Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/88zkUthWPHqE_ULQoWDMV583g1U.roa
File: 88zkUthWPHqE_ULQoWDMV583g1U.roa (raw, json)
Hash identifier: Fp4kSIaZERDC9H7vr4SlDxEJCzk2efX3E2147i5Tn2k=
Subject key identifier: F3:CC:E4:52:D8:56:3C:7A:84:FD:42:D0:A1:60:CC:57:9F:37:83:55
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F2007F3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/88zkUthWPHqE_ULQoWDMV583g1U.roa
Signing time: Mon 20 Jun 2022 10:20:44 +0000
ROA not before: Mon 20 Jun 2022 10:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 522192883 (0x1f2007f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 10:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3cce452d8563c7a84fd42d0a160cc579f378355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:16:da:b3:60:94:1a:a0:e4:31:92:33:00:a9:
3a:81:67:ec:f4:92:83:51:e3:29:ad:96:7a:18:f1:
89:5a:9e:21:ba:29:94:bf:f2:06:71:6c:f2:9e:92:
86:2d:12:4e:a1:fa:36:1f:fa:4d:22:8f:28:c5:68:
e7:5f:8a:8a:fb:b6:5d:c4:2d:0a:ee:c0:db:9c:ed:
f2:26:95:3f:2e:97:53:aa:04:28:db:b2:fd:83:12:
c8:a7:f7:74:6c:18:00:2b:42:a5:95:3f:45:a0:63:
85:b1:d6:90:55:da:0d:e5:f1:bb:81:73:77:3a:6a:
a3:5f:72:cb:9b:25:03:2b:17:9e:6f:79:56:3c:61:
3e:fa:b0:fe:86:ff:de:24:b6:b2:5c:be:f9:cc:59:
e4:51:a2:53:a6:f0:55:32:d7:fb:f9:0c:ab:c4:55:
62:54:0b:fe:2c:86:3e:33:71:32:eb:09:36:27:1d:
a3:09:6a:0e:5b:b8:eb:f9:c9:bc:19:d7:28:5a:c9:
bf:68:32:a7:67:d8:4e:11:bf:19:3f:ab:a0:ba:8b:
dd:34:49:c8:51:37:25:b1:e9:0b:cf:d4:31:c2:7c:
64:24:63:2c:9b:c5:07:fb:8e:83:48:91:58:78:77:
20:bc:09:7a:8e:95:d1:42:ed:7a:a1:20:c8:7d:bd:
44:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CC:E4:52:D8:56:3C:7A:84:FD:42:D0:A1:60:CC:57:9F:37:83:55
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/88zkUthWPHqE_ULQoWDMV583g1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
79.110.63.0/24
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
109.206.239.0/24
178.215.224.0/22
178.215.237.0/24
178.215.239.0/24
185.216.68.0/23
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.47.0/24
193.47.62.0/23
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
02:33:b0:55:36:0a:b5:4a:f8:ad:31:1d:80:bb:7e:37:53:53:
2c:98:3c:f0:43:be:d7:4f:dc:6b:aa:2d:11:7f:e3:a0:fc:cc:
ae:a7:64:80:d7:8c:89:f9:27:3f:80:76:2b:a3:92:59:2b:c5:
68:ec:34:a2:22:e3:b1:20:f3:b9:7c:65:69:d7:2f:00:67:64:
c5:e3:3a:ee:b8:f8:32:5e:9d:64:c8:28:46:3a:05:1c:fb:05:
11:9f:a8:07:28:fd:57:1f:b9:e1:e8:d3:d5:44:22:6f:92:5a:
bd:da:c5:64:aa:b6:88:a1:5a:88:05:e1:79:63:bf:87:53:3d:
2e:13:0c:3f:ae:71:d0:0d:2d:d7:cc:99:09:12:4b:41:4e:5f:
a1:ce:7b:b4:3c:69:82:bd:82:10:a4:47:48:54:50:75:74:f5:
e8:3b:e6:a5:1f:82:8d:61:25:10:13:a2:65:b8:9b:28:e5:46:
4a:ee:35:3b:c8:6c:f5:54:be:c4:b7:fb:0d:35:a8:ff:44:d0:
a4:78:58:25:99:7e:a5:a6:3f:f7:a1:91:93:bc:70:eb:6b:9c:
de:5b:ce:77:47:f2:64:d8:d8:a7:73:8a:1f:78:f1:12:6e:e1:
28:d5:23:3b:24:64:db:44:7f:09:42:12:ff:8a:e0:72:ad:2e:
23:af:b1:cd
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIEHyAH8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
MDEwMjA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNjY2U0NTJkODU2
M2M3YTg0ZmQ0MmQwYTE2MGNjNTc5ZjM3ODM1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMW2rNglBqg5DGSMwCpOoFn7PSSg1HjKa2WehjxiVqeIbop
lL/yBnFs8p6Shi0STqH6Nh/6TSKPKMVo51+Kivu2XcQtCu7A25zt8iaVPy6XU6oE
KNuy/YMSyKf3dGwYACtCpZU/RaBjhbHWkFXaDeXxu4Fzdzpqo19yy5slAysXnm95
VjxhPvqw/ob/3iS2sly++cxZ5FGiU6bwVTLX+/kMq8RVYlQL/iyGPjNxMusJNicd
owlqDlu46/nJvBnXKFrJv2gyp2fYThG/GT+roLqL3TRJyFE3JbHpC8/UMcJ8ZCRj
LJvFB/uOg0iRWHh3ILwJeo6V0ULteqEgyH29RNUCAwEAAaOCApIwggKOMB0GA1Ud
DgQWBBTzzORS2FY8eoT9QtChYMxXnzeDVTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
Lzg4emtVdGhXUEhxRV9VTFFvV0RNVjU4M2cxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQBJYuCAwQAT24wAwQAT24y
AwQAT24/AwQAUEwzAwQCU9tgAwQAV3hUAwQAV3hXAwQAW1xzAwQAXpqsAwQAbc7v
AwQCstfgAwQAstftAwQAstfvAwQBudhEAwQAudqLAwQAufywAwQAwSMSAwQAwSUv
AwQBwS8+AwQAwqmvAwQAwrQyAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQACM7BV
Ngq1SvitMR2Au343U1MsmDzwQ77XT9xrqi0Rf+Og/Myup2SA14yJ+Sc/gHYro5JZ
K8Vo7DSiIuOxIPO5fGVp1y8AZ2TF4zruuPgyXp1kyChGOgUc+wURn6gHKP1XH7nh
6NPVRCJvklq92sVkqraIoVqIBeF5Y7+HUz0uEww/rnHQDS3XzJkJEktBTl+hznu0
PGmCvYIQpEdIVFB1dPXoO+alH4KNYSUQE6JluJso5UZK7jU7yGz1VL7Et/sNNaj/
RNCkeFglmX6lpj/3oZGTvHDra5zeW853R/Jk2Ninc4ofePESbuEo1SM7JGTbRH8J
QhL/iuByrS4jr7HN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org