Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EHz-xBi93cPMpRtUSWJad10apa4.roa
File: EHz-xBi93cPMpRtUSWJad10apa4.roa (raw, json)
Hash identifier: cOhAIUbMo8f1UESAuV3GZvp8NgyQOekgRqbakNK3YKI=
Subject key identifier: 10:7C:FE:C4:18:BD:DD:C3:CC:A5:1B:54:49:62:5A:77:5D:1A:A5:AE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018268FF144641584841D63DA1E5F3E257F2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EHz-xBi93cPMpRtUSWJad10apa4.roa
Signing time: Thu 04 Aug 2022 13:15:23 +0000
ROA not before: Thu 04 Aug 2022 13:15:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:ff:14:46:41:58:48:41:d6:3d:a1:e5:f3:e2:57:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 4 13:15:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=107cfec418bdddc3cca51b5449625a775d1aa5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:d8:cc:80:4b:5c:51:eb:94:9e:76:7d:92:
d5:2a:2a:f1:80:c9:8a:24:33:15:d1:2a:29:36:48:
0f:56:c7:22:37:48:86:e9:e6:f7:da:d3:5f:33:74:
fe:f5:72:e6:0d:0b:c8:c9:66:d8:0c:d1:75:3c:24:
d2:21:54:13:e2:3a:2e:29:5b:e2:1c:b9:ba:9e:23:
5f:50:91:08:80:e3:21:d0:7f:fe:ab:a0:ad:57:83:
36:f6:41:91:89:58:e2:50:05:8a:d0:83:2d:20:e0:
02:e1:33:59:c8:74:b8:2f:05:28:f2:c8:7a:7d:da:
69:e7:eb:a6:3a:e6:f1:76:88:ec:db:ac:d5:f5:ec:
61:ce:61:54:3e:4e:6c:62:fd:e1:cb:60:80:2b:96:
0a:46:c0:34:99:38:7d:db:0f:83:e9:2e:5f:33:8d:
b6:a7:47:ca:67:c2:80:e2:77:84:6f:38:40:de:a1:
06:56:94:26:fa:71:7b:1d:f4:5c:5d:f9:b5:98:81:
b7:36:3d:66:10:da:7f:0d:76:11:00:c6:a7:e4:d5:
64:14:ff:5c:f8:ff:d4:08:9b:3d:ad:7f:f5:09:53:
16:25:17:d7:52:9c:8b:ac:97:3e:f1:7f:7e:e8:4e:
18:54:da:31:7f:25:7f:f1:ed:e2:ab:41:9b:ad:5c:
ed:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7C:FE:C4:18:BD:DD:C3:CC:A5:1B:54:49:62:5A:77:5D:1A:A5:AE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EHz-xBi93cPMpRtUSWJad10apa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0/24
80.76.50.0/24
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
109.206.239.0/24
178.215.225.0-178.215.227.255
178.215.236.0/23
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.35.18.0/23
193.37.42.0/24
193.37.47.0/24
193.47.62.0/23
193.222.97.0/24
194.169.175.0/24
194.180.50.0/24
212.87.205.0-212.87.206.255
Signature Algorithm: sha256WithRSAEncryption
95:ae:a7:90:2e:ac:db:8a:f1:ee:9c:a9:ed:ff:ea:a3:94:0e:
35:63:db:1b:00:f0:43:d6:79:dd:07:6f:b2:e5:9e:f8:ae:fc:
a6:d3:8f:83:a8:c6:57:86:ed:50:3f:20:c2:73:fb:c8:21:36:
f3:b0:3b:51:06:1b:d3:eb:1c:9c:b9:2a:a2:60:90:3d:0b:20:
61:03:b6:cc:b0:e9:3a:01:33:39:6a:9a:ca:b6:80:bf:dc:5b:
1e:97:56:69:f3:37:b0:5d:be:6d:4a:a2:f3:19:36:68:d1:b4:
72:84:69:ee:26:9e:97:66:42:76:df:f0:dc:b9:a7:c4:4c:95:
c9:d4:4c:88:9d:af:80:d2:0c:6d:6e:13:b1:b0:0b:5b:e1:87:
d1:cd:ab:73:0e:f6:c0:41:95:08:40:90:c7:f0:01:85:4b:a4:
fb:79:c8:6c:8e:79:19:66:39:cd:93:c5:df:78:ea:de:e4:f7:
72:18:b3:7d:8e:c4:d6:8a:1a:38:06:53:29:13:d3:e0:e6:5c:
a2:99:3e:77:5c:87:f1:49:9e:5b:eb:59:71:54:96:79:96:64:
c4:73:50:fb:05:c0:7e:20:ef:a5:1c:2e:b9:70:91:f5:7b:42:
b8:2c:51:91:d4:de:88:56:67:37:21:b8:ea:57:f5:12:15:23:
3a:c2:9b:34
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYJo/xRGQVhIQdY9oeXz4lfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODA0MTMxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdjZmVjNDE4YmRkZGMzY2NhNTFiNTQ0OTYyNWE3NzVkMWFhNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM7YzIBLXFHrlJ52fZLVKirxgMmK
JDMV0SopNkgPVsciN0iG6eb32tNfM3T+9XLmDQvIyWbYDNF1PCTSIVQT4jouKVvi
HLm6niNfUJEIgOMh0H/+q6CtV4M29kGRiVjiUAWK0IMtIOAC4TNZyHS4LwUo8sh6
fdpp5+umOubxdojs26zV9exhzmFUPk5sYv3hy2CAK5YKRsA0mTh92w+D6S5fM422
p0fKZ8KA4neEbzhA3qEGVpQm+nF7HfRcXfm1mIG3Nj1mENp/DXYRAMan5NVkFP9c
+P/UCJs9rX/1CVMWJRfXUpyLrJc+8X9+6E4YVNoxfyV/8e3iq0GbrVztrwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFBB8/sQYvd3DzKUbVEliWnddGqWuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRUh6LXhCaTkzY1BNcFJ0VVNXSmFkMTBhcGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBABP
bjADBABPbj0DBABPbj8DBABQTDADBABQTDIDBABT22EDBABUNjEDBABVHy0DBABV
Hy8DBABV2ZADBABXeFQDBABXeFcDBABc+TAwDAMEAF5nfQMEB15nAAMEAF6arAME
AG3O7zAMAwQAstfhAwQCstfgAwQBstfsAwQAstfvMAwDBAC52EUDBAC52EYDBAC5
2ogDBAC59t0DBAG5/LADBAHBIxIDBADBJSoDBADBJS8DBAHBLz4DBADB3mEDBADC
qa8DBADCtDIwDAMEANRXzQMEANRXzjANBgkqhkiG9w0BAQsFAAOCAQEAla6nkC6s
24rx7pyp7f/qo5QONWPbGwDwQ9Z53QdvsuWe+K78ptOPg6jGV4btUD8gwnP7yCE2
87A7UQYb0+scnLkqomCQPQsgYQO2zLDpOgEzOWqayraAv9xbHpdWafM3sF2+bUqi
8xk2aNG0coRp7iael2ZCdt/w3LmnxEyVydRMiJ2vgNIMbW4TsbALW+GH0c2rcw72
wEGVCECQx/ABhUuk+3nIbI55GWY5zZPF33jq3uT3chizfY7E1ooaOAZTKRPT4OZc
opk+d1yH8UmeW+tZcVSWeZZkxHNQ+wXAfiDvpRwuuXCR9XtCuCxRkdTeiFZnNyG4
6lf1EhUjOsKbNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org