Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/SWIJJUlLoJ0yeOmVuavK_JXPcWU.roa
File: SWIJJUlLoJ0yeOmVuavK_JXPcWU.roa (raw, json)
Hash identifier: 1T7e9EMcD7H06ydCnzBhaYblUPGlTSmFz+9atfjxQj4=
Subject key identifier: 49:62:09:25:49:4B:A0:9D:32:78:E9:95:B9:AB:CA:FC:95:CF:71:65
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0A98F959
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/SWIJJUlLoJ0yeOmVuavK_JXPcWU.roa
Signing time: Tue 08 Mar 2022 13:12:37 +0000
ROA not before: Tue 08 Mar 2022 13:12:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.226.231.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.160.230.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.228.0/24 maxlen: 24
185.160.228.0/22 maxlen: 22
185.232.132.0/24 maxlen: 24
185.232.132.0/22 maxlen: 22
185.232.133.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177797465 (0xa98f959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Mar 8 13:12:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49620925494ba09d3278e995b9abcafc95cf7165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:70:8f:0d:37:29:d8:7c:99:a9:4b:0e:73:45:
20:74:d3:e1:61:1d:9b:3d:ee:30:d0:cf:b3:f9:71:
5c:74:85:45:99:2e:b1:8d:a8:b0:4e:77:9f:d2:df:
2f:7f:72:b4:11:a0:4c:15:8e:ae:85:94:c6:19:59:
8c:da:33:22:5d:12:b0:be:90:bb:63:dc:cf:66:df:
c0:0c:3e:3c:09:ac:ff:ba:7d:2d:51:b1:e6:71:27:
c6:01:ee:d3:dc:9e:40:3d:73:6b:49:d9:dc:56:fd:
e8:f0:2b:55:65:87:2d:93:8d:08:ac:17:5a:5e:d3:
47:d4:a9:e2:57:8e:92:d9:98:9b:eb:63:c1:0e:f3:
38:65:08:9e:c0:71:88:4f:9c:1f:81:a9:cf:e0:17:
cc:81:f5:9e:d2:98:71:b7:7d:0d:c5:f3:e4:67:c3:
c4:aa:0a:32:5a:fc:3a:21:fc:f7:f3:c8:13:8c:3f:
f1:85:23:d6:be:86:88:34:1c:f5:12:16:e1:9f:19:
d0:aa:6f:1a:e8:1e:47:26:62:7d:a6:ce:21:45:da:
44:0c:f4:4f:fc:3b:77:6e:85:3d:5e:f1:3e:ad:77:
b2:46:1e:35:c1:68:e9:85:74:a7:5b:36:e3:87:8f:
d4:c8:2f:a0:50:8e:b5:40:bc:0d:04:f4:79:5c:0b:
8f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:62:09:25:49:4B:A0:9D:32:78:E9:95:B9:AB:CA:FC:95:CF:71:65
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/SWIJJUlLoJ0yeOmVuavK_JXPcWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/22
185.220.166.0/23
185.226.231.0/24
185.232.132.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:90:af:42:56:c4:7d:a3:a0:c7:76:b3:6c:06:5c:f8:38:fb:
de:7f:f4:a9:41:f8:ee:48:e6:cc:86:84:e6:00:3a:76:91:98:
91:25:89:4b:57:f2:b5:d7:7e:38:b3:1e:36:e0:42:ee:45:82:
f7:5e:ed:b7:d6:a4:7e:88:cc:22:13:62:c8:cb:91:7e:c6:ae:
35:8f:5b:2a:9d:90:a5:80:23:e9:31:b0:5c:1a:e0:73:f0:72:
5e:83:c6:e3:25:ab:63:15:dd:29:12:38:5f:3e:e6:d2:b4:e2:
e7:ed:79:c7:b1:17:a0:01:2b:20:43:d8:58:89:b5:a1:64:1a:
73:b1:d2:65:20:b7:6b:96:73:1b:ee:84:78:55:f2:8b:35:a4:
ca:6c:1c:4f:6a:6a:b2:d4:aa:fe:ec:50:82:d7:a6:f7:f3:02:
e8:83:8a:0b:b3:fe:b6:ad:d7:01:4b:26:f4:90:39:a3:97:3f:
b1:50:ca:b5:75:ea:b2:fe:aa:ca:c8:4e:9d:f1:33:77:b5:73:
e9:83:79:be:c4:df:db:b4:f3:39:0b:54:0e:9d:8a:80:bd:c9:
71:c6:3f:f1:7b:1d:62:07:a8:3f:f1:17:0d:91:69:fe:ca:48:
69:39:e5:8e:2d:23:34:d3:54:aa:9f:4a:62:c9:6a:b4:ec:25:
43:b0:76:8d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECpj5WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ5MjA0Y2E0ZjBlYjRlNTZlMDhlMDk5ZmUzNzg1Y2UwNmZmZWFhMB4XDTIyMDMw
ODEzMTIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk2MjA5MjU0OTRi
YTA5ZDMyNzhlOTk1YjlhYmNhZmM5NWNmNzE2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRwjw03Kdh8malLDnNFIHTT4WEdmz3uMNDPs/lxXHSFRZku
sY2osE53n9LfL39ytBGgTBWOroWUxhlZjNozIl0SsL6Qu2Pcz2bfwAw+PAms/7p9
LVGx5nEnxgHu09yeQD1za0nZ3Fb96PArVWWHLZONCKwXWl7TR9Sp4leOktmYm+tj
wQ7zOGUInsBxiE+cH4Gpz+AXzIH1ntKYcbd9DcXz5GfDxKoKMlr8OiH89/PIE4w/
8YUj1r6GiDQc9RIW4Z8Z0KpvGugeRyZifabOIUXaRAz0T/w7d26FPV7xPq13skYe
NcFo6YV0p1s244eP1MgvoFCOtUC8DQT0eVwLj1ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRJYgklSUugnTJ46ZW5q8r8lc9xZTAfBgNVHSMEGDAWgBSoSSBMpPDrTlbg
jgmf43hc4G/+qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8x
L1NXSUpKVWxMb0oweWVPbVZ1YXZLX0pYUGNXVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0MjhmYS8xL3FFa2dUS1R3NjA1
VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEArmg5AMEAbncpgMEALni5wMEArno
hDANBgkqhkiG9w0BAQsFAAOCAQEAjJCvQlbEfaOgx3azbAZc+Dj73n/0qUH47kjm
zIaE5gA6dpGYkSWJS1fytdd+OLMeNuBC7kWC917tt9akfojMIhNiyMuRfsauNY9b
Kp2QpYAj6TGwXBrgc/ByXoPG4yWrYxXdKRI4Xz7m0rTi5+15x7EXoAErIEPYWIm1
oWQac7HSZSC3a5ZzG+6EeFXyizWkymwcT2pqstSq/uxQgtem9/MC6IOKC7P+tq3X
AUsm9JA5o5c/sVDKtXXqsv6qyshOnfEzd7Vz6YN5vsTf27TzOQtUDp2KgL3JccY/
8XsdYgeoP/EXDZFp/spIaTnlji0jNNNUqp9KYslqtOwlQ7B2jQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org