Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlQYfIS9Kh0QfqXRsO6-oZJOCvk.roa
File: AlQYfIS9Kh0QfqXRsO6-oZJOCvk.roa (raw, json)
Hash identifier: dmyg7/FiZoqbvp8xYVdyBdadLHpGzPk3xn3ucc4YA9s=
Subject key identifier: 02:54:18:7C:84:BD:2A:1D:10:7E:A5:D1:B0:EE:BE:A1:92:4E:0A:F9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A8E781A8CD1036928CAAD5B4AFE36D8E9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlQYfIS9Kh0QfqXRsO6-oZJOCvk.roa
Signing time: Wed 13 Sep 2023 12:15:50 +0000
ROA not before: Wed 13 Sep 2023 12:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.209.132.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:78:1a:8c:d1:03:69:28:ca:ad:5b:4a:fe:36:d8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 13 12:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0254187c84bd2a1d107ea5d1b0eebea1924e0af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:56:ee:18:55:30:01:fd:18:84:62:97:8f:
1a:5b:01:64:5a:d0:3b:b7:5c:9c:6a:e9:ec:44:e5:
c4:61:f6:83:b8:d1:0e:d8:5f:ee:bc:67:4a:2c:22:
65:01:00:30:b2:54:af:19:54:18:a8:04:b2:11:a1:
32:24:e8:43:c1:b8:46:ee:4a:c2:4c:ad:2a:6c:7e:
1d:6c:b3:b4:93:9d:cb:a9:94:bc:a4:fc:83:00:96:
37:cc:ec:6a:56:ae:40:83:f2:c0:2b:03:34:b1:fd:
63:20:5c:a2:de:10:9b:21:c8:b7:7c:99:c9:c8:ae:
b0:2e:f9:23:66:e2:98:c3:42:76:26:6d:6d:7e:32:
a2:b8:d0:2e:c0:8d:5e:8d:4a:a3:ed:5a:97:86:8f:
17:50:3d:59:4e:e1:4a:0c:de:1f:7d:b2:3d:1d:22:
e5:8b:ac:f9:fe:41:5f:d3:1c:68:70:7c:76:e8:cf:
ee:54:1e:6b:47:dc:35:05:19:4a:8c:7d:fc:be:02:
7d:2e:ac:a2:65:72:70:32:41:1b:ba:65:9c:ee:58:
b1:ab:fc:b0:0a:44:b1:e1:30:2c:91:be:71:ed:86:
7a:2c:8f:58:43:09:32:ab:84:23:76:59:c0:f8:eb:
49:09:29:8b:8b:62:b8:94:08:14:3b:4a:06:aa:32:
c9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:54:18:7C:84:BD:2A:1D:10:7E:A5:D1:B0:EE:BE:A1:92:4E:0A:F9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AlQYfIS9Kh0QfqXRsO6-oZJOCvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
79.110.50.0/24
80.76.50.0/24
85.209.132.0/24
85.217.145.0/24
93.123.85.0/24
176.125.252.0/24
185.222.163.0/24
193.42.34.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
19:7b:ac:d8:8f:5d:75:43:05:02:c3:8c:88:c1:60:30:91:91:
14:a0:6d:a5:c1:c4:71:24:91:b6:23:63:b4:01:8d:d9:70:2a:
1e:77:4c:1b:f0:fe:56:b9:a9:30:8a:22:92:65:50:d4:5e:d6:
d7:cf:15:fc:5f:e0:74:40:38:8e:e8:6c:af:92:89:65:a9:0b:
27:82:00:a0:e1:90:c9:0c:39:df:3c:00:4c:ae:16:cc:eb:8b:
02:e9:15:6f:88:54:e2:0f:89:1f:ac:d2:87:4f:87:ee:43:9f:
85:5e:df:c0:c0:9a:bb:ad:77:f0:24:d8:af:7d:38:85:c2:9a:
c3:b1:af:9e:db:63:13:24:f3:82:4b:f3:ff:1f:0a:43:c2:b4:
b9:ff:14:2f:97:68:f5:15:34:d9:f3:97:3d:39:7f:86:21:9a:
45:a0:5a:d6:fb:44:7c:8c:6b:bd:49:98:b5:1e:44:a0:ad:52:
f6:60:a8:f0:2d:09:8b:50:e1:ae:05:e7:91:6f:4e:63:65:7e:
29:44:d2:1a:b1:9b:fa:bf:54:cb:ec:c2:df:cd:2f:95:c1:3b:
ae:b0:15:2a:7d:3a:b9:4b:96:b9:4e:19:4c:9a:72:be:60:80:
42:30:05:c5:78:0e:82:77:5e:93:96:07:60:0c:c1:c6:e1:08:
2c:e8:85:b4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYqOeBqM0QNpKMqtW0r+NtjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTEzMTIxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU0MTg3Yzg0YmQyYTFkMTA3ZWE1ZDFiMGVlYmVhMTkyNGUwYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3VW7hhVMAH9GIRil48aWwFkWtA7
t1ycaunsROXEYfaDuNEO2F/uvGdKLCJlAQAwslSvGVQYqASyEaEyJOhDwbhG7krC
TK0qbH4dbLO0k53LqZS8pPyDAJY3zOxqVq5Ag/LAKwM0sf1jIFyi3hCbIci3fJnJ
yK6wLvkjZuKYw0J2Jm1tfjKiuNAuwI1ejUqj7VqXho8XUD1ZTuFKDN4ffbI9HSLl
i6z5/kFf0xxocHx26M/uVB5rR9w1BRlKjH38vgJ9LqyiZXJwMkEbumWc7lixq/yw
CkSx4TAskb5x7YZ6LI9YQwkyq4QjdlnA+OtJCSmLi2K4lAgUO0oGqjLJgQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAJUGHyEvSodEH6l0bDuvqGSTgr5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQWxRWWZJUzlLaDBRZnFYUnNPNi1vWkpPQ3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALVRaAwQA
T24yAwQAUEwyAwQAVdGEAwQAVdmRAwQAXXtVAwQAsH38AwQAud6jAwQAwSoiAwQA
wS8/AwQAwjD5AwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQAZe6zYj111QwUCw4yI
wWAwkZEUoG2lwcRxJJG2I2O0AY3ZcCoed0wb8P5WuakwiiKSZVDUXtbXzxX8X+B0
QDiO6GyvkollqQsnggCg4ZDJDDnfPABMrhbM64sC6RVviFTiD4kfrNKHT4fuQ5+F
Xt/AwJq7rXfwJNivfTiFwprDsa+e22MTJPOCS/P/HwpDwrS5/xQvl2j1FTTZ85c9
OX+GIZpFoFrW+0R8jGu9SZi1HkSgrVL2YKjwLQmLUOGuBeeRb05jZX4pRNIasZv6
v1TL7MLfzS+VwTuusBUqfTq5S5a5ThlMmnK+YIBCMAXFeA6Cd16TlgdgDMHG4Qgs
6IW0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org