Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lMgBf0t3vmGohFhItF9ENVq9BI.roa
File: 1lMgBf0t3vmGohFhItF9ENVq9BI.roa (raw, json)
Hash identifier: HPFAFTCiLmWnXdSUEBwtgGNFwG69pL6xYw5K0hqapVk=
Subject key identifier: D6:53:20:05:FD:2D:DE:F9:86:A2:11:61:22:D1:7D:10:D5:6A:F4:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1EEC99A4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lMgBf0t3vmGohFhItF9ENVq9BI.roa
Signing time: Tue 07 Jun 2022 14:49:04 +0000
ROA not before: Tue 07 Jun 2022 14:49:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 518822308 (0x1eec99a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 7 14:49:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6532005fd2ddef986a2116122d17d10d56af412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:f5:ec:b5:57:54:0e:87:3b:55:f1:f8:9a:
e7:2a:86:bc:3f:ec:8e:23:53:2a:15:54:02:86:fc:
94:89:c1:3c:ad:6d:00:91:a9:d2:17:37:fd:e2:dc:
d0:ca:a9:c8:67:8b:fd:ed:e8:40:75:a4:97:6e:55:
b1:c5:a3:d0:d2:b5:b0:4d:fd:17:d3:00:2b:4a:d5:
6a:4c:ea:62:a2:1d:83:1f:1f:d3:72:0c:dd:b1:ab:
ab:ed:84:a0:83:10:f1:46:a5:65:4a:0c:fb:98:5a:
64:23:70:3f:ee:f1:df:ac:ac:e4:d7:3f:9d:a1:b5:
12:59:21:47:ca:08:55:3f:50:3a:88:60:52:6e:55:
e7:8f:dd:58:17:49:22:5e:11:34:aa:a0:b7:52:3a:
ad:41:1d:45:b9:b9:f0:47:73:a9:a3:07:da:c8:67:
6a:78:35:ab:53:a4:a5:ab:27:89:1f:b4:71:17:d4:
55:9b:8a:32:8c:75:b8:0d:29:39:15:1e:12:0e:6f:
55:b3:96:72:f0:79:f4:8f:b7:95:63:25:44:78:ed:
5e:6b:2e:b5:54:61:d3:56:98:42:7a:eb:9b:d6:c2:
47:de:0a:f4:16:55:3d:f3:70:ec:f5:f8:09:fb:04:
50:93:09:d3:52:ad:e8:0a:c8:26:90:62:bb:78:fe:
c7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:53:20:05:FD:2D:DE:F9:86:A2:11:61:22:D1:7D:10:D5:6A:F4:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lMgBf0t3vmGohFhItF9ENVq9BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0-79.110.50.255
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
94.154.172.0/24
178.215.224.0/22
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.47.0/24
193.47.62.0/23
194.48.248.0/24
194.48.251.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
16:db:de:e9:d1:88:12:02:09:b5:cc:8a:1a:8a:83:b3:75:2b:
b1:98:1f:9d:86:5c:52:a0:76:c4:d1:a0:cf:03:f3:64:cb:5d:
be:a0:61:97:11:22:d7:8d:86:69:c2:08:aa:49:aa:c5:2d:81:
eb:87:1f:42:16:e1:72:7c:fb:00:b6:61:38:56:57:89:d6:ce:
07:91:1c:b4:f8:a5:19:72:ea:fb:c6:12:db:71:42:8d:61:33:
39:89:83:71:50:3c:ea:5e:37:b4:44:3d:c3:6d:46:e0:70:12:
86:85:95:bd:53:98:81:e9:a9:4c:45:b2:7d:ef:33:67:22:5b:
c3:cc:7f:e6:45:9d:66:31:3b:33:66:cf:2d:6f:46:d1:b6:02:
79:3f:43:97:4c:2e:91:27:6f:db:89:c2:45:54:0a:ea:15:d3:
d3:79:7f:bc:f4:ff:b1:7b:dc:79:f9:62:88:2c:35:d5:7e:5a:
9d:9f:10:45:fa:2f:f2:c3:8f:27:ea:63:bd:61:ef:c7:e9:37:
6b:bc:1a:2a:5c:6b:87:15:cb:12:60:00:8d:27:4b:af:48:49:
ff:1a:48:21:9a:00:c9:14:3a:77:db:67:9d:e0:16:8f:59:0b:
1a:42:92:d9:e9:4a:39:49:d4:ed:d9:30:1e:79:ce:bc:d7:90:
08:47:76:50
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEHuyZpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYw
NzE0NDkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY1MzIwMDVmZDJk
ZGVmOTg2YTIxMTYxMjJkMTdkMTBkNTZhZjQxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC69ey1V1QOhztV8fia5yqGvD/sjiNTKhVUAob8lInBPK1t
AJGp0hc3/eLc0MqpyGeL/e3oQHWkl25VscWj0NK1sE39F9MAK0rVakzqYqIdgx8f
03IM3bGrq+2EoIMQ8UalZUoM+5haZCNwP+7x36ys5Nc/naG1ElkhR8oIVT9QOohg
Um5V54/dWBdJIl4RNKqgt1I6rUEdRbm58EdzqaMH2shnang1q1OkpasniR+0cRfU
VZuKMox1uA0pORUeEg5vVbOWcvB59I+3lWMlRHjtXmsutVRh01aYQnrrm9bCR94K
9BZVPfNw7PX4CfsEUJMJ01Kt6ArIJpBiu3j+x9ECAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBTWUyAF/S3e+YaiEWEi0X0Q1Wr0EjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzFsTWdCZjB0M3ZtR29oRmhJdEY5RU5WcTlCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAEli4IwDAMEBE9uMAMEAE9uMgME
AFBMMwMEAlPbYAMEAFd4VAMEAFd4VwMEAF6arAMEArLX4AMEALLX7wMEALnYRAME
ALnaiwMEALn8sAMEAMEjEgMEAMElLwMEAcEvPgMEAMIw+AMEAMIw+wMEAMK0MjAN
BgkqhkiG9w0BAQsFAAOCAQEAFtve6dGIEgIJtcyKGoqDs3UrsZgfnYZcUqB2xNGg
zwPzZMtdvqBhlxEi142GacIIqkmqxS2B64cfQhbhcnz7ALZhOFZXidbOB5EctPil
GXLq+8YS23FCjWEzOYmDcVA86l43tEQ9w21G4HAShoWVvVOYgempTEWyfe8zZyJb
w8x/5kWdZjE7M2bPLW9G0bYCeT9Dl0wukSdv24nCRVQK6hXT03l/vPT/sXvcefli
iCw11X5anZ8QRfov8sOPJ+pjvWHvx+k3a7waKlxrhxXLEmAAjSdLr0hJ/xpIIZoA
yRQ6d9tnneAWj1kLGkKS2elKOUnU7dkwHnnOvNeQCEd2UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org