Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa
File: BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa (raw, json)
Hash identifier: QDsHoFZuSdjat+ZGUCj3pta47paGS5/lyfZ+RnTwD74=
Subject key identifier: 06:23:B7:18:B9:69:2B:61:31:D8:BC:D2:11:FE:40:85:F3:0F:6D:A9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182B0C858EA142B19F491D6DC8AA2761C85
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa
Signing time: Thu 18 Aug 2022 11:48:15 +0000
ROA not before: Thu 18 Aug 2022 11:48:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 81.161.238.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
193.168.196.0/22 maxlen: 24
193.37.46.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:c8:58:ea:14:2b:19:f4:91:d6:dc:8a:a2:76:1c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 18 11:48:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0623b718b9692b6131d8bcd211fe4085f30f6da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:16:28:46:fc:83:11:00:6b:0b:b6:1f:be:
2c:71:f8:71:1b:34:78:e1:c6:53:c8:34:7b:98:45:
c7:7c:28:ef:38:cf:32:a5:84:a8:d9:fb:77:d5:61:
a1:c0:26:75:8e:f5:e4:6a:6c:22:ba:69:8b:03:da:
4c:6f:0c:2f:d5:4e:ef:58:69:11:bd:33:4e:1d:4c:
26:a5:ad:2a:05:9f:9a:48:e4:39:12:b8:a6:f1:75:
6c:09:ec:b6:c6:ed:e3:2b:bf:62:fe:f1:7f:0c:13:
44:e9:e5:b9:83:ca:b8:67:6b:64:52:83:98:2c:c0:
79:d3:22:e4:77:b7:34:11:5d:97:8f:b4:15:8e:88:
e6:43:9b:fe:0a:b0:be:50:10:b1:ec:08:ac:e9:78:
99:b8:4c:29:e1:79:07:5e:95:37:a4:99:db:00:f7:
0e:68:7c:50:c1:fc:46:d4:fb:61:4b:6a:c9:aa:f0:
59:c1:80:34:8f:ef:fc:b4:ab:74:40:ef:56:15:4e:
a3:35:50:bf:64:00:49:b0:fc:c4:15:39:42:10:ce:
7e:b2:b2:7e:44:d4:e1:66:5b:81:2c:f9:fd:6f:98:
0d:50:05:8e:f7:a4:70:98:48:61:dc:5d:24:69:c8:
02:33:07:24:d8:78:e9:53:dd:d8:94:ca:9f:bc:86:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:23:B7:18:B9:69:2B:61:31:D8:BC:D2:11:FE:40:85:F3:0F:6D:A9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
88.218.76.0/22
109.206.237.0/24
185.207.12.0/24
193.37.46.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:18:33:17:db:56:34:e2:67:af:e9:5c:14:fb:a8:a5:83:14:
98:49:3f:95:fa:0c:a2:fd:69:4b:91:28:78:97:c4:94:94:cd:
9c:cb:a4:24:2c:3b:ba:20:70:c2:0e:68:40:ff:b6:38:1d:9c:
2c:69:1e:1f:d1:7c:b6:66:11:9b:1e:e8:18:55:e3:de:f2:89:
ec:46:ae:a8:e2:63:20:b2:39:eb:0e:2f:30:3e:70:ee:a5:67:
c0:af:5b:df:7a:4c:5e:b8:79:5f:9e:7b:03:a3:50:bf:8e:d9:
e4:fa:2f:27:a3:b3:2e:67:88:6b:5a:21:64:f4:55:21:b8:0d:
3d:db:f5:0a:d6:7e:a4:19:ca:f3:cc:cd:ca:e6:16:4e:fe:58:
e8:7d:2b:73:e9:dd:ce:8c:3d:1a:56:30:51:23:a7:56:93:81:
c4:e7:e3:e4:b0:95:38:85:32:29:a6:e5:cd:d4:36:ea:d2:fa:
6d:fc:21:5d:e4:db:24:78:12:6e:19:63:5a:82:3d:fc:38:39:
2c:a4:b3:67:f3:70:e6:33:4e:94:f9:8e:d8:a6:ce:fd:3f:42:
34:e7:27:6b:bf:40:d8:35:47:90:53:8e:c5:c3:02:ff:3e:1e:
56:d1:b5:a4:d6:f4:91:27:17:3f:d2:cf:17:0c:80:bb:f5:f0:
c2:fa:1c:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYKwyFjqFCsZ9JHW3IqidhyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE4MTE0ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIzYjcxOGI5NjkyYjYxMzFkOGJjZDIxMWZlNDA4NWYzMGY2ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovMWKEb8gxEAawu2H74scfhxGzR4
4cZTyDR7mEXHfCjvOM8ypYSo2ft31WGhwCZ1jvXkamwiummLA9pMbwwv1U7vWGkR
vTNOHUwmpa0qBZ+aSOQ5Erim8XVsCey2xu3jK79i/vF/DBNE6eW5g8q4Z2tkUoOY
LMB50yLkd7c0EV2Xj7QVjojmQ5v+CrC+UBCx7Ais6XiZuEwp4XkHXpU3pJnbAPcO
aHxQwfxG1PthS2rJqvBZwYA0j+/8tKt0QO9WFU6jNVC/ZABJsPzEFTlCEM5+srJ+
RNThZluBLPn9b5gNUAWO96RwmEhh3F0kacgCMwck2HjpU93YlMqfvIaN9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAYjtxi5aSthMdi80hH+QIXzD22pMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmlPM0dMbHBLMkV4Mkx6U0VmNUFoZk1QYmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUaHuAwQC
WNpMAwQAbc7tAwQAuc8MAwQAwSUuAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQCc
GDMX21Y04mev6VwU+6ilgxSYST+V+gyi/WlLkSh4l8SUlM2cy6QkLDu6IHDCDmhA
/7Y4HZwsaR4f0Xy2ZhGbHugYVePe8onsRq6o4mMgsjnrDi8wPnDupWfAr1vfekxe
uHlfnnsDo1C/jtnk+i8no7MuZ4hrWiFk9FUhuA092/UK1n6kGcrzzM3K5hZO/ljo
fStz6d3OjD0aVjBRI6dWk4HE5+PksJU4hTIppuXN1Dbq0vpt/CFd5NskeBJuGWNa
gj38ODkspLNn83DmM06U+Y7Yps79P0I05ydrv0DYNUeQU47FwwL/Ph5W0bWk1vSR
Jxc/0s8XDIC79fDC+hyO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org