Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/728tl4_jJmh7NGCqL0jT6ekxU60.roa
File: 728tl4_jJmh7NGCqL0jT6ekxU60.roa (raw, json)
Hash identifier: 20C3ggbXqc+d8JTGqD4tmE4hVix4Nt4p1GvtT5/nZj4=
Subject key identifier: EF:6F:2D:97:8F:E3:26:68:7B:34:60:AA:2F:48:D3:E9:E9:31:53:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E0154B3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/728tl4_jJmh7NGCqL0jT6ekxU60.roa
Signing time: Thu 14 Apr 2022 08:11:09 +0000
ROA not before: Thu 14 Apr 2022 08:11:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503403699 (0x1e0154b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 14 08:11:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef6f2d978fe326687b3460aa2f48d3e9e93153ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e2:52:0c:d1:df:9b:28:d6:b1:4c:ca:e3:8d:
18:ec:11:ba:2c:47:90:cb:9d:e0:1b:5e:7b:6b:a9:
e1:ae:0a:f9:0e:f1:43:24:d6:82:27:36:02:67:81:
33:9d:57:4e:ea:d4:fd:bd:b2:b8:75:40:9f:00:9f:
48:75:3f:ed:9b:49:2f:6c:a5:77:8c:a8:66:72:7c:
15:5f:31:0e:48:e5:fe:3d:4c:ad:58:82:d6:f1:17:
8b:fd:a7:3c:36:17:76:b0:7e:18:7a:18:58:2b:bf:
a1:19:fc:18:32:8a:2a:73:ea:24:62:c0:26:8c:0c:
50:46:5f:33:30:12:a2:97:68:6e:53:7b:52:5f:d1:
2d:38:69:6a:5c:37:c1:14:6b:89:48:3f:0f:33:60:
67:8b:4b:90:f7:f7:23:28:e1:97:62:be:6e:64:f0:
a0:25:1a:22:8d:20:41:10:50:29:79:b7:02:e7:04:
1c:2c:09:6a:d7:40:5f:fe:90:2a:99:dc:3e:7c:f2:
d4:6d:5b:00:31:dd:26:7b:7a:25:80:5d:ef:12:9c:
6e:0d:e2:22:9c:e1:c9:a8:4d:4a:57:78:6a:0a:ed:
9a:4e:06:61:5c:85:e0:58:80:c7:51:48:4a:66:51:
17:e2:4f:ae:6d:3d:60:7e:46:f2:6e:d8:77:2f:d2:
9d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6F:2D:97:8F:E3:26:68:7B:34:60:AA:2F:48:D3:E9:E9:31:53:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/728tl4_jJmh7NGCqL0jT6ekxU60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
83.219.97.0-83.219.98.255
178.215.224.0/22
193.47.60.0/24
193.47.62.0/23
194.48.248.0/24
194.48.251.0/24
194.55.184.0/23
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:0f:b5:e1:ad:65:c5:15:f2:3c:1f:ff:eb:c5:46:48:58:76:
ff:9f:9c:9d:5c:bb:87:dd:16:0b:a3:89:a3:42:85:a7:e7:7a:
96:3e:ef:0d:0f:c6:f6:77:a4:76:9f:a1:26:80:c3:bd:46:ef:
43:c5:79:1c:3e:1d:24:3e:de:b2:0f:51:7a:fd:0a:c6:fe:8e:
72:0b:96:ae:d3:39:e7:d4:3d:37:8c:c4:0e:c9:88:2e:c9:bc:
b5:8c:87:5f:a3:95:5a:d1:36:a0:6a:f8:14:d9:92:28:76:89:
7b:e7:f5:37:67:15:85:29:bc:e3:49:7a:f2:96:6a:23:a4:5d:
35:63:aa:2b:e3:2b:43:51:bb:b9:49:08:46:b5:9e:e2:14:33:
57:2a:50:9f:98:86:78:9c:30:ea:f0:46:84:08:12:54:8f:ee:
88:3f:e8:25:5b:ed:ac:bb:a2:df:b1:a6:73:05:37:20:de:fe:
89:cb:11:6e:87:0b:18:c7:b8:dc:86:5d:da:d2:42:f1:ae:6d:
1e:dc:23:e3:88:1e:b1:48:4d:cc:f6:6c:c4:3e:94:33:9f:ea:
4d:94:58:7a:b3:e5:ed:f7:30:9e:ea:70:68:40:0f:fa:e2:01:
87:36:59:eb:9b:7b:a5:c7:a9:90:eb:69:ce:f1:72:13:cd:1c:
b7:1f:04:cc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEHgFUszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQx
NDA4MTEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY2ZjJkOTc4ZmUz
MjY2ODdiMzQ2MGFhMmY0OGQzZTllOTMxNTNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMniUgzR35so1rFMyuONGOwRuixHkMud4Btee2up4a4K+Q7x
QyTWgic2AmeBM51XTurU/b2yuHVAnwCfSHU/7ZtJL2yld4yoZnJ8FV8xDkjl/j1M
rViC1vEXi/2nPDYXdrB+GHoYWCu/oRn8GDKKKnPqJGLAJowMUEZfMzASopdoblN7
Ul/RLThpalw3wRRriUg/DzNgZ4tLkPf3Iyjhl2K+bmTwoCUaIo0gQRBQKXm3AucE
HCwJatdAX/6QKpncPnzy1G1bADHdJnt6JYBd7xKcbg3iIpzhyahNSld4agrtmk4G
YVyF4FiAx1FISmZRF+JPrm09YH5G8m7Ydy/SncUCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTvby2Xj+MmaHs0YKovSNPp6TFTrTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzcyOHRsNF9qSm1oN05HQ3FMMGpUNmVreFU2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEASWLggMEAE9uMAMEAE9uMjAMAwQA
U9thAwQAU9tiAwQCstfgAwQAwS88AwQBwS8+AwQAwjD4AwQAwjD7AwQBwje4AwQA
wrQyMA0GCSqGSIb3DQEBCwUAA4IBAQCfD7XhrWXFFfI8H//rxUZIWHb/n5ydXLuH
3RYLo4mjQoWn53qWPu8ND8b2d6R2n6EmgMO9Ru9DxXkcPh0kPt6yD1F6/QrG/o5y
C5au0znn1D03jMQOyYguyby1jIdfo5Va0TagavgU2ZIodol75/U3ZxWFKbzjSXry
lmojpF01Y6or4ytDUbu5SQhGtZ7iFDNXKlCfmIZ4nDDq8EaECBJUj+6IP+glW+2s
u6LfsaZzBTcg3v6JyxFuhwsYx7jchl3a0kLxrm0e3CPjiB6xSE3M9mzEPpQzn+pN
lFh6s+Xt9zCe6nBoQA/64gGHNlnrm3ulx6mQ62nO8XITzRy3HwTM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:59 2024 by rpki-client on console-fra.rpki-client.org