Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7MMLms1JPisWnzNqw6IbgVfWznQ.roa
File: 7MMLms1JPisWnzNqw6IbgVfWznQ.roa (raw, json)
Hash identifier: I1dXG+7A86pK2yEDR7Ot7pEl4U+F7lYd8hQrSStL+8U=
Subject key identifier: EC:C3:0B:9A:CD:49:3E:2B:16:9F:33:6A:C3:A2:1B:81:57:D6:CE:74
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184375076909A1939452D7D25C00B904B58
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7MMLms1JPisWnzNqw6IbgVfWznQ.roa
Signing time: Wed 02 Nov 2022 07:48:50 +0000
ROA not before: Wed 02 Nov 2022 07:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:50:76:90:9a:19:39:45:2d:7d:25:c0:0b:90:4b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 2 07:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecc30b9acd493e2b169f336ac3a21b8157d6ce74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:cf:66:00:a0:ee:ac:9b:fc:e2:f7:55:93:
eb:6a:c3:66:ab:4d:5f:97:0c:a2:dd:ab:1c:17:12:
29:e3:ad:ab:39:12:fc:86:46:75:fb:fb:cd:a2:6b:
2a:83:21:76:b7:ad:49:e8:b0:68:16:f9:35:64:d3:
99:17:1b:a3:bb:f9:cb:0e:b3:eb:d0:b7:b8:36:dc:
63:e3:d0:30:a0:05:0e:f0:27:87:c3:9a:41:84:05:
ce:03:7b:0c:80:0e:49:bd:c9:c0:12:2c:45:e6:46:
6f:2e:9f:b6:27:05:c1:29:f3:44:6b:91:07:e2:66:
c9:70:b2:05:f4:12:0f:72:d4:56:23:e1:34:68:ba:
65:89:be:69:5c:d2:af:4e:a3:24:3e:e7:8e:05:d5:
8c:4c:17:08:53:93:2a:70:21:cb:21:6d:d9:e9:cd:
11:c3:a3:57:f5:a3:c5:bc:19:a5:dc:54:f5:99:de:
e4:9d:15:f5:82:a2:f9:e3:6d:80:b5:60:d0:4c:98:
1a:9e:8f:b7:43:4c:5b:cc:4a:5d:a0:77:d6:0b:3b:
de:db:05:ea:7f:ab:da:39:bb:42:0e:61:20:29:ec:
83:96:4a:59:0c:ef:a5:aa:25:c6:3f:0e:ad:20:b6:
88:ca:10:0c:30:cd:d9:43:33:29:c6:93:90:b5:36:
5a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C3:0B:9A:CD:49:3E:2B:16:9F:33:6A:C3:A2:1B:81:57:D6:CE:74
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7MMLms1JPisWnzNqw6IbgVfWznQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
84.21.172.0/23
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.239.0/24
185.216.69.0-185.216.70.255
193.25.217.0-193.25.218.255
193.35.19.0/24
193.47.63.0/24
194.55.224.0/23
194.55.227.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:3c:b7:0b:2c:52:e6:2b:84:26:ac:e3:fa:6a:de:4c:9b:d5:
e4:b7:64:bd:2e:07:8e:49:85:7e:98:d4:b7:57:c9:dd:6c:48:
13:8c:35:c6:23:1a:f1:6e:d6:7d:49:06:cf:92:79:6e:b0:4c:
be:66:0f:7e:ef:b2:f2:f2:f1:ea:51:d9:48:2a:43:13:4a:c0:
2b:f4:2b:b8:6d:77:24:2c:d1:f0:30:15:4e:ea:ee:7f:d4:61:
11:45:06:52:b9:d2:7a:83:b9:aa:68:18:b6:21:90:09:47:95:
de:28:cc:52:11:a1:1a:2b:8c:f5:27:4b:2a:ae:1a:f6:d9:5f:
05:5a:12:62:9a:f3:51:72:d3:c6:8b:49:c2:81:70:d6:8f:a1:
f6:37:2a:1f:91:7a:19:06:e4:b3:ec:47:28:92:54:ec:e8:0e:
fd:5c:3d:4d:fb:a2:c4:b0:be:56:16:71:d2:0f:53:6f:b3:f8:
2b:28:eb:a6:e5:c2:39:2d:b6:7d:48:ee:89:cd:15:78:64:52:
0d:73:1a:64:bf:51:1c:de:62:99:84:1d:19:15:d0:73:f1:8c:
51:75:56:42:c6:31:c0:86:d7:a1:65:2a:9a:a8:7a:47:6b:62:
3d:49:f5:46:b4:e0:8a:f8:13:51:f4:40:63:0c:a8:4c:49:d9:
6a:d0:d7:cc
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYQ3UHaQmhk5RS19JcALkEtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTAyMDc0ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MzMGI5YWNkNDkzZTJiMTY5ZjMzNmFjM2EyMWI4MTU3ZDZjZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmvPZgCg7qyb/OL3VZPrasNmq01f
lwyi3ascFxIp462rORL8hkZ1+/vNomsqgyF2t61J6LBoFvk1ZNOZFxuju/nLDrPr
0Le4Ntxj49AwoAUO8CeHw5pBhAXOA3sMgA5JvcnAEixF5kZvLp+2JwXBKfNEa5EH
4mbJcLIF9BIPctRWI+E0aLplib5pXNKvTqMkPueOBdWMTBcIU5MqcCHLIW3Z6c0R
w6NX9aPFvBml3FT1md7knRX1gqL5422AtWDQTJgano+3Q0xbzEpdoHfWCzve2wXq
f6vaObtCDmEgKeyDlkpZDO+lqiXGPw6tILaIyhAMMM3ZQzMpxpOQtTZaAwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFOzDC5rNST4rFp8zasOiG4FX1s50MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN01NTG1zMUpQaXNXbnpOcXc2SWJnVmZXem5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFBMMAME
AVQVrAMEAFQ2MQMEAFUfLQMEAFUfLwMEAFd4VwMEAF6arDAMAwQAstfhAwQCstfg
AwQAstfvMAwDBAC52EUDBAC52EYwDAMEAMEZ2QMEAMEZ2gMEAMEjEwMEAMEvPwME
AcI34AMEAMI34zANBgkqhkiG9w0BAQsFAAOCAQEAjTy3CyxS5iuEJqzj+mreTJvV
5LdkvS4HjkmFfpjUt1fJ3WxIE4w1xiMa8W7WfUkGz5J5brBMvmYPfu+y8vLx6lHZ
SCpDE0rAK/QruG13JCzR8DAVTuruf9RhEUUGUrnSeoO5qmgYtiGQCUeV3ijMUhGh
GiuM9SdLKq4a9tlfBVoSYprzUXLTxotJwoFw1o+h9jcqH5F6GQbks+xHKJJU7OgO
/Vw9TfuixLC+VhZx0g9Tb7P4KyjrpuXCOS22fUjuic0VeGRSDXMaZL9RHN5imYQd
GRXQc/GMUXVWQsYxwIbXoWUqmqh6R2tiPUn1RrTgivgTUfRAYwyoTEnZatDXzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:25 2024 by rpki-client on console-ams.rpki-client.org