Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Hj6004ptkBdfENckiHBJrMn3DM.roa
File: 9Hj6004ptkBdfENckiHBJrMn3DM.roa (raw, json)
Hash identifier: 5AT/uvGDLVzHnyExFZGphrFuXItC0deqgi1ZkKgpDB4=
Subject key identifier: F4:78:FA:D3:4E:29:B6:40:5D:7C:43:5C:92:21:C1:26:B3:27:DC:33
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E28E969
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Hj6004ptkBdfENckiHBJrMn3DM.roa
Signing time: Tue 26 Apr 2022 07:18:41 +0000
ROA not before: Tue 26 Apr 2022 07:18:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.254.37.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 505997673 (0x1e28e969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 26 07:18:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f478fad34e29b6405d7c435c9221c126b327dc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:23:20:5f:9d:87:da:b9:db:bb:ca:ae:f0:55:
88:b6:4c:12:a2:72:6f:2f:dc:41:89:b1:6a:59:4b:
4f:60:dd:8a:cb:a1:01:5a:e3:bd:b6:7a:49:37:12:
d3:b9:63:53:42:9c:ea:77:42:a2:ff:0e:cf:9a:f5:
59:d3:d9:23:f6:51:c3:2a:1b:f6:d8:49:d7:4e:75:
bb:95:3d:59:13:29:d7:78:72:15:7f:db:d3:8c:19:
5a:d7:3b:91:d3:21:ac:c1:96:85:73:4a:75:2c:dc:
03:9e:6a:d3:a2:2c:8b:0d:be:1d:c5:f1:3a:00:ce:
07:ef:0a:cd:34:72:ab:85:57:42:17:00:38:a0:22:
36:48:64:05:4a:a7:38:99:99:01:c9:14:f5:70:cd:
f8:4b:60:ad:ea:fb:20:0a:b7:25:ae:2c:2d:7b:61:
95:d6:3e:2c:1d:6c:5c:09:76:a3:44:e6:91:bd:17:
20:56:64:5d:0a:ee:4b:58:7d:37:4f:df:17:3e:56:
9d:16:7c:e1:9d:a9:e6:ef:9f:26:75:e6:40:5c:05:
05:44:c8:51:63:6a:12:0d:54:fa:6b:50:6d:1c:42:
0d:b8:ef:86:87:9a:23:f4:ce:1e:ed:a1:66:dd:07:
09:ed:36:59:7e:f5:6b:dd:82:ce:c1:da:c1:83:11:
5b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:78:FA:D3:4E:29:B6:40:5D:7C:43:5C:92:21:C1:26:B3:27:DC:33
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9Hj6004ptkBdfENckiHBJrMn3DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
185.252.178.0/23
185.254.37.0/24
193.47.61.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3e:75:40:7d:c5:6c:32:12:38:ff:44:f5:b0:41:b0:3f:da:
32:7e:cb:68:ba:90:7a:40:fa:2c:b9:71:4a:7e:3e:be:e9:26:
ff:2e:58:ae:aa:1a:a5:41:6c:81:d5:10:a0:22:eb:36:d5:42:
d1:36:1c:ce:20:a5:92:64:74:34:a9:8d:05:35:55:58:e1:d7:
c7:1b:36:3e:1a:00:fb:bf:5d:05:d6:88:32:52:22:4b:24:7c:
23:25:d1:e3:6e:59:00:a6:8e:fa:8b:78:25:35:11:de:8c:ae:
09:45:59:4a:97:98:64:60:57:47:98:dd:d5:76:c6:ac:a4:73:
15:a1:47:bf:a5:88:0c:47:db:bc:f8:5e:0d:a4:ac:cc:d7:ad:
5e:6e:e6:f2:2c:69:c8:61:d9:2d:82:d8:83:f3:01:ab:e4:e4:
9e:84:ea:74:e7:2a:9b:b2:17:e0:b2:5c:05:17:8e:e0:9e:5a:
5c:9c:4c:2f:ae:8f:ff:21:38:6c:39:4d:c4:df:01:1e:b7:44:
84:5f:13:ca:8d:a1:18:c9:76:c9:86:73:af:d3:2a:07:ad:3c:
fe:0f:da:48:08:c0:2b:c8:82:ab:4f:76:d9:8a:1e:04:0c:88:
08:b2:38:f8:7c:36:d8:b8:10:fe:ea:c7:6e:ab:6f:cf:e8:0d:
d7:c2:c9:03
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEHijpaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQy
NjA3MTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ3OGZhZDM0ZTI5
YjY0MDVkN2M0MzVjOTIyMWMxMjZiMzI3ZGMzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsjIF+dh9q527vKrvBViLZMEqJyby/cQYmxallLT2Ddisuh
AVrjvbZ6STcS07ljU0Kc6ndCov8Oz5r1WdPZI/ZRwyob9thJ1051u5U9WRMp13hy
FX/b04wZWtc7kdMhrMGWhXNKdSzcA55q06Isiw2+HcXxOgDOB+8KzTRyq4VXQhcA
OKAiNkhkBUqnOJmZAckU9XDN+Etgrer7IAq3Ja4sLXthldY+LB1sXAl2o0Tmkb0X
IFZkXQruS1h9N0/fFz5WnRZ84Z2p5u+fJnXmQFwFBUTIUWNqEg1U+mtQbRxCDbjv
hoeaI/TOHu2hZt0HCe02WX71a92CzsHawYMRW0cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT0ePrTTim2QF18Q1ySIcEmsyfcMzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzlIajYwMDRwdGtCZGZFTmNraUhCSnJNbjNETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEASWLgAMEAbn8sgMEALn+JQMEAMEv
PTANBgkqhkiG9w0BAQsFAAOCAQEAIj51QH3FbDISOP9E9bBBsD/aMn7LaLqQekD6
LLlxSn4+vukm/y5YrqoapUFsgdUQoCLrNtVC0TYcziClkmR0NKmNBTVVWOHXxxs2
PhoA+79dBdaIMlIiSyR8IyXR425ZAKaO+ot4JTUR3oyuCUVZSpeYZGBXR5jd1XbG
rKRzFaFHv6WIDEfbvPheDaSszNetXm7m8ixpyGHZLYLYg/MBq+TknoTqdOcqm7IX
4LJcBReO4J5aXJxML66P/yE4bDlNxN8BHrdEhF8Tyo2hGMl2yYZzr9MqB608/g/a
SAjAK8iCq0922YoeBAyICLI4+Hw22LgQ/urHbqtvz+gN18LJAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org