Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa
File: 1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa (raw, json)
Hash identifier: PVKAPRVh+3pI2lYnW0iiSlRC9Ef8AUh7Mgap6OmigXc=
Subject key identifier: F8:FA:E8:41:82:86:0D:0F:0E:02:32:75:0E:51:B2:11:07:09:32:E5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018832BB94FE4782815C4C0DEAB924DDD75C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa
Signing time: Fri 19 May 2023 06:38:54 +0000
ROA not before: Fri 19 May 2023 06:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.209.132.0/24 maxlen: 24
83.143.112.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:bb:94:fe:47:82:81:5c:4c:0d:ea:b9:24:dd:d7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 06:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8fae84182860d0f0e0232750e51b211070932e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:af:bc:71:80:40:ea:ee:11:4c:c5:2f:05:
2d:9e:a1:80:ad:53:d2:5d:10:3c:7d:82:06:f5:ac:
37:6d:73:cc:6a:16:46:e2:a3:12:f5:f3:37:5f:3b:
a9:81:27:ba:9f:d4:4a:70:98:83:f8:91:ec:bb:46:
3b:db:17:47:a5:5b:3f:88:6f:63:cf:c0:9b:2c:15:
fc:41:a8:b5:6a:5e:6b:38:50:ca:31:28:39:33:09:
6d:e1:85:2f:ea:ce:c5:84:d2:a2:82:9f:10:71:2c:
eb:1f:97:e5:3e:1f:6c:8b:13:ba:0c:a1:76:34:05:
f2:8d:b3:1d:18:a5:02:a2:6a:dd:98:55:d5:ba:08:
3d:3e:7c:0c:ca:60:6e:19:1c:4b:9c:91:87:92:e4:
07:67:28:0e:a5:77:75:76:eb:0d:a7:93:6f:97:13:
e4:26:6e:99:75:3f:90:36:7c:f1:a0:18:e1:38:b2:
2a:0a:0b:df:70:72:9a:6a:bb:01:09:73:9c:5b:13:
fa:c6:b0:5c:08:f4:1f:dc:40:9d:45:65:09:ac:7b:
ad:0a:cc:86:69:02:ad:2b:2e:5c:11:61:46:59:23:
90:d1:5e:fc:18:14:d1:ea:a9:7d:e5:94:38:b7:b3:
35:ec:8f:17:50:a0:b8:dc:a1:48:ee:40:47:73:3c:
1d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FA:E8:41:82:86:0D:0F:0E:02:32:75:0E:51:B2:11:07:09:32:E5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.112.0/23
85.209.132.0/24
87.121.69.0/24
87.121.105.0/24
94.156.78.0/24
176.125.252.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
Signature Algorithm: sha256WithRSAEncryption
87:31:3e:5a:ab:37:48:11:90:52:3d:7d:8a:8a:3b:8d:06:64:
a5:54:aa:ae:33:6e:42:ed:d4:b6:20:51:2a:89:f9:84:47:5b:
9c:44:4f:76:e0:97:67:54:53:04:1f:dd:b3:d8:f4:0c:70:7e:
26:e4:e7:5d:57:14:ea:c9:2b:6a:cc:ae:84:4a:40:65:da:95:
98:ab:4e:06:5d:7f:83:1c:65:a2:6c:d2:54:92:c9:3b:83:11:
14:dd:73:f9:80:17:09:cc:7c:87:a6:45:4b:7c:99:94:63:8a:
24:0f:d5:f4:62:08:95:0a:2c:d5:80:a9:58:47:57:81:d7:a5:
3e:3c:2a:36:7d:8e:6e:ba:18:ba:e0:68:d5:1d:ed:f4:b0:5c:
41:9f:b8:79:ff:76:ae:dc:a7:f5:70:27:66:8d:80:bb:4a:4c:
06:fc:b1:b2:da:a5:7f:12:5f:d4:d3:74:df:5f:a4:eb:1d:d5:
29:72:71:0a:e7:13:47:c8:48:b4:e2:69:a2:26:b3:1b:fb:a4:
68:6b:ae:50:6e:b3:63:2c:5e:3b:77:49:3b:e4:a5:e1:9a:92:
f6:f9:f3:ea:a1:8b:7a:86:d0:19:02:ce:71:7b:e8:8d:ad:6d:
0e:b0:00:1c:49:87:97:11:0e:6e:18:50:cd:91:23:5a:ae:ac:
94:46:6a:c0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYgyu5T+R4KBXEwN6rkk3ddcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDYzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZhZTg0MTgyODYwZDBmMGUwMjMyNzUwZTUxYjIxMTA3MDkzMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWqvvHGAQOruEUzFLwUtnqGArVPS
XRA8fYIG9aw3bXPMahZG4qMS9fM3XzupgSe6n9RKcJiD+JHsu0Y72xdHpVs/iG9j
z8CbLBX8Qai1al5rOFDKMSg5Mwlt4YUv6s7FhNKigp8QcSzrH5flPh9sixO6DKF2
NAXyjbMdGKUComrdmFXVugg9PnwMymBuGRxLnJGHkuQHZygOpXd1dusNp5NvlxPk
Jm6ZdT+QNnzxoBjhOLIqCgvfcHKaarsBCXOcWxP6xrBcCPQf3ECdRWUJrHutCsyG
aQKtKy5cEWFGWSOQ0V78GBTR6ql95ZQ4t7M17I8XUKC43KFI7kBHczwdcQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPj66EGChg0PDgIydQ5RshEHCTLlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1Qcm9RWUtHRFE4T0FqSjFEbEd5RVFjSk11VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAVOPcAME
AFXRhAMEAFd5RQMEAFd5aQMEAF6cTgMEALB9/AMEAMEqIgMEAMEvPAMEAMEvPzAN
BgkqhkiG9w0BAQsFAAOCAQEAhzE+Wqs3SBGQUj19ioo7jQZkpVSqrjNuQu3UtiBR
Kon5hEdbnERPduCXZ1RTBB/ds9j0DHB+JuTnXVcU6skrasyuhEpAZdqVmKtOBl1/
gxxlomzSVJLJO4MRFN1z+YAXCcx8h6ZFS3yZlGOKJA/V9GIIlQos1YCpWEdXgdel
PjwqNn2ObroYuuBo1R3t9LBcQZ+4ef92rtyn9XAnZo2Au0pMBvyxstqlfxJf1NN0
31+k6x3VKXJxCucTR8hItOJpoiazG/ukaGuuUG6zYyxeO3dJO+Sl4ZqS9vnz6qGL
eobQGQLOcXvoja1tDrAAHEmHlxEObhhQzZEjWq6slEZqwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:55 2024 by rpki-client on console-fra.rpki-client.org