Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7zsizWd8q_elG3wvs5UOzdOkWcA.roa
File: 7zsizWd8q_elG3wvs5UOzdOkWcA.roa (raw, json)
Hash identifier: J69iQFracH8XwU9sp3MgwBSBeHAG26Lokqv31nJu5kA=
Subject key identifier: EF:3B:22:CD:67:7C:AB:F7:A5:1B:7C:2F:B3:95:0E:CD:D3:A4:59:C0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E7F7766
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7zsizWd8q_elG3wvs5UOzdOkWcA.roa
Signing time: Wed 18 May 2022 07:08:17 +0000
ROA not before: Wed 18 May 2022 07:08:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
81.161.238.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
193.168.196.0/22 maxlen: 24
193.37.46.0/24 maxlen: 24
94.154.174.0/23 maxlen: 24
109.206.237.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
84.21.172.0/23 maxlen: 24
109.206.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 511670118 (0x1e7f7766)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 18 07:08:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef3b22cd677cabf7a51b7c2fb3950ecdd3a459c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1b:42:40:16:b0:a6:a7:65:5b:ea:2f:0b:8b:
63:12:4f:97:04:b7:0c:a1:11:b8:69:88:96:7f:ba:
d1:04:0d:16:e2:6e:30:4a:d7:66:14:50:cd:75:a3:
30:76:c0:13:6f:13:22:41:36:ce:45:45:9c:28:09:
23:fc:07:ad:a5:ec:bc:17:e0:7c:67:ed:61:02:eb:
28:a3:b3:c1:0e:13:a6:0a:a8:ad:16:aa:a1:9e:91:
c3:9e:9c:e1:36:28:7c:9c:8e:7f:e9:db:de:14:73:
fc:7c:7d:00:14:4e:ba:a2:c9:ed:95:80:bd:33:55:
a4:4b:32:25:e6:05:7b:30:85:ca:d2:1d:06:f4:60:
17:ef:20:6c:7b:17:ec:bf:f8:60:2b:f2:47:7f:ae:
bc:35:9a:52:d1:87:aa:ea:6e:d9:7c:06:fd:8a:67:
6c:41:58:a4:95:96:e5:67:f6:5c:d9:68:e9:32:63:
53:b2:4e:7c:a4:2e:9f:42:fc:d2:b0:aa:fc:a8:89:
2b:bf:fd:6a:e0:0e:0f:da:66:a7:40:3a:3e:7d:b7:
27:e6:4c:b9:ed:85:05:e5:69:39:d0:1b:da:36:a3:
b2:8b:4f:67:d4:ae:cb:c1:8b:de:81:db:8b:6b:4a:
74:34:6b:b5:87:21:77:1e:00:f5:d4:28:15:7c:f9:
67:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3B:22:CD:67:7C:AB:F7:A5:1B:7C:2F:B3:95:0E:CD:D3:A4:59:C0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7zsizWd8q_elG3wvs5UOzdOkWcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
84.21.172.0/23
87.121.122.0-87.121.125.255
88.218.76.0/22
94.154.174.0/23
109.206.237.0-109.206.238.255
185.207.12.0/24
193.37.46.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
41:4c:c7:6a:64:72:55:4e:84:5f:b2:bf:47:a6:65:7a:0f:3e:
85:70:0f:65:6a:92:99:e0:79:f4:ef:b1:e5:ca:c3:cd:19:e0:
3d:d2:c3:c7:e3:19:d7:e8:ac:0c:76:50:30:e3:68:6f:ee:4a:
9e:0a:03:95:53:43:50:c1:40:cd:bf:ed:68:14:3d:02:3f:8b:
5e:6b:0e:45:cf:4b:b1:13:15:e2:45:62:60:9e:81:08:96:8c:
37:b5:17:c5:5d:4a:bf:84:df:ad:cf:b6:2e:34:90:86:f0:ca:
2a:62:0b:fe:82:7c:ec:32:7e:1b:35:c3:d4:8e:82:67:2e:db:
67:86:17:6d:83:c9:c7:0b:cd:6d:cf:2b:07:fc:8e:c5:c4:d0:
2f:d2:c6:2a:43:e4:9b:91:49:ea:2e:5e:34:a3:bc:fb:6d:71:
a4:de:20:69:b1:3b:70:de:4f:7e:84:e4:52:14:fb:ef:3e:5f:
ca:88:1e:cf:bf:30:2b:02:3a:7b:8d:f9:7e:c5:87:a5:e8:0b:
9e:64:aa:e5:ac:1c:34:8d:a7:bd:6e:00:22:37:b4:00:b7:0d:
52:74:28:7a:40:d1:0a:b8:51:6d:c3:2b:76:e3:37:e4:2e:6b:
9b:25:7b:70:40:f7:03:eb:68:2a:02:2d:c4:d0:a8:0f:ea:a6:
5a:b9:3f:18
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEHn93ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
ODA3MDgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWYzYjIyY2Q2Nzdj
YWJmN2E1MWI3YzJmYjM5NTBlY2RkM2E0NTljMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIbQkAWsKanZVvqLwuLYxJPlwS3DKERuGmIln+60QQNFuJu
MErXZhRQzXWjMHbAE28TIkE2zkVFnCgJI/wHraXsvBfgfGftYQLrKKOzwQ4Tpgqo
rRaqoZ6Rw56c4TYofJyOf+nb3hRz/Hx9ABROuqLJ7ZWAvTNVpEsyJeYFezCFytId
BvRgF+8gbHsX7L/4YCvyR3+uvDWaUtGHqupu2XwG/YpnbEFYpJWW5Wf2XNlo6TJj
U7JOfKQun0L80rCq/KiJK7/9auAOD9pmp0A6Pn23J+ZMue2FBeVpOdAb2jajsotP
Z9Suy8GL3oHbi2tKdDRrtYchdx4A9dQoFXz5ZycCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBTvOyLNZ3yr96UbfC+zlQ7N06RZwDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
Lzd6c2l6V2Q4cV9lbEczd3ZzNVVPemRPa1djQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAVGh7gMEAVQVrDAMAwQBV3l6AwQB
V3l8AwQCWNpMAwQBXpquMAwDBABtzu0DBABtzu4DBAC5zwwDBADBJS4DBALBqMQw
DQYJKoZIhvcNAQELBQADggEBAEFMx2pkclVOhF+yv0emZXoPPoVwD2VqkpngefTv
seXKw80Z4D3Sw8fjGdforAx2UDDjaG/uSp4KA5VTQ1DBQM2/7WgUPQI/i15rDkXP
S7ETFeJFYmCegQiWjDe1F8VdSr+E363Pti40kIbwyipiC/6CfOwyfhs1w9SOgmcu
22eGF22DyccLzW3PKwf8jsXE0C/SxipD5JuRSeouXjSjvPttcaTeIGmxO3DeT36E
5FIU++8+X8qIHs+/MCsCOnuN+X7Fh6XoC55kquWsHDSNp71uACI3tAC3DVJ0KHpA
0Qq4UW3DK3bjN+Qua5sle3BA9wPraCoCLcTQqA/qplq5Pxg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:59 2024 by rpki-client on console-fra.rpki-client.org