Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A6B7mCmci2dX7UQipjpDK39XBUo.roa
File: A6B7mCmci2dX7UQipjpDK39XBUo.roa (raw, json)
Hash identifier: 1zp8uL94cAH9cUgL1KR7ySJ4SunQqZO5ewfgtzTOZ7c=
Subject key identifier: 03:A0:7B:98:29:9C:8B:67:57:ED:44:22:A6:3A:43:2B:7F:57:05:4A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018480FAB33C02601A96DF1C4A9DE50D543E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A6B7mCmci2dX7UQipjpDK39XBUo.roa
Signing time: Wed 16 Nov 2022 15:07:04 +0000
ROA not before: Wed 16 Nov 2022 15:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 85.217.145.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:fa:b3:3c:02:60:1a:96:df:1c:4a:9d:e5:0d:54:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 16 15:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03a07b98299c8b6757ed4422a63a432b7f57054a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:61:1d:7e:c7:4e:26:0c:31:af:c8:8b:24:60:
3e:d9:f8:cf:3c:2c:82:d6:7e:9a:65:f3:b1:63:16:
62:2a:63:19:33:5f:89:35:bd:73:89:f2:1e:c0:f1:
d0:ac:8d:8b:86:4a:c6:ae:c9:42:d1:6d:a6:b1:a0:
b9:9a:c2:94:3b:d2:aa:e5:6f:84:a1:13:d7:94:42:
d4:c9:de:53:7a:25:d3:02:db:5f:91:a6:1a:2f:5f:
9a:b5:95:83:ed:8a:ff:9f:e7:e2:b5:b5:16:e2:c7:
29:41:45:f9:ee:ca:96:b4:ee:61:4b:42:fb:d4:0b:
03:b2:2c:a2:2f:d8:1a:0f:5b:51:07:9f:e1:5d:fb:
1a:2a:d5:3e:c2:d4:35:b1:1d:eb:55:c7:0f:ec:62:
7a:15:f5:d0:fb:92:3d:16:73:65:85:10:dc:5e:05:
07:68:0a:4b:47:2b:28:e0:a8:6a:3c:85:54:35:90:
dd:5d:93:25:0a:a9:1e:93:5a:31:e8:30:d6:08:4d:
8d:18:90:70:5f:a0:f5:49:fe:09:a7:30:9b:18:d4:
bd:ec:8f:ba:c5:ca:28:e6:04:83:df:9b:7f:fb:24:
16:a1:19:73:ed:27:33:4e:95:4d:e6:3c:3e:74:ea:
c8:71:a8:f6:f4:7e:98:aa:ab:e0:64:ab:dc:22:28:
f0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A0:7B:98:29:9C:8B:67:57:ED:44:22:A6:3A:43:2B:7F:57:05:4A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A6B7mCmci2dX7UQipjpDK39XBUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
85.31.44.0/24
85.31.46.0/24
85.217.145.0/24
109.206.240.0/23
109.206.243.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.47.61.0/24
194.55.186.0/24
194.180.48.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:90:8e:dc:8e:8c:5d:81:9c:87:53:e0:95:53:02:89:68:98:
11:70:28:13:fd:fd:dc:1c:c6:03:c8:af:e2:24:b7:32:47:b5:
87:f8:c2:6b:22:6a:b1:d3:60:bf:d7:47:9f:53:bb:d1:53:c5:
7f:02:ba:6f:08:9f:29:2f:a1:26:9b:1e:84:59:64:24:7b:e2:
73:e7:b7:39:05:2e:8d:20:bd:bb:e0:9d:01:2c:08:c0:90:40:
35:3d:b6:b6:1f:24:3d:f1:e4:a5:5f:1b:64:c7:33:bc:7d:eb:
76:bf:e5:2e:1e:57:d2:39:fc:b5:d7:67:28:a0:b4:f3:22:c7:
2b:1a:82:5e:f9:1d:1e:d2:9a:77:c0:09:a5:19:d2:11:a3:df:
59:77:a1:9a:9e:d2:8d:5c:8c:3f:05:48:54:dc:b9:96:7d:22:
65:68:17:99:4c:a4:9b:2f:71:3d:59:42:d6:47:c4:88:96:b4:
30:34:f2:43:31:49:90:d6:5d:c8:a1:1b:a1:73:30:f0:6e:ae:
80:84:82:97:10:91:a1:70:c7:1b:e6:a7:92:2d:04:43:72:6d:
cf:70:c1:20:b7:8c:9c:d7:2b:07:5a:c6:6c:2d:f5:6b:db:55:
79:3f:7a:14:22:5a:c1:f1:32:95:56:c4:9c:9f:ae:dd:90:16:
cb:8a:c8:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYSA+rM8AmAalt8cSp3lDVQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTE2MTUwNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2EwN2I5ODI5OWM4YjY3NTdlZDQ0MjJhNjNhNDMyYjdmNTcwNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mEdfsdOJgwxr8iLJGA+2fjPPCyC
1n6aZfOxYxZiKmMZM1+JNb1zifIewPHQrI2LhkrGrslC0W2msaC5msKUO9Kq5W+E
oRPXlELUyd5TeiXTAttfkaYaL1+atZWD7Yr/n+fitbUW4scpQUX57sqWtO5hS0L7
1AsDsiyiL9gaD1tRB5/hXfsaKtU+wtQ1sR3rVccP7GJ6FfXQ+5I9FnNlhRDcXgUH
aApLRyso4KhqPIVUNZDdXZMlCqkek1ox6DDWCE2NGJBwX6D1Sf4JpzCbGNS97I+6
xcoo5gSD35t/+yQWoRlz7SczTpVN5jw+dOrIcaj29H6YqqvgZKvcIijwUQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFAOge5gpnItnV+1EIqY6Qyt/VwVKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQTZCN21DbWNpMmRYN1VRaXBqcERLMzlYQlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBJYuAAwQB
T24+AwQAUEwzAwQAVBWsAwQAVR8sAwQAVR8uAwQAVdmRAwQBbc7wAwQAbc7zAwQA
udhHAwQAueFJAwQBufbcAwQAufyyAwQAuf4lAwQAwS89AwQAwje6AwQAwrQwMA0G
CSqGSIb3DQEBCwUAA4IBAQCskI7cjoxdgZyHU+CVUwKJaJgRcCgT/f3cHMYDyK/i
JLcyR7WH+MJrImqx02C/10efU7vRU8V/ArpvCJ8pL6Emmx6EWWQke+Jz57c5BS6N
IL274J0BLAjAkEA1Pba2HyQ98eSlXxtkxzO8fet2v+UuHlfSOfy112cooLTzIscr
GoJe+R0e0pp3wAmlGdIRo99Zd6GantKNXIw/BUhU3LmWfSJlaBeZTKSbL3E9WULW
R8SIlrQwNPJDMUmQ1l3IoRuhczDwbq6AhIKXEJGhcMcb5qeSLQRDcm3PcMEgt4yc
1ysHWsZsLfVr21V5P3oUIlrB8TKVVsScn67dkBbLisgy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:00 2024 by rpki-client on console-fra.rpki-client.org