Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahsR_EGvDgDoPJxIIxvMQrRC8lI.roa
File: ahsR_EGvDgDoPJxIIxvMQrRC8lI.roa (raw, json)
Hash identifier: nBx0LaikAU5fk6wmjii0IL0v2rV+nS91Fg1jv7n9m0k=
Subject key identifier: 6A:1B:11:FC:41:AF:0E:00:E8:3C:9C:48:23:1B:CC:42:B4:42:F2:52
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190774E0026CB437923CC951ACD8A883D1A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahsR_EGvDgDoPJxIIxvMQrRC8lI.roa
Signing time: Wed 03 Jul 2024 06:35:18 +0000
ROA not before: Wed 03 Jul 2024 06:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.221.120.0/22 maxlen: 24
45.12.255.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.144.152.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:4e:00:26:cb:43:79:23:cc:95:1a:cd:8a:88:3d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 3 06:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a1b11fc41af0e00e83c9c48231bcc42b442f252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c3:0a:11:23:e0:d0:d4:2d:a8:c4:f1:ca:87:
b7:5d:f4:5b:ea:2c:47:0b:a7:09:6a:26:d1:48:b1:
50:52:72:94:66:17:ef:5d:f6:6b:b1:b2:2b:2b:1d:
4d:b1:83:2c:c1:10:92:46:ec:f0:84:c5:52:48:5c:
bb:49:60:19:7a:17:66:74:0d:e6:f8:b8:5b:35:f1:
fc:c4:03:12:59:10:60:78:e2:43:07:29:0b:93:16:
a5:53:d7:9d:2e:01:47:44:1f:e0:81:f1:da:0c:69:
40:70:e8:38:f6:54:1a:cd:83:90:7c:6a:a5:7b:7a:
db:0c:59:52:22:16:22:be:1b:be:0f:e0:85:da:33:
ae:3d:fd:3b:0a:27:3d:98:be:8e:8d:2b:3d:44:82:
28:6a:77:9f:80:87:64:3c:03:97:b6:a8:ec:9f:d8:
a7:1e:d9:11:06:14:93:f3:b5:76:51:77:de:6d:eb:
5a:6c:25:b8:25:a3:05:93:9d:22:17:26:d8:42:49:
ae:98:97:aa:27:a3:ca:77:ca:28:e4:b4:ad:b3:84:
28:1a:55:e9:85:ba:9d:a3:28:30:72:1a:94:0f:c6:
de:a8:0c:9f:65:64:b2:11:0a:84:eb:06:b4:ff:b4:
e2:15:20:ce:9d:2a:ea:aa:7b:be:42:bf:7f:58:eb:
41:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1B:11:FC:41:AF:0E:00:E8:3C:9C:48:23:1B:CC:42:B4:42:F2:52
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ahsR_EGvDgDoPJxIIxvMQrRC8lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.12.255.0/24
45.66.229.0/24
45.81.241.0-45.81.242.255
45.144.152.0-45.144.154.255
45.149.233.0/24
45.151.88.0/23
83.219.97.0/24
84.21.174.0/23
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
94.156.78.0/24
141.98.1.0/24
147.78.102.0/24
171.22.17.0/24
171.22.31.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
193.149.2.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
35:da:78:f9:a6:e5:a5:e5:cb:30:b2:3d:95:6d:22:86:12:72:
27:d1:74:17:5a:e2:94:39:18:50:26:5f:8e:b5:10:84:5e:9b:
54:bf:ee:4c:2b:5e:a7:80:c7:2d:e4:10:a2:06:a5:02:1d:03:
9c:18:98:68:a5:c1:82:0f:14:fc:70:e2:f9:33:8f:4b:c0:74:
3c:d0:11:7c:ae:03:cb:82:c4:b4:cb:eb:d1:8a:08:c1:e0:18:
d6:90:08:5b:3c:76:e3:d6:45:6b:75:ff:f8:4a:2c:5a:45:98:
33:73:dd:46:32:e3:14:80:ba:8f:cf:88:a1:c5:95:f5:c0:84:
b0:b0:99:7d:b8:44:96:23:c5:86:4a:e3:b4:03:30:0a:1c:df:
c0:8a:62:68:dd:14:f7:d1:9d:1c:b4:a5:84:da:1a:4e:bd:e3:
7b:12:cf:7b:6c:3e:0b:9e:aa:b0:bf:42:0b:02:ae:5a:a1:68:
4c:19:7b:19:3d:5d:f1:e5:25:17:d0:f2:50:36:60:04:5a:26:
34:89:70:7a:70:a0:06:42:c6:eb:21:1d:6a:d5:0c:73:36:8b:
e3:9a:f8:e0:9f:76:11:d0:d9:9c:6e:ea:72:39:6d:3c:fe:0a:
04:7a:1d:1f:d0:be:50:a8:22:bc:a6:60:38:72:ed:c8:69:b0:
2e:dd:39:6c
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZB3TgAmy0N5I8yVGs2KiD0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzAzMDYzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFiMTFmYzQxYWYwZTAwZTgzYzljNDgyMzFiY2M0MmI0NDJmMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMMKESPg0NQtqMTxyoe3XfRb6ixH
C6cJaibRSLFQUnKUZhfvXfZrsbIrKx1NsYMswRCSRuzwhMVSSFy7SWAZehdmdA3m
+LhbNfH8xAMSWRBgeOJDBykLkxalU9edLgFHRB/ggfHaDGlAcOg49lQazYOQfGql
e3rbDFlSIhYivhu+D+CF2jOuPf07Cic9mL6OjSs9RIIoanefgIdkPAOXtqjsn9in
HtkRBhST87V2UXfebetabCW4JaMFk50iFybYQkmumJeqJ6PKd8oo5LSts4QoGlXp
hbqdoygwchqUD8beqAyfZWSyEQqE6wa0/7TiFSDOnSrqqnu+Qr9/WOtBYwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFGobEfxBrw4A6DycSCMbzEK0QvJSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYWhzUl9FR3ZEZ0RvUEp4SUl4dk1RclJDOGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAIl
3XgDBAAtDP8DBAAtQuUwDAMEAC1R8QMEAC1R8jAMAwQDLZCYAwQALZCaAwQALZXp
AwQBLZdYAwQAU9thAwQBVBWuAwQAV3ghAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfE
AwQCXpqgAwQAXpwLAwQAXpxOAwQAjWIBAwQAk05mAwQAqxYRAwQAqxYfAwQCqxZI
AwQAstfgAwQCudhUAwQCudpUAwQBwSogAwQBwZUCAwQAwjD4AwQAwjfgMA0GCSqG
SIb3DQEBCwUAA4IBAQA12nj5puWl5cswsj2VbSKGEnIn0XQXWuKUORhQJl+OtRCE
XptUv+5MK16ngMct5BCiBqUCHQOcGJhopcGCDxT8cOL5M49LwHQ80BF8rgPLgsS0
y+vRigjB4BjWkAhbPHbj1kVrdf/4SixaRZgzc91GMuMUgLqPz4ihxZX1wISwsJl9
uESWI8WGSuO0AzAKHN/AimJo3RT30Z0ctKWE2hpOveN7Es97bD4Lnqqwv0ILAq5a
oWhMGXsZPV3x5SUX0PJQNmAEWiY0iXB6cKAGQsbrIR1q1QxzNovjmvjgn3YR0Nmc
bupyOW08/goEeh0f0L5QqCK8pmA4cu3IabAu3Tls
-----END CERTIFICATE-----
Generated at Tue May 13 16:52:23 2025 by rpki-client