Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/68N-uZNFdaRPTfJ0VBkEKn9Fxuw.roa
File: 68N-uZNFdaRPTfJ0VBkEKn9Fxuw.roa (raw, json)
Hash identifier: 0o956BBsPCFO8yRhI0IZ0JvJ0wGR0fV+WdOQy60T6rc=
Subject key identifier: EB:C3:7E:B9:93:45:75:A4:4F:4D:F2:74:54:19:04:2A:7F:45:C6:EC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018475406E69E1350B7F11C4A9D51772CC8A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/68N-uZNFdaRPTfJ0VBkEKn9Fxuw.roa
Signing time: Mon 14 Nov 2022 08:27:47 +0000
ROA not before: Mon 14 Nov 2022 08:27:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 85.217.145.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:40:6e:69:e1:35:0b:7f:11:c4:a9:d5:17:72:cc:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 14 08:27:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebc37eb9934575a44f4df2745419042a7f45c6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:77:ed:24:80:ac:84:1f:47:23:83:7b:f7:91:
9a:a4:1e:24:0b:3b:c4:d3:37:1f:84:7c:4a:97:6f:
2b:08:30:fb:ec:87:3c:70:de:ed:2e:a9:2b:ac:e4:
79:59:bc:f3:a3:10:e9:a7:74:ff:3b:ed:ce:b4:d5:
7b:16:12:1f:7c:31:39:da:fd:76:88:0a:93:78:b0:
41:94:34:31:28:fe:36:d4:72:03:c6:36:e0:47:07:
70:a0:bd:2f:15:22:30:de:6e:33:20:30:a9:06:a9:
f0:b3:a0:50:cc:f4:26:8b:64:ef:0e:a9:f5:42:1e:
c9:f5:8b:79:0e:f9:bd:5b:8b:15:73:e4:08:5b:4c:
d8:5f:6c:be:e5:ff:3d:93:09:d3:15:2b:79:0e:52:
ba:9d:ff:5c:16:47:99:a5:55:9e:ac:d3:0e:00:ed:
35:ca:69:59:f2:29:ab:6d:8b:2c:b6:57:aa:f9:f0:
e6:cb:17:a3:10:6e:9f:45:dc:df:74:8f:25:bb:f7:
ac:94:ab:ba:30:3f:a6:7f:88:e6:d9:61:c5:da:97:
82:90:1d:1c:0d:c3:bd:8b:1a:e4:45:54:5a:14:26:
37:10:6c:0f:1d:f1:dd:2f:63:73:c2:f4:0f:bb:3f:
16:a1:39:9b:16:ed:1c:43:6a:c1:08:16:f8:da:4c:
0a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:7E:B9:93:45:75:A4:4F:4D:F2:74:54:19:04:2A:7F:45:C6:EC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/68N-uZNFdaRPTfJ0VBkEKn9Fxuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
79.110.62.0/24
80.76.51.0/24
85.31.44.0/24
85.31.46.0/24
85.217.145.0/24
109.206.240.0/23
109.206.243.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/24
185.252.178.0/24
185.254.37.0/24
193.47.61.0/24
194.55.186.0/24
194.180.48.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d1:9c:5e:4a:50:1a:c6:8c:1e:0e:2d:43:ee:79:12:c8:aa:
dc:bb:5f:f9:1b:d0:f0:c9:f7:fd:fa:bd:97:b1:45:c4:03:b2:
cf:13:33:f6:73:9c:c3:36:6a:f8:e2:4c:ed:89:f1:ad:4d:97:
cb:64:63:98:ef:af:b8:9a:d7:96:cb:92:12:02:73:35:2d:68:
a0:16:21:3c:f1:c8:65:f4:eb:0b:02:e3:53:75:a3:06:93:4c:
6d:b2:0e:62:ec:89:c4:58:33:dd:12:40:35:60:f9:ab:03:a5:
4e:70:57:a8:fd:59:1e:fc:f2:d6:ed:1c:47:89:6f:a6:50:c9:
8b:13:07:fc:9c:87:c4:6b:c5:a0:32:4e:bf:ee:83:bc:ee:d1:
db:f5:78:ec:4d:2f:83:0e:c0:f1:4c:f9:76:3d:be:ad:4e:e3:
f0:60:83:32:e6:51:69:3f:d3:fc:d9:a1:61:31:ba:25:c7:fd:
2d:f0:c4:9c:fe:2f:a3:8c:2e:f7:90:d6:99:48:ad:02:83:ad:
72:ba:7f:21:9f:f9:de:d2:91:89:43:5d:df:e2:38:50:b3:ef:
21:4a:88:29:3b:73:6c:29:f9:f0:54:a3:7a:40:22:be:f4:76:
61:d1:64:1e:28:5d:85:d0:30:ac:6d:cf:ec:79:aa:28:a3:d2:
3e:d2:52:48
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYR1QG5p4TULfxHEqdUXcsyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTE0MDgyNzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzN2ViOTkzNDU3NWE0NGY0ZGYyNzQ1NDE5MDQyYTdmNDVjNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83ftJICshB9HI4N795GapB4kCzvE
0zcfhHxKl28rCDD77Ic8cN7tLqkrrOR5WbzzoxDpp3T/O+3OtNV7FhIffDE52v12
iAqTeLBBlDQxKP421HIDxjbgRwdwoL0vFSIw3m4zIDCpBqnws6BQzPQmi2TvDqn1
Qh7J9Yt5Dvm9W4sVc+QIW0zYX2y+5f89kwnTFSt5DlK6nf9cFkeZpVWerNMOAO01
ymlZ8imrbYsstleq+fDmyxejEG6fRdzfdI8lu/eslKu6MD+mf4jm2WHF2peCkB0c
DcO9ixrkRVRaFCY3EGwPHfHdL2NzwvQPuz8WoTmbFu0cQ2rBCBb42kwKDwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFOvDfrmTRXWkT03ydFQZBCp/RcbsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjhOLXVaTkZkYVJQVGZKMFZCa0VLbjlGeHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBJYuAAwQA
T24+AwQAUEwzAwQAVR8sAwQAVR8uAwQAVdmRAwQBbc7wAwQAbc7zAwQAudhHAwQA
ueFJAwQAufbcAwQAufyyAwQAuf4lAwQAwS89AwQAwje6AwQAwrQwMA0GCSqGSIb3
DQEBCwUAA4IBAQAX0ZxeSlAaxoweDi1D7nkSyKrcu1/5G9Dwyff9+r2XsUXEA7LP
EzP2c5zDNmr44kztifGtTZfLZGOY76+4mteWy5ISAnM1LWigFiE88chl9OsLAuNT
daMGk0xtsg5i7InEWDPdEkA1YPmrA6VOcFeo/Vke/PLW7RxHiW+mUMmLEwf8nIfE
a8WgMk6/7oO87tHb9XjsTS+DDsDxTPl2Pb6tTuPwYIMy5lFpP9P82aFhMbolx/0t
8MSc/i+jjC73kNaZSK0Cg61yun8hn/ne0pGJQ13f4jhQs+8hSogpO3NsKfnwVKN6
QCK+9HZh0WQeKF2F0DCsbc/seaooo9I+0lJI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org