Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpCed7R1Z00YgAChILalgvXZfmQ.roa
File: DpCed7R1Z00YgAChILalgvXZfmQ.roa (raw, json)
Hash identifier: WI5o2G71MKqpy234CrzLB8KmHlzvJs5Oxe2L1ZEyEFA=
Subject key identifier: 0E:90:9E:77:B4:75:67:4D:18:80:00:A1:20:B6:A5:82:F5:D9:7E:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01899C9525FDBC7676445D3EB0AC7B0A7922
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpCed7R1Z00YgAChILalgvXZfmQ.roa
Signing time: Fri 28 Jul 2023 12:59:27 +0000
ROA not before: Fri 28 Jul 2023 12:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 83.143.112.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:95:25:fd:bc:76:76:44:5d:3e:b0:ac:7b:0a:79:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 28 12:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e909e77b475674d188000a120b6a582f5d97e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cb:2f:c7:9d:fd:b6:93:44:2f:fd:3a:13:1f:
66:d9:0e:15:6a:e1:21:6a:c1:a7:d6:e4:1b:4b:12:
81:d0:7b:5f:65:d5:38:c5:0a:b8:d8:ba:89:ae:ca:
87:ec:69:dc:c7:b5:4b:5a:fb:c7:b1:ea:4a:32:1b:
fe:65:b6:01:1f:a8:ee:37:94:1d:a0:be:7a:81:ea:
97:ce:91:6e:f3:2b:bd:7d:6e:45:92:24:87:7d:07:
44:32:85:79:49:0e:63:c1:5d:2f:92:23:bf:09:03:
33:63:23:f2:74:a4:cf:81:1f:e5:58:1c:6b:e5:f3:
89:83:1f:e0:e4:66:57:ce:15:b8:44:45:45:ef:ec:
d6:b1:7a:7a:47:f1:be:76:3b:76:8a:45:76:1b:a2:
09:9e:0d:8c:59:89:65:63:01:1d:95:bc:cf:90:c9:
0a:7a:69:48:08:8e:f9:fe:f6:0b:1b:cb:76:b6:5a:
b0:48:c4:0b:ef:3b:86:ec:0f:54:e3:9f:50:86:a2:
46:ca:c1:7e:f9:97:a4:83:95:f3:ce:c3:c5:34:e8:
fb:f9:02:d3:88:ef:f1:7c:a5:70:75:ef:8c:99:ee:
71:8d:d3:b8:41:c7:1b:c9:b3:89:50:31:fb:99:0f:
92:dc:c2:df:97:04:e3:45:64:7d:17:69:d3:dd:df:
1a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:90:9E:77:B4:75:67:4D:18:80:00:A1:20:B6:A5:82:F5:D9:7E:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpCed7R1Z00YgAChILalgvXZfmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.128.99.0/24
45.149.233.0/24
79.110.50.0/24
83.143.112.0/23
85.209.132.0/24
85.217.145.0/24
87.121.69.0/24
93.123.85.0/24
94.156.176.0/24
176.125.252.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
10:9b:50:a4:67:57:19:ec:e9:50:e1:5d:8c:86:4d:90:3c:b1:
f1:41:80:87:fa:29:01:39:8e:4f:1c:ba:8b:9a:35:62:03:f3:
d0:6d:9a:d2:93:60:b4:54:3f:19:0c:b1:d8:78:35:57:93:37:
c9:fa:ef:b1:58:20:1c:e7:24:06:59:07:00:90:7f:73:24:28:
11:e2:6b:24:2d:e4:d5:69:63:89:30:cb:f3:93:de:f2:c3:8e:
6d:bc:c6:7c:45:1d:d6:b2:bb:ee:06:3c:92:94:45:bd:73:50:
d8:cc:51:38:33:97:ee:30:1c:1f:37:39:65:7d:91:22:bd:04:
0e:87:02:07:3b:81:85:24:3a:97:84:d3:58:0a:9c:27:4d:3a:
38:f9:e4:ee:9e:fd:31:d7:35:a0:64:88:52:9a:9c:74:62:6b:
5f:a2:0f:67:47:28:a2:24:b4:f9:2e:8c:c5:ad:51:78:3e:36:
b3:a3:09:77:1c:25:16:ae:ed:17:f3:36:82:6b:ce:dd:2c:d9:
64:57:06:0d:b3:3f:55:c5:01:a1:d9:88:85:1b:e2:bc:64:0d:
72:f6:72:3e:23:c0:4e:58:4a:0c:87:69:c6:53:06:1b:27:58:
c7:0d:67:ed:2d:12:d3:b7:d5:35:8f:fd:3c:08:bb:c1:73:c2:
c9:4f:03:79
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYmclSX9vHZ2RF0+sKx7CnkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI4MTI1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTkwOWU3N2I0NzU2NzRkMTg4MDAwYTEyMGI2YTU4MmY1ZDk3ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMsvx539tpNEL/06Ex9m2Q4VauEh
asGn1uQbSxKB0HtfZdU4xQq42LqJrsqH7Gncx7VLWvvHsepKMhv+ZbYBH6juN5Qd
oL56geqXzpFu8yu9fW5FkiSHfQdEMoV5SQ5jwV0vkiO/CQMzYyPydKTPgR/lWBxr
5fOJgx/g5GZXzhW4REVF7+zWsXp6R/G+djt2ikV2G6IJng2MWYllYwEdlbzPkMkK
emlICI75/vYLG8t2tlqwSMQL7zuG7A9U459QhqJGysF++Zekg5XzzsPFNOj7+QLT
iO/xfKVwde+Mme5xjdO4QccbybOJUDH7mQ+S3MLflwTjRWR9F2nT3d8a/QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFA6Qnne0dWdNGIAAoSC2pYL12X5kMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRHBDZWQ3UjFaMDBZZ0FDaElMYWxndlhaZm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC1UWgME
AC2AYwMEAC2V6QMEAE9uMgMEAVOPcAMEAFXRhAMEAFXZkQMEAFd5RQMEAF17VQME
AF6csAMEALB9/AMEALLX7QMEALneowMEAMEqIgMEAMEvPAMEAMEvPwMEAMIw+QME
AMIw+zANBgkqhkiG9w0BAQsFAAOCAQEAEJtQpGdXGezpUOFdjIZNkDyx8UGAh/op
ATmOTxy6i5o1YgPz0G2a0pNgtFQ/GQyx2Hg1V5M3yfrvsVggHOckBlkHAJB/cyQo
EeJrJC3k1WljiTDL85Pe8sOObbzGfEUd1rK77gY8kpRFvXNQ2MxRODOX7jAcHzc5
ZX2RIr0EDocCBzuBhSQ6l4TTWAqcJ006OPnk7p79Mdc1oGSIUpqcdGJrX6IPZ0co
oiS0+S6Mxa1ReD42s6MJdxwlFq7tF/M2gmvO3SzZZFcGDbM/VcUBodmIhRvivGQN
cvZyPiPATlhKDIdpxlMGGydYxw1n7S0S07fVNY/9PAi7wXPCyU8DeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org