Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5roOfM1iTtrueztte3xrck0qx-c.roa
File: 5roOfM1iTtrueztte3xrck0qx-c.roa (raw, json)
Hash identifier: y792auWkJqevFqoyGSH0Tlrkw9tVcosmPHxLeMgFyd0=
Subject key identifier: E6:BA:0E:7C:CD:62:4E:DA:EE:7B:3B:6D:7B:7C:6B:72:4D:2A:C7:E7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184658E6BA289EB3122AC4D6C5F9712969A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5roOfM1iTtrueztte3xrck0qx-c.roa
Signing time: Fri 11 Nov 2022 07:19:03 +0000
ROA not before: Fri 11 Nov 2022 07:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:8e:6b:a2:89:eb:31:22:ac:4d:6c:5f:97:12:96:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 11 07:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6ba0e7ccd624edaee7b3b6d7b7c6b724d2ac7e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:f8:60:8d:69:d0:c8:de:13:c0:dc:28:f8:
8e:53:97:f8:30:79:d9:bc:0c:93:8d:61:c3:1b:53:
7d:ea:14:c8:88:6f:4a:a0:d5:b2:60:ef:54:bc:ab:
0e:3e:fe:4f:1c:e6:7d:3a:19:ab:70:a3:af:04:83:
65:cb:d8:82:fb:67:3b:32:06:ae:31:dd:4d:80:98:
06:34:7d:56:d8:c7:33:82:0c:fd:b1:2e:54:2c:77:
5b:ae:32:7b:cc:d8:38:3e:7e:6b:d6:e9:ae:e7:20:
2a:07:c8:3f:ba:e8:fe:dd:55:fc:4d:1c:15:36:5f:
f5:b4:83:5f:de:b8:23:84:da:bb:17:b3:fe:af:7e:
5b:29:26:cc:c7:cf:4e:b5:e9:03:d0:f3:8a:d2:35:
5d:42:83:4a:43:e5:c1:9f:5a:da:2e:fe:a2:7f:91:
1b:22:3b:39:7f:5b:16:4a:fd:4e:be:83:86:b2:0f:
4f:b1:f1:7b:53:c6:c8:c4:10:cb:da:3c:5e:bb:02:
7a:9a:2e:79:b6:c4:75:8e:1a:43:7a:88:be:ae:ec:
4d:d9:0c:99:e4:17:b1:97:6e:a0:b0:f2:2b:47:ac:
ac:0c:d4:d1:13:53:41:cf:a6:26:65:62:ee:0d:42:
06:56:2e:a1:75:5d:a3:ae:ca:73:ec:87:89:07:4c:
d2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BA:0E:7C:CD:62:4E:DA:EE:7B:3B:6D:7B:7C:6B:72:4D:2A:C7:E7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5roOfM1iTtrueztte3xrck0qx-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
87.121.220.0/24
94.154.162.0/24
193.37.43.0/24
194.55.224.0/23
194.55.227.0/24
194.169.173.0/24
Signature Algorithm: sha256WithRSAEncryption
04:65:16:11:45:68:ec:80:57:05:33:ce:73:62:b5:6e:51:68:
da:e9:2c:3b:ab:64:bf:81:de:13:3d:0c:96:93:41:b5:08:a1:
a7:a1:00:77:96:4e:5f:37:9e:70:ff:27:cd:20:0f:11:34:57:
b3:59:5a:bb:98:3d:ab:bb:22:27:83:8d:f2:d5:01:97:a8:b8:
e2:b2:f8:7b:90:67:a4:c7:94:68:3f:cf:c2:c3:7c:52:2e:3d:
d1:4d:3c:ee:ba:ab:72:e7:eb:1a:b6:49:5c:8a:46:18:e0:d2:
04:e5:db:95:52:a2:6c:90:e9:98:b2:8a:36:3e:aa:3a:81:0f:
d6:0a:3e:96:22:a4:65:ec:3a:21:77:dd:52:49:c6:fd:c0:a1:
84:bd:04:84:5f:e9:ee:1c:c7:50:90:1a:4c:9f:99:1b:88:19:
17:57:38:53:8a:f2:06:2a:c0:c5:72:bd:cf:7a:43:46:1f:4b:
bf:7a:fb:20:49:c0:7a:c2:35:7f:14:54:00:2a:38:7d:a6:80:
83:ce:86:0a:0a:4f:99:07:cf:65:64:0e:d2:c3:6f:06:49:30:
7f:21:2b:d3:05:13:39:cb:07:92:fb:60:2f:30:20:96:c2:d1:
ca:44:c4:fe:1c:eb:5d:da:9d:f0:b8:0c:0f:df:1b:13:8e:14:
07:5f:af:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYRljmuiiesxIqxNbF+XEpaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTExMDcxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJhMGU3Y2NkNjI0ZWRhZWU3YjNiNmQ3YjdjNmI3MjRkMmFjN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBj4YI1p0MjeE8DcKPiOU5f4MHnZ
vAyTjWHDG1N96hTIiG9KoNWyYO9UvKsOPv5PHOZ9OhmrcKOvBINly9iC+2c7Mgau
Md1NgJgGNH1W2Mczggz9sS5ULHdbrjJ7zNg4Pn5r1umu5yAqB8g/uuj+3VX8TRwV
Nl/1tINf3rgjhNq7F7P+r35bKSbMx89OtekD0POK0jVdQoNKQ+XBn1raLv6if5Eb
Ijs5f1sWSv1OvoOGsg9PsfF7U8bIxBDL2jxeuwJ6mi55tsR1jhpDeoi+ruxN2QyZ
5Bexl26gsPIrR6ysDNTRE1NBz6YmZWLuDUIGVi6hdV2jrspz7IeJB0zS/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOa6DnzNYk7a7ns7bXt8a3JNKsfnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNXJvT2ZNMWlUdHJ1ZXp0dGUzeHJjazBxeC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAU9tgAwQA
VBWtAwQAVDYyAwQAV3ncAwQAXpqiAwQAwSUrAwQBwjfgAwQAwjfjAwQAwqmtMA0G
CSqGSIb3DQEBCwUAA4IBAQAEZRYRRWjsgFcFM85zYrVuUWja6Sw7q2S/gd4TPQyW
k0G1CKGnoQB3lk5fN55w/yfNIA8RNFezWVq7mD2ruyIng43y1QGXqLjisvh7kGek
x5RoP8/Cw3xSLj3RTTzuuqty5+satklcikYY4NIE5duVUqJskOmYsoo2Pqo6gQ/W
Cj6WIqRl7Dohd91SScb9wKGEvQSEX+nuHMdQkBpMn5kbiBkXVzhTivIGKsDFcr3P
ekNGH0u/evsgScB6wjV/FFQAKjh9poCDzoYKCk+ZB89lZA7Sw28GSTB/ISvTBRM5
yweS+2AvMCCWwtHKRMT+HOtd2p3wuAwP3xsTjhQHX6+2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org