Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8_NKCFDwaz0CMQvCOBz-5ke_gP0.roa
File: 8_NKCFDwaz0CMQvCOBz-5ke_gP0.roa (raw, json)
Hash identifier: wa9dDfRgHhz9Fi8CPaTw04LYIu0QUK586HO41Mvcq4U=
Subject key identifier: F3:F3:4A:08:50:F0:6B:3D:02:31:0B:C2:38:1C:FE:E6:47:BF:80:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F2CC86C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8_NKCFDwaz0CMQvCOBz-5ke_gP0.roa
Signing time: Wed 22 Jun 2022 08:25:45 +0000
ROA not before: Wed 22 Jun 2022 08:25:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 523028588 (0x1f2cc86c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 22 08:25:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3f34a0850f06b3d02310bc2381cfee647bf80fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c3:b5:7e:63:62:1c:da:65:fd:42:ec:81:71:
31:56:b0:30:e7:e4:20:20:a2:47:05:6c:8e:f0:99:
0c:4d:2e:10:d2:6b:8c:f2:3e:3d:6a:51:70:a3:d5:
ad:6e:4c:0f:04:74:bc:5d:86:04:b5:da:a5:80:65:
e4:de:6c:2d:e7:e7:0e:3b:f7:1c:93:b7:88:87:87:
f7:ee:fc:ab:ac:1e:c1:64:ed:eb:c4:b3:6d:17:79:
24:47:03:20:64:2f:18:55:37:d9:d1:6d:22:d8:d4:
bc:bb:2d:66:a7:4f:4f:9f:05:dd:b7:cd:0e:6e:3b:
a9:2a:8e:78:48:c3:fa:eb:f3:ee:7b:bd:8e:58:ea:
61:e2:5b:29:42:39:fa:a1:9f:3f:35:75:c2:14:21:
df:b8:8a:5b:90:37:a5:d4:74:a5:40:68:9d:50:fd:
51:8c:48:c9:56:c6:79:07:c9:f8:11:bf:95:6d:c9:
ae:1f:04:ab:79:be:90:8b:65:f7:e0:13:65:55:5e:
2a:93:bc:50:c5:cd:72:d4:18:0f:44:b6:83:d1:41:
23:c0:7c:3a:be:d9:14:7f:c9:45:a0:0d:c5:1b:7c:
9e:f7:43:8d:ab:d2:f7:ae:a4:f9:a4:1a:ee:ee:48:
fb:dd:36:49:4a:77:13:b6:ac:8c:ab:fd:5b:e7:b3:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F3:4A:08:50:F0:6B:3D:02:31:0B:C2:38:1C:FE:E6:47:BF:80:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8_NKCFDwaz0CMQvCOBz-5ke_gP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
79.110.63.0/24
80.76.51.0/24
83.219.97.0-83.219.98.255
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
94.154.174.0/24
109.206.239.0/24
178.215.224.0/22
178.215.237.0/24
178.215.239.0/24
185.216.68.0/23
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.42.0/24
193.37.47.0/24
193.47.62.0/23
193.222.97.0/24
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
02:04:69:83:34:cc:d3:28:46:1e:94:8a:16:c6:49:f9:5a:03:
8c:18:52:a5:6a:8d:75:9e:b1:d9:ce:a3:07:83:0c:a1:fd:ed:
97:7e:59:be:fd:bc:96:14:a1:0f:9b:43:1b:62:18:03:fc:75:
66:09:3e:c3:08:04:7e:3c:e2:06:ce:6d:12:93:66:b8:ad:e0:
df:8a:80:f5:8f:fe:45:7a:2c:1e:ae:d9:d8:31:dd:bb:f8:f8:
c5:92:e9:29:d9:8d:b1:f3:9a:c8:d4:25:e3:75:be:cf:33:55:
0c:f9:b0:d1:77:b0:ff:63:cb:98:d9:f2:18:33:ee:3e:23:31:
d7:e6:e0:86:fe:a2:76:9a:4f:89:1c:bf:7d:3d:b2:47:3e:4d:
68:47:96:5f:2b:d0:ee:d7:e4:65:1f:ed:80:89:2e:03:02:51:
aa:cb:6e:52:34:be:fa:82:91:89:89:79:3f:87:7d:73:05:9d:
1e:9e:68:63:84:6b:67:ff:4f:0e:65:e5:f7:54:6f:e6:11:55:
ed:1d:3e:04:76:81:32:5d:53:27:6e:23:dc:36:91:af:39:25:
dc:f8:0c:89:b8:cd:22:d8:f8:fa:83:10:7a:50:86:33:47:2e:
ec:e1:7d:be:af:25:85:ba:8b:eb:f9:fc:4d:96:b6:f9:27:88:
3e:2a:3e:9a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIEHyzIbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
MjA4MjU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNmMzRhMDg1MGYw
NmIzZDAyMzEwYmMyMzgxY2ZlZTY0N2JmODBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTDtX5jYhzaZf1C7IFxMVawMOfkICCiRwVsjvCZDE0uENJr
jPI+PWpRcKPVrW5MDwR0vF2GBLXapYBl5N5sLefnDjv3HJO3iIeH9+78q6wewWTt
68SzbRd5JEcDIGQvGFU32dFtItjUvLstZqdPT58F3bfNDm47qSqOeEjD+uvz7nu9
jljqYeJbKUI5+qGfPzV1whQh37iKW5A3pdR0pUBonVD9UYxIyVbGeQfJ+BG/lW3J
rh8Eq3m+kItl9+ATZVVeKpO8UMXNctQYD0S2g9FBI8B8Or7ZFH/JRaANxRt8nvdD
javS966k+aQa7u5I+902SUp3E7asjKv9W+ezEB0CAwEAAaOCAqwwggKoMB0GA1Ud
DgQWBBTz80oIUPBrPQIxC8I4HP7mR7+A/TAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzhfTktDRkR3YXowQ01RdkNPQnotNWtlX2dQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wQYIKwYBBQUHAQcBAf8EgbEwga4wgasEAgABMIGkAwQBJYuCAwQAT24wAwQAT24y
AwQAT24/AwQAUEwzMAwDBABT22EDBABT22IDBABXeFQDBABXeFcDBABbXHMDBABe
mqwDBABemq4DBABtzu8DBAKy1+ADBACy1+0DBACy1+8DBAG52EQDBAC52osDBAC5
/LADBADBIxIDBADBJSoDBADBJS8DBAHBLz4DBADB3mEDBADCqa8DBADCtDIDBADU
V80wDQYJKoZIhvcNAQELBQADggEBAAIEaYM0zNMoRh6UihbGSflaA4wYUqVqjXWe
sdnOoweDDKH97Zd+Wb79vJYUoQ+bQxtiGAP8dWYJPsMIBH484gbObRKTZrit4N+K
gPWP/kV6LB6u2dgx3bv4+MWS6SnZjbHzmsjUJeN1vs8zVQz5sNF3sP9jy5jZ8hgz
7j4jMdfm4Ib+onaaT4kcv309skc+TWhHll8r0O7X5GUf7YCJLgMCUarLblI0vvqC
kYmJeT+HfXMFnR6eaGOEa2f/Tw5l5fdUb+YRVe0dPgR2gTJdUyduI9w2ka85Jdz4
DIm4zSLY+PqDEHpQhjNHLuzhfb6vJYW6i+v5/E2WtvkniD4qPpo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org