Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-QXEjxj4pHkKwlwo5zB4IhS6DQc.roa
File: 1-QXEjxj4pHkKwlwo5zB4IhS6DQc.roa (raw, json)
Hash identifier: AA9XXpEUW+emt+a4B/GNY6GZwrQxsz+KY20Ho08rGhg=
Subject key identifier: F9:05:C4:8F:18:F8:A4:79:0A:C2:5C:28:E7:30:78:22:14:BA:0D:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F3CE6DD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-QXEjxj4pHkKwlwo5zB4IhS6DQc.roa
Signing time: Fri 24 Jun 2022 14:45:10 +0000
ROA not before: Fri 24 Jun 2022 14:45:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.175.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.60.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 524084957 (0x1f3ce6dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 24 14:45:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f905c48f18f8a4790ac25c28e730782214ba0d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c5:70:a8:e0:4f:d6:4c:28:e3:1b:a4:91:cf:
18:b1:a2:c0:32:55:55:bf:ba:6c:99:f5:63:b7:dc:
0a:c1:8b:12:75:9d:06:4c:be:f9:95:dd:4d:8c:f9:
b8:8d:6e:fc:d9:56:15:22:37:2b:d8:d3:70:54:63:
d5:cd:42:99:9b:41:f9:c2:bf:47:7f:fa:b3:9c:df:
61:c3:a7:c7:f2:d1:fb:7e:86:0e:bd:ca:7d:18:61:
6f:d3:4a:e3:64:39:01:7f:b6:fb:da:c5:ce:a1:27:
71:98:df:88:93:69:a4:82:d1:81:21:70:2f:8c:58:
86:e8:26:dc:98:18:15:b7:1e:32:b2:54:85:49:b3:
6e:49:07:e1:3e:75:6f:2c:28:57:f5:40:25:76:0c:
d6:c2:32:38:4b:33:89:f9:ce:11:c3:1b:23:f8:fb:
84:e2:c4:19:03:ae:d7:73:39:f5:2a:05:13:f2:60:
ad:76:74:76:6c:cf:4a:1d:9c:5e:b1:df:2a:6e:95:
64:6e:1e:e3:db:3d:ce:16:92:23:81:d0:36:f2:47:
60:3d:ab:f2:4b:77:77:9e:53:dd:48:91:f6:1a:4e:
3f:74:4a:ef:02:90:2f:d0:0a:ea:eb:8d:02:ed:1a:
6b:24:02:bc:f8:f4:13:07:18:71:0a:b7:d2:e9:ff:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:05:C4:8F:18:F8:A4:79:0A:C2:5C:28:E7:30:78:22:14:BA:0D:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-QXEjxj4pHkKwlwo5zB4IhS6DQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
79.110.60.0/23
79.110.63.0/24
80.76.48.0/23
83.219.97.0-83.219.98.255
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
94.154.174.0/23
109.206.239.0/24
178.215.224.0/22
178.215.236.0/22
185.216.69.0/24
185.218.136.0/23
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.42.0/24
193.37.44.0/24
193.37.47.0/24
193.47.62.0/23
193.222.96.0-193.222.98.255
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
23:35:fb:4b:5f:b6:ef:92:5e:c3:9b:ed:6d:b0:7f:f8:9d:fc:
9c:9e:bd:b1:0c:72:af:ee:87:2d:10:59:68:6c:ba:0a:76:8e:
f4:39:12:23:55:8f:cb:71:78:74:2a:e9:45:07:d5:d4:ea:0f:
e0:f7:85:68:d6:4e:02:e1:71:ec:d1:36:97:d4:b5:2e:cd:e0:
ad:d2:6f:89:61:4e:94:f5:7b:c1:42:e0:87:5a:99:ff:25:77:
fd:7d:63:0d:12:d0:0b:21:36:c0:0e:76:77:3b:18:85:f0:9d:
e9:a5:38:fd:3f:6d:8f:27:fc:10:3b:49:7a:82:49:1d:b0:e8:
fa:b7:b1:33:61:16:17:91:c8:06:a9:cd:53:c8:a0:41:99:b1:
c1:36:a1:27:be:08:17:ba:e2:f6:6c:1f:db:6b:eb:c2:d6:98:
af:73:0d:fa:8d:7e:ca:83:bc:36:a8:ab:9c:8b:74:e9:9a:74:
46:d4:2f:fb:a4:28:d2:9f:ed:47:f7:fc:38:f7:8e:db:85:5a:
71:e9:be:42:18:15:a8:dc:ab:b1:69:8c:9d:88:90:1a:b2:7b:
eb:26:d6:94:0c:d2:69:83:96:86:b7:00:ed:cd:32:92:4a:54:
25:41:2f:2d:bd:e3:a2:cf:d6:8b:63:a9:84:29:da:06:90:b0:
f4:44:fe:d2
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIEHzzm3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
NDE0NDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkwNWM0OGYxOGY4
YTQ3OTBhYzI1YzI4ZTczMDc4MjIxNGJhMGQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXFcKjgT9ZMKOMbpJHPGLGiwDJVVb+6bJn1Y7fcCsGLEnWd
Bky++ZXdTYz5uI1u/NlWFSI3K9jTcFRj1c1CmZtB+cK/R3/6s5zfYcOnx/LR+36G
Dr3KfRhhb9NK42Q5AX+2+9rFzqEncZjfiJNppILRgSFwL4xYhugm3JgYFbceMrJU
hUmzbkkH4T51bywoV/VAJXYM1sIyOEszifnOEcMbI/j7hOLEGQOu13M59SoFE/Jg
rXZ0dmzPSh2cXrHfKm6VZG4e49s9zhaSI4HQNvJHYD2r8kt3d55T3UiR9hpOP3RK
7wKQL9AK6uuNAu0aayQCvPj0EwcYcQq30un/Z3UCAwEAAaOCAscwggLDMB0GA1Ud
DgQWBBT5BcSPGPikeQrCXCjnMHgiFLoNBzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzEtUVhFanhqNHBIa0t3bHdvNXpCNEloUzZEUWMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAz
LzkxM2EzYS1mNTUwLTQ2ZjAtYWNjNy1jZDNjYTU5NzU3MTIvMS9Jc1NzUGp4RDF3
MEZOSnlCVzZyZE9LMTNYcDAuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gdsGCCsGAQUFBwEHAQH/BIHLMIHIMIHFBAIAATCBvgMEASWLggMEAE9uMAMEAE9u
MgMEAU9uPAMEAE9uPwMEAVBMMDAMAwQAU9thAwQAU9tiAwQAVdmQAwQAV3hUAwQA
V3hXAwQAW1xzAwQAXpqsAwQBXpquAwQAbc7vAwQCstfgAwQCstfsAwQAudhFAwQB
udqIAwQAudqLAwQAufywAwQAwSMSAwQAwSUqAwQAwSUsAwQAwSUvAwQBwS8+MAwD
BAXB3mADBADB3mIDBADCqa8DBADCtDIDBADUV80wDQYJKoZIhvcNAQELBQADggEB
ACM1+0tftu+SXsOb7W2wf/id/JyevbEMcq/uhy0QWWhsugp2jvQ5EiNVj8txeHQq
6UUH1dTqD+D3hWjWTgLhcezRNpfUtS7N4K3Sb4lhTpT1e8FC4Idamf8ld/19Yw0S
0AshNsAOdnc7GIXwnemlOP0/bY8n/BA7SXqCSR2w6Pq3sTNhFheRyAapzVPIoEGZ
scE2oSe+CBe64vZsH9tr68LWmK9zDfqNfsqDvDaoq5yLdOmadEbUL/ukKNKf7Uf3
/Dj3jtuFWnHpvkIYFajcq7FpjJ2IkBqye+sm1pQM0mmDloa3AO3NMpJKVCVBLy29
46LP1otjqYQp2gaQsPRE/tI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org