Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1od4LvUUfSvDggutjYgoFbueqAA.roa
File: 1od4LvUUfSvDggutjYgoFbueqAA.roa (raw, json)
Hash identifier: 985N3GAO5uVxokc6ap9XtqnU7VoadJBNVgmTZxf3UfM=
Subject key identifier: D6:87:78:2E:F5:14:7D:2B:C3:82:0B:AD:8D:88:28:15:BB:9E:A8:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1ED45E02
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1od4LvUUfSvDggutjYgoFbueqAA.roa
Signing time: Wed 01 Jun 2022 06:47:13 +0000
ROA not before: Wed 01 Jun 2022 06:47:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517234178 (0x1ed45e02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 1 06:47:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d687782ef5147d2bc3820bad8d882815bb9ea800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ea:ee:ad:cb:b5:20:02:8b:30:16:39:cb:05:
7f:36:c6:b9:7a:4d:4a:f3:64:e7:ce:aa:ca:69:be:
cb:52:05:80:4d:38:25:6c:16:d2:f1:5a:d4:02:ef:
82:bc:5f:cb:7c:a4:18:06:f5:b1:ea:dc:c1:5e:97:
4d:fb:0b:6f:27:78:37:1c:e2:a8:9f:c8:f0:f3:9f:
5c:6e:7a:e2:3c:a6:38:ca:f1:60:74:22:48:4a:a8:
12:ea:b7:75:f9:6a:6e:f9:8b:de:fd:7b:7a:a3:51:
0f:f6:d0:6f:a4:25:d4:b9:dc:f8:fc:da:c0:5b:e7:
c2:fd:25:ad:87:74:3c:8c:dd:cb:b0:e9:29:e2:91:
72:ae:12:1d:24:62:66:f3:35:4e:e8:75:ae:64:8d:
18:a3:23:0e:fa:78:0e:cc:5b:b9:65:52:eb:b0:72:
10:a9:0b:af:0e:21:63:dd:3a:bd:39:b0:1c:bf:20:
9b:b8:5c:85:b9:b6:96:7a:4b:66:6f:fd:91:98:43:
dc:f5:c2:69:1d:de:14:15:81:d2:ba:44:51:c1:d5:
64:69:bd:0f:61:03:65:9d:64:aa:8a:d6:aa:74:2b:
49:09:47:5b:df:f2:48:95:00:c0:13:10:9d:9d:e4:
ad:5f:5b:ec:75:aa:cd:0a:66:fb:fa:df:19:e1:a8:
65:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:87:78:2E:F5:14:7D:2B:C3:82:0B:AD:8D:88:28:15:BB:9E:A8:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1od4LvUUfSvDggutjYgoFbueqAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0-79.110.50.255
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
94.154.172.0/24
178.215.224.0/22
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.47.0/24
193.47.62.0/23
194.48.248.0/24
194.48.250.0/23
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
84:05:23:b8:c3:20:ed:2d:4a:c1:26:3f:91:4e:09:ed:40:42:
2a:b2:53:75:fe:89:c0:ca:1e:5a:71:bc:cd:04:ac:ef:79:79:
e7:1a:f8:2f:9f:11:c1:02:4e:6e:04:31:00:68:c0:41:c4:79:
90:c3:e8:de:1c:00:d0:a1:27:76:42:9f:58:eb:a0:d7:49:57:
e5:6f:b0:a3:c0:f4:36:d3:e5:d9:36:76:e2:77:11:42:d2:23:
27:f3:c5:2a:97:63:9b:bb:14:ab:1d:22:39:12:2e:36:02:b1:
25:50:8f:2e:3f:8f:93:b9:ec:63:43:ab:fe:c2:14:c1:0a:5d:
09:28:71:13:b2:02:d9:22:10:c5:7f:07:31:1a:58:5b:08:8f:
bb:32:bf:6f:ab:dc:28:6e:d6:7a:33:8f:e5:ec:42:73:bd:0f:
88:54:1a:d6:30:6c:f8:ac:7c:77:58:a9:d3:24:4d:47:76:f5:
3b:c8:57:83:09:d8:a9:02:bd:72:e7:a6:ce:82:8e:e6:32:b7:
84:07:71:cf:cd:c0:90:73:b1:9a:06:56:66:3a:b5:43:9f:cf:
45:02:d9:5f:f0:23:09:4b:49:a4:12:9a:b3:c1:eb:13:d1:a1:
98:1e:9a:be:0f:f8:6e:53:3b:8a:30:d5:16:73:74:29:d3:ef:
3a:9d:2b:32
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEHtReAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYw
MTA2NDcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY4Nzc4MmVmNTE0
N2QyYmMzODIwYmFkOGQ4ODI4MTViYjllYTgwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODq7q3LtSACizAWOcsFfzbGuXpNSvNk586qymm+y1IFgE04
JWwW0vFa1ALvgrxfy3ykGAb1sercwV6XTfsLbyd4NxziqJ/I8POfXG564jymOMrx
YHQiSEqoEuq3dflqbvmL3v17eqNRD/bQb6Ql1Lnc+PzawFvnwv0lrYd0PIzdy7Dp
KeKRcq4SHSRiZvM1Tuh1rmSNGKMjDvp4DsxbuWVS67ByEKkLrw4hY906vTmwHL8g
m7hchbm2lnpLZm/9kZhD3PXCaR3eFBWB0rpEUcHVZGm9D2EDZZ1kqorWqnQrSQlH
W9/ySJUAwBMQnZ3krV9b7HWqzQpm+/rfGeGoZVMCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBTWh3gu9RR9K8OCC62NiCgVu56oADAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzFvZDRMdlVVZlN2RGdndXRqWWdvRmJ1ZXFBQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAEli4IwDAMEBE9uMAMEAE9uMgME
AFBMMwMEAlPbYAMEAFd4VAMEAFd4VwMEAF6arAMEArLX4AMEALLX7wMEALnYRAME
ALnaiwMEALn8sAMEAMEjEgMEAMElLwMEAcEvPgMEAMIw+AMEAcIw+gMEAMK0MjAN
BgkqhkiG9w0BAQsFAAOCAQEAhAUjuMMg7S1KwSY/kU4J7UBCKrJTdf6JwMoeWnG8
zQSs73l55xr4L58RwQJObgQxAGjAQcR5kMPo3hwA0KEndkKfWOug10lX5W+wo8D0
NtPl2TZ24ncRQtIjJ/PFKpdjm7sUqx0iORIuNgKxJVCPLj+Pk7nsY0Or/sIUwQpd
CShxE7IC2SIQxX8HMRpYWwiPuzK/b6vcKG7WejOP5exCc70PiFQa1jBs+Kx8d1ip
0yRNR3b1O8hXgwnYqQK9cuemzoKO5jK3hAdxz83AkHOxmgZWZjq1Q5/PRQLZX/Aj
CUtJpBKas8HrE9GhmB6avg/4blM7ijDVFnN0KdPvOp0rMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org