Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0wMFkAnP8uqELb_rBWfhKj90Iq0.roa
File: 0wMFkAnP8uqELb_rBWfhKj90Iq0.roa (raw, json)
Hash identifier: 8cHATJUQBSR0BPNXEaILVrBupaa51bcA9h78or1fU6I=
Subject key identifier: D3:03:05:90:09:CF:F2:EA:84:2D:BF:EB:05:67:E1:2A:3F:74:22:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018659243EF140CD10EB148E1D7AF9660CD9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0wMFkAnP8uqELb_rBWfhKj90Iq0.roa
Signing time: Thu 16 Feb 2023 07:33:12 +0000
ROA not before: Thu 16 Feb 2023 07:33:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 185.216.70.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
45.128.96.0/22 maxlen: 24
85.31.47.0/24 maxlen: 24
45.139.107.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:24:3e:f1:40:cd:10:eb:14:8e:1d:7a:f9:66:0c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 16 07:33:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d303059009cff2ea842dbfeb0567e12a3f7422ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:54:8f:87:fb:db:60:e1:b9:ea:bd:3b:80:
3a:d5:a4:8c:f7:5a:44:bb:8e:40:f2:4f:71:d0:55:
82:2a:9f:aa:d7:24:d9:15:ea:b3:e7:fc:27:97:86:
0f:1c:c7:de:c1:05:c5:55:da:e5:fa:5c:b0:78:50:
fd:7e:cc:fb:6b:ae:60:cb:93:7f:ae:ae:ec:0a:42:
07:c7:64:7b:77:da:d5:c8:04:47:4b:cb:cd:83:92:
f5:24:91:e8:47:49:1c:b4:c2:9f:db:6e:68:f0:31:
00:bc:16:f7:f3:4c:ff:1c:cb:00:ac:cc:4c:16:1b:
4b:48:5b:ae:f0:75:07:4d:e6:8a:1b:6c:a9:06:79:
78:78:1b:2e:a0:16:69:6d:1f:31:08:84:a2:26:13:
0d:6b:7a:02:9b:bb:a6:1e:09:47:01:68:15:e2:f1:
f7:1d:74:fe:89:3f:d0:d8:a7:5e:0b:b1:0f:76:35:
50:84:b4:ef:56:1f:c2:f9:a0:7c:75:62:88:b5:ed:
ad:71:40:4f:00:b3:37:09:19:b6:ca:3e:ca:2f:08:
bd:c3:bd:1c:18:0f:77:66:be:64:c6:6c:81:1e:5c:
cf:fa:2f:32:a8:e0:83:3c:c8:10:7d:18:0d:54:90:
e9:e1:6d:ee:dd:95:a5:db:2e:1e:54:1c:7c:2f:34:
63:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:03:05:90:09:CF:F2:EA:84:2D:BF:EB:05:67:E1:2A:3F:74:22:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0wMFkAnP8uqELb_rBWfhKj90Iq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.128.96.0/22
45.139.107.0/24
85.31.47.0/24
94.154.172.0/24
178.215.239.0/24
185.216.70.0/24
193.35.19.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
14:0e:3b:e1:d1:08:22:7c:a6:5d:54:74:86:55:84:aa:52:bf:
07:9c:23:96:2e:21:c8:49:e9:c7:d2:08:ac:c5:22:a9:71:e2:
57:3a:37:ec:4e:fa:52:db:bd:96:9c:6e:6c:c0:4b:97:85:78:
b2:6a:5e:1c:4c:22:ac:d2:cf:6b:01:fb:e4:87:a4:f9:f2:57:
37:af:84:9c:f9:bf:96:d8:0c:09:11:e3:03:bb:87:6a:e0:90:
62:2f:b0:2f:2f:68:4b:77:d5:69:d8:42:31:a3:d2:7e:03:c3:
e7:09:a0:59:a5:67:90:f8:e2:69:d8:90:9c:b7:e2:62:58:94:
ff:91:42:1f:96:7c:2f:3f:72:90:b2:dd:e1:d1:76:50:6d:ce:
d8:1d:c2:4c:e7:1b:f2:e4:e0:c8:71:31:78:05:fe:33:cc:c2:
c5:d2:13:fd:54:b6:c7:b9:28:d8:b7:1d:fe:cc:25:44:4d:db:
51:5e:50:80:78:ec:f3:2f:0d:5e:ea:70:c6:da:1f:ba:47:ce:
0b:06:cc:65:de:0c:7a:c5:86:81:04:9a:ae:3b:a0:2a:b2:d8:
9c:41:60:89:bc:32:28:c1:bb:6d:ca:db:77:c3:8b:3a:24:be:
8a:67:e6:6e:19:80:12:ce:d6:99:c8:ab:34:03:fd:cf:40:f9:
c4:b6:31:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYZZJD7xQM0Q6xSOHXr5ZgzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE2MDczMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzAzMDU5MDA5Y2ZmMmVhODQyZGJmZWIwNTY3ZTEyYTNmNzQyMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpRUj4f722Dhueq9O4A61aSM91pE
u45A8k9x0FWCKp+q1yTZFeqz5/wnl4YPHMfewQXFVdrl+lyweFD9fsz7a65gy5N/
rq7sCkIHx2R7d9rVyARHS8vNg5L1JJHoR0kctMKf225o8DEAvBb380z/HMsArMxM
FhtLSFuu8HUHTeaKG2ypBnl4eBsuoBZpbR8xCISiJhMNa3oCm7umHglHAWgV4vH3
HXT+iT/Q2KdeC7EPdjVQhLTvVh/C+aB8dWKIte2tcUBPALM3CRm2yj7KLwi9w70c
GA93Zr5kxmyBHlzP+i8yqOCDPMgQfRgNVJDp4W3u3ZWl2y4eVBx8LzRj+QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNMDBZAJz/LqhC2/6wVn4So/dCKtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMHdNRmtBblA4dXFFTGJfckJXZmhLajkwSXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVRZAwQC
LYBgAwQALYtrAwQAVR8vAwQAXpqsAwQAstfvAwQAudhGAwQAwSMTAwQAwjfgMA0G
CSqGSIb3DQEBCwUAA4IBAQAUDjvh0QgifKZdVHSGVYSqUr8HnCOWLiHISenH0gis
xSKpceJXOjfsTvpS272WnG5swEuXhXiyal4cTCKs0s9rAfvkh6T58lc3r4Sc+b+W
2AwJEeMDu4dq4JBiL7AvL2hLd9Vp2EIxo9J+A8PnCaBZpWeQ+OJp2JCct+JiWJT/
kUIflnwvP3KQst3h0XZQbc7YHcJM5xvy5ODIcTF4Bf4zzMLF0hP9VLbHuSjYtx3+
zCVETdtRXlCAeOzzLw1e6nDG2h+6R84LBsxl3gx6xYaBBJquO6AqsticQWCJvDIo
wbttytt3w4s6JL6KZ+ZuGYASztaZyKs0A/3PQPnEtjH4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org