Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-WOVCHKvosillq3nhA49C8aUaLo.roa
File: 1-WOVCHKvosillq3nhA49C8aUaLo.roa (raw, json)
Hash identifier: aS/UvKi7E/GT1gCgkaKqvlFtDMpnFolZmjd0tIv7g0s=
Subject key identifier: F9:63:95:08:72:AF:A2:C8:A5:96:AD:E7:84:0E:3D:0B:C6:94:68:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018949874EA55F0C7A62E696CE08A16955CE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-WOVCHKvosillq3nhA49C8aUaLo.roa
Signing time: Wed 12 Jul 2023 09:55:51 +0000
ROA not before: Wed 12 Jul 2023 09:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 194.169.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:87:4e:a5:5f:0c:7a:62:e6:96:ce:08:a1:69:55:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 12 09:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f963950872afa2c8a596ade7840e3d0bc69468ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6e:6a:60:d8:8b:7b:ab:5e:ad:3a:1b:86:12:
2b:a4:0f:fb:c6:30:5c:bf:b8:b8:d7:00:1e:0e:b0:
b1:5e:fe:20:57:65:92:ad:a3:75:09:1c:65:1b:91:
a5:b6:94:0a:dd:a5:f2:b8:ab:52:ac:b8:84:d0:d6:
d6:4b:ab:c3:b2:f5:ca:e7:4e:13:44:4e:b5:56:c7:
81:86:fb:e4:27:77:d5:39:92:9a:af:89:8f:5e:81:
89:65:af:9b:07:ba:a2:0f:ce:df:fa:05:d3:7a:01:
69:60:4f:4c:d2:c5:a5:b2:a5:3f:2a:62:3b:25:6b:
3d:7f:13:7f:e3:82:2c:ec:08:ad:01:23:68:51:31:
7b:d9:a4:42:8a:c8:90:8e:c2:65:cb:cb:1c:4f:c4:
53:7a:3a:b1:58:36:31:30:43:d0:9e:e4:05:e6:81:
a6:ef:f1:5e:ff:77:cb:7c:ef:fd:8f:19:8d:ca:fb:
31:eb:a6:38:d6:2c:8f:72:b9:09:24:74:57:13:51:
00:d1:8c:23:e3:ef:cd:88:06:dc:8b:4d:c2:b4:1d:
a2:fb:ef:23:75:76:c9:9d:c4:76:2a:dd:20:2a:96:
16:74:9f:46:b4:f3:68:16:b9:d9:18:c3:76:66:4f:
7d:a4:bb:b0:91:cf:a3:da:37:c0:6e:26:aa:59:2c:
d8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:63:95:08:72:AF:A2:C8:A5:96:AD:E7:84:0E:3D:0B:C6:94:68:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-WOVCHKvosillq3nhA49C8aUaLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.8.93.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
45.149.233.0/24
84.54.49.0/24
92.119.198.0/24
92.249.50.0/24
94.103.125.0/24
94.154.162.0/24
109.206.239.0/24
141.98.7.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/23
185.222.160.0-185.222.162.255
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.49.87.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:60:e3:ce:67:e6:be:95:9d:a8:3a:18:99:5b:94:73:af:23:
f7:c3:fc:c0:5f:29:2b:f2:39:f5:13:54:e9:fb:5d:ca:be:45:
95:63:2b:13:e8:02:d3:16:e5:37:10:f1:c4:9a:6f:e6:71:bc:
d5:ee:66:40:ff:a4:c9:18:2c:c5:cf:51:65:96:c8:4a:4f:6b:
ad:69:53:08:0d:fe:11:55:7a:61:65:e6:98:0a:05:0d:2b:97:
85:bb:2a:29:b2:59:80:bf:c0:84:eb:12:3c:c7:a5:a5:2e:c6:
c3:77:12:da:69:f9:02:7e:a0:70:a1:ab:7b:96:2c:28:79:dd:
51:77:c9:e6:3a:b0:ce:e9:b4:74:8e:51:43:8f:41:ff:be:2d:
d1:fe:11:0e:ac:36:15:47:c8:35:22:52:a8:88:92:de:55:48:
17:88:64:94:2c:5c:d3:45:97:6c:fc:42:9a:88:95:d4:f5:60:
dd:43:24:8c:de:60:e2:bf:dd:c2:df:03:a9:b5:45:e3:e5:d5:
81:a6:bc:12:c5:2c:a8:af:97:36:b6:56:2a:44:98:3e:1f:78:
9c:de:a5:3b:32:ad:55:a2:0f:66:22:70:c4:44:ef:41:0b:bf:
79:70:a5:11:df:78:43:95:32:3a:4e:bc:ef:bf:e9:12:ba:9e:
0f:04:e0:02
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYlJh06lXwx6YuaWzgihaVXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzEyMDk1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYzOTUwODcyYWZhMmM4YTU5NmFkZTc4NDBlM2QwYmM2OTQ2OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW5qYNiLe6terTobhhIrpA/7xjBc
v7i41wAeDrCxXv4gV2WSraN1CRxlG5GltpQK3aXyuKtSrLiE0NbWS6vDsvXK504T
RE61VseBhvvkJ3fVOZKar4mPXoGJZa+bB7qiD87f+gXTegFpYE9M0sWlsqU/KmI7
JWs9fxN/44Is7AitASNoUTF72aRCisiQjsJly8scT8RTejqxWDYxMEPQnuQF5oGm
7/Fe/3fLfO/9jxmNyvsx66Y41iyPcrkJJHRXE1EA0Ywj4+/NiAbci03CtB2i++8j
dXbJncR2Kt0gKpYWdJ9GtPNoFrnZGMN2Zk99pLuwkc+j2jfAbiaqWSzYOwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFPljlQhyr6LIpZat54QOPQvGlGi6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1XT1ZDSEt2b3NpbGxxM25oQTQ5QzhhVWFMby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB2QYIKwYBBQUHAQcBAf8EgckwgcYwgcMEAgABMIG8AwQA
Ajv9AwQALQhdAwQALVRbAwQALVhAAwQALVhbAwQALZXpAwQAVDYxAwQAXHfGAwQA
XPkyAwQAXmd9AwQAXpqiAwQAbc7vAwQAjWIHAwQAstfhAwQAstfjAwQBstfsMAwD
BAW53qADBAC53qIDBADBGdkDBADBJSgDBADBJSoDBADBJSwDBADB3mEDBADB3mMD
BADCH80DBADCMPgDBADCMVcDBADCN7sDBADCN+EDBADCqawDBADCtCYwDQYJKoZI
hvcNAQELBQADggEBALZg485n5r6Vnag6GJlblHOvI/fD/MBfKSvyOfUTVOn7Xcq+
RZVjKxPoAtMW5TcQ8cSab+ZxvNXuZkD/pMkYLMXPUWWWyEpPa61pUwgN/hFVemFl
5pgKBQ0rl4W7KimyWYC/wITrEjzHpaUuxsN3Etpp+QJ+oHChq3uWLCh53VF3yeY6
sM7ptHSOUUOPQf++LdH+EQ6sNhVHyDUiUqiIkt5VSBeIZJQsXNNFl2z8QpqIldT1
YN1DJIzeYOK/3cLfA6m1RePl1YGmvBLFLKivlza2VipEmD4feJzepTsyrVWiD2Yi
cMRE70ELv3lwpRHfeEOVMjpOvO+/6RK6ng8E4AI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org