZc6CccLdfTdHActVz27UGCG7emqgOD0fxkxFLKHQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFFqVe2rnM0hVsR9ocwK6LmgtjT28MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV3BWN2F1Y3pTRld4SDJoekFyb3VhQzJOUGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
WFoDBAAtl1kDBABT22EDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABc+TAwDAME
AF6aoQMEAl6aoAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywMA0GCSqGSIb3DQEBCwUAA4IB
AQB1yAsLSf5PH8bilgbMGtOKXd6T4Cpu3Chpu3FGfwbqFaEO9SaLKmzijzxYenMp
29NjTD6h1k1WqnloBXmv/4gxSn07HVkqzjakfJX4PNWazvwZWP2xd0ZCl6bJABFe
q7V6Cf3su/wh+p5Isq/Va+1CzaLsOjOjvBZcFamb7w0AfrLplwF/CdLnaYPO1k7n
BiyIOOGnuv3pv1tLRXrHYNz5Dst6gKcmxtZv1pqqjOc85QMfuC9Lme+Y0kgmcBZa
KCrpqsB4MQ5gyjGTI5JWpZMVBNyEfJ3Vb0FRqB2cqub7YSHnlm9V4wOGhvYhmsAg
kAijQb9Txsb3L5xmDGKcwjre
-----END CERTIFICATE-----
Generated at Wed May 14 00:01:20 2025 by rpki-client