Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-f1a6IPDDoyT0xOZLnTJdAo9zJw.roa
File: 1-f1a6IPDDoyT0xOZLnTJdAo9zJw.roa (raw, json)
Hash identifier: rge/7OOSlF8e4tByvAKrXF+4n7EU74BOouSH+fmZU6o=
Subject key identifier: F9:FD:5A:E8:83:C3:0E:8C:93:D3:13:99:2E:74:C9:74:0A:3D:CC:9C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81D73BF2D756636FB5A933D511A420
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-f1a6IPDDoyT0xOZLnTJdAo9zJw.roa
Signing time: Sun 01 Jan 2023 13:25:03 +0000
ROA not before: Sun 01 Jan 2023 13:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20454
IP address blocks: 81.161.237.0/24 maxlen: 24
94.103.124.0/23 maxlen: 24
87.121.58.0/24 maxlen: 24
93.123.81.0/24 maxlen: 24
83.219.98.0/23 maxlen: 24
87.120.5.0/24 maxlen: 24
176.125.252.0/22 maxlen: 24
94.156.182.0/23 maxlen: 24
194.55.184.0/24 maxlen: 24
94.154.174.0/23 maxlen: 24
194.59.30.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:d7:3b:f2:d7:56:63:6f:b5:a9:33:d5:11:a4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9fd5ae883c30e8c93d313992e74c9740a3dcc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:78:36:39:e7:ed:7d:c8:cd:c8:49:be:37:fb:
72:42:52:5a:64:a5:b7:96:2e:bf:a2:58:f9:29:11:
29:56:37:fe:c1:86:ec:ed:8d:ca:e5:c0:8c:62:28:
2e:76:f1:4e:e6:e8:13:63:b7:8b:c7:7b:dd:43:a1:
b6:fb:5b:b3:8a:22:91:70:26:20:c7:4d:98:02:a1:
2d:7f:64:2e:17:d7:8d:35:70:58:3c:47:ca:95:70:
0f:99:9c:2e:8f:74:a1:8d:c3:b3:8c:17:ba:33:96:
96:37:3b:d2:8d:b9:b1:6e:8f:49:5c:ee:91:cf:78:
f2:90:92:bf:98:ae:7a:e4:25:cd:e7:db:ad:92:39:
c9:e6:2f:23:9e:cd:a1:69:c4:62:8d:8a:49:17:67:
fe:52:22:78:66:ae:44:70:5b:8d:2b:3d:96:c0:b3:
58:20:df:a0:bc:8a:43:48:9f:12:e1:a3:fe:49:e6:
be:6d:42:77:d4:5a:07:2c:f0:8c:65:3f:d8:8a:50:
fa:92:22:d4:db:cf:68:a4:d5:6b:5d:eb:57:eb:2d:
bb:0f:df:77:75:45:fe:f0:e7:b7:0c:ba:5c:d2:e6:
ed:2e:a7:93:33:9b:3f:88:72:58:f2:4d:8a:48:32:
1b:e3:6e:c2:bb:00:f7:14:97:2a:24:cf:58:bf:df:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FD:5A:E8:83:C3:0E:8C:93:D3:13:99:2E:74:C9:74:0A:3D:CC:9C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-f1a6IPDDoyT0xOZLnTJdAo9zJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
83.219.98.0/23
87.120.5.0/24
87.121.58.0/24
93.123.81.0/24
94.103.124.0/23
94.154.174.0/23
94.156.182.0/23
176.125.252.0/22
194.55.184.0/24
194.59.30.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:fb:cc:43:ef:b6:b2:d7:68:d4:8e:0c:99:69:ce:bf:2f:1c:
a4:20:77:8e:d2:9c:e5:12:58:21:32:93:d1:8b:63:86:e3:0e:
5d:d6:a9:8a:d6:97:a9:54:8b:fd:96:44:ae:b2:3a:2a:38:4b:
26:c0:b1:01:7f:01:29:4c:95:27:83:e4:17:de:25:6d:69:94:
12:1c:1f:25:55:dc:89:84:ec:da:01:a5:4b:be:c5:91:1e:18:
8d:18:0a:53:5c:8e:e8:51:bb:3c:b8:b3:5a:3f:13:25:37:87:
8c:21:4f:ae:ab:24:61:14:f5:5d:e4:8f:30:59:cb:26:dc:aa:
df:f0:2a:97:72:0b:b4:6f:d2:f3:d9:ab:26:78:80:1c:dd:85:
2a:06:5a:0e:9b:8d:06:96:c4:10:91:09:fc:12:e4:81:78:09:
8a:8f:60:a2:cd:7f:2f:dc:88:22:c9:ce:0c:33:2b:47:c6:b0:
bc:a9:fd:28:55:c6:06:fb:c1:f8:27:90:71:89:0a:7d:c6:27:
00:76:73:fa:e5:10:96:6f:02:e9:c1:d5:e0:cf:93:fd:61:72:
ce:3b:b0:4d:81:56:fb:61:4f:d3:77:57:4f:46:1e:50:1c:9e:
5c:c1:ed:54:21:b7:e4:e5:60:26:ed:35:c8:d0:90:5a:97:34:
b2:f5:12:c0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVtgdc78tdWY2+1qTPVEaQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZkNWFlODgzYzMwZThjOTNkMzEzOTkyZTc0Yzk3NDBhM2RjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXg2OeftfcjNyEm+N/tyQlJaZKW3
li6/olj5KREpVjf+wYbs7Y3K5cCMYigudvFO5ugTY7eLx3vdQ6G2+1uziiKRcCYg
x02YAqEtf2QuF9eNNXBYPEfKlXAPmZwuj3ShjcOzjBe6M5aWNzvSjbmxbo9JXO6R
z3jykJK/mK565CXN59utkjnJ5i8jns2hacRijYpJF2f+UiJ4Zq5EcFuNKz2WwLNY
IN+gvIpDSJ8S4aP+Sea+bUJ31FoHLPCMZT/YilD6kiLU289opNVrXetX6y27D993
dUX+8Oe3DLpc0ubtLqeTM5s/iHJY8k2KSDIb427CuwD3FJcqJM9Yv98CkQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFPn9WuiDww6Mk9MTmS50yXQKPcycMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1mMWE2SVBERG95VDB4T1pMblRKZEFvOXpKdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAFGh7QME
AVPbYgMEAFd4BQMEAFd5OgMEAF17UQMEAV5nfAMEAV6argMEAV6ctgMEArB9/AME
AMI3uAMEAcI7HjANBgkqhkiG9w0BAQsFAAOCAQEADvvMQ++2stdo1I4MmWnOvy8c
pCB3jtKc5RJYITKT0YtjhuMOXdapitaXqVSL/ZZErrI6KjhLJsCxAX8BKUyVJ4Pk
F94lbWmUEhwfJVXciYTs2gGlS77FkR4YjRgKU1yO6FG7PLizWj8TJTeHjCFPrqsk
YRT1XeSPMFnLJtyq3/Aql3ILtG/S89mrJniAHN2FKgZaDpuNBpbEEJEJ/BLkgXgJ
io9gos1/L9yIIsnODDMrR8awvKn9KFXGBvvB+CeQcYkKfcYnAHZz+uUQlm8C6cHV
4M+T/WFyzjuwTYFW+2FP03dXT0YeUByeXMHtVCG35OVgJu01yNCQWpc0svUSwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org