Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G-fSicU58XdA_0_CAaaplugRRYY.roa
File: G-fSicU58XdA_0_CAaaplugRRYY.roa (raw, json)
Hash identifier: ylHJaCp125QDR/gyVsJ7Xo+l3F38nTgyKy9hLacYEnM=
Subject key identifier: 1B:E7:D2:89:C5:39:F1:77:40:FF:4F:C2:01:A6:A9:96:E8:11:45:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F151A19
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G-fSicU58XdA_0_CAaaplugRRYY.roa
Signing time: Fri 17 Jun 2022 11:30:44 +0000
ROA not before: Fri 17 Jun 2022 11:30:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 521476633 (0x1f151a19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 17 11:30:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1be7d289c539f17740ff4fc201a6a996e8114586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:29:63:9d:7c:22:44:62:95:eb:a2:fb:2b:71:
35:73:78:7f:fa:80:0d:2a:8d:18:b7:c7:36:02:12:
16:27:72:d2:66:9b:a3:98:27:f0:1a:5f:04:fb:ad:
70:80:45:2a:ce:f5:3d:ad:7d:bd:f4:5e:88:a0:19:
87:9b:51:1d:10:6a:4a:18:d3:8f:57:22:d6:a8:58:
04:3c:8b:da:1d:79:83:a7:c8:f7:3f:c0:4e:b9:3c:
bb:22:9c:7f:13:dc:34:81:9d:84:05:3e:97:87:d9:
0e:b1:56:f5:16:23:f7:e3:25:4e:0a:be:7f:b7:00:
73:aa:3d:2a:70:c3:b3:c6:b0:1a:65:c8:88:22:2c:
6c:d9:cc:55:98:71:ef:9a:b5:ad:4c:7d:dd:6d:b9:
d2:2e:5a:9b:4a:c7:bf:56:b0:c6:11:c3:be:7d:87:
89:bf:2c:52:17:44:7e:01:01:77:88:24:d2:4d:9c:
e4:21:e2:cf:3f:4a:19:d6:19:90:f3:45:d6:3c:04:
46:2b:82:f0:9f:fa:47:48:af:e8:f2:54:b2:29:e5:
5f:8a:c0:26:bc:d4:32:75:01:22:d5:b2:98:ac:66:
f0:54:a4:aa:36:3b:3d:08:39:e8:6a:3a:7e:8d:49:
84:fa:09:7d:4c:ba:0d:65:f7:80:3b:cc:c6:22:58:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E7:D2:89:C5:39:F1:77:40:FF:4F:C2:01:A6:A9:96:E8:11:45:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G-fSicU58XdA_0_CAaaplugRRYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0-79.110.50.255
79.110.63.0/24
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
109.206.239.0/24
178.215.224.0/22
178.215.237.0/24
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.47.0/24
193.47.62.0/23
194.48.248.0/24
194.48.251.0/24
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
56:63:5f:1c:70:38:a6:e6:4b:86:be:0b:c7:13:5c:16:17:b3:
9d:bc:8e:60:e3:96:30:49:c3:49:d4:85:2c:37:1a:57:c1:9b:
72:50:d7:df:1c:35:35:e4:24:1b:96:55:df:45:5d:86:bf:e1:
97:ac:c7:3b:34:2d:e4:ed:53:b8:4e:5d:e1:b2:ee:62:63:9c:
5a:df:f5:3e:82:d6:70:5f:99:03:4f:ea:2b:2d:fe:ca:38:5e:
8c:88:d1:30:e6:2e:91:18:87:a2:e7:6f:b9:05:19:0d:d9:86:
b9:cd:8f:5f:4e:5d:47:e9:1c:38:5d:64:41:21:08:17:86:10:
30:73:aa:51:8f:7d:9c:1b:fe:36:17:25:68:7c:29:04:50:89:
29:e8:a9:08:07:bb:2e:4a:78:3a:fd:8d:45:30:56:d6:57:21:
fa:93:7b:22:ef:68:37:ab:3a:35:7a:e1:94:68:f8:46:b7:fb:
0a:f3:ed:09:36:8b:2e:b0:d3:f1:de:67:ca:70:df:0b:f8:56:
3d:33:d1:16:16:60:ca:ac:b9:27:6e:b0:4f:7f:22:7a:a2:63:
06:ae:79:85:5b:d0:9d:29:25:48:f5:b2:33:db:8f:3a:7e:ff:
d5:77:32:2f:8d:8b:88:7f:40:87:64:a7:cf:a4:74:a1:64:57:
eb:2e:c1:ce
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIEHxUaGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYx
NzExMzA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJlN2QyODljNTM5
ZjE3NzQwZmY0ZmMyMDFhNmE5OTZlODExNDU4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcpY518IkRileui+ytxNXN4f/qADSqNGLfHNgISFidy0mab
o5gn8BpfBPutcIBFKs71Pa19vfReiKAZh5tRHRBqShjTj1ci1qhYBDyL2h15g6fI
9z/ATrk8uyKcfxPcNIGdhAU+l4fZDrFW9RYj9+MlTgq+f7cAc6o9KnDDs8awGmXI
iCIsbNnMVZhx75q1rUx93W250i5am0rHv1awxhHDvn2Hib8sUhdEfgEBd4gk0k2c
5CHizz9KGdYZkPNF1jwERiuC8J/6R0iv6PJUsinlX4rAJrzUMnUBItWymKxm8FSk
qjY7PQg56Go6fo1JhPoJfUy6DWX3gDvMxiJYwm8CAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBQb59KJxTnxd0D/T8IBpqmW6BFFhjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0ctZlNpY1U1OFhkQV8wX0NBYWFwbHVnUlJZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgZ8EAgABMIGYAwQBJYuCMAwDBARPbjADBABP
bjIDBABPbj8DBABQTDMDBAJT22ADBABXeFQDBABXeFcDBABbXHMDBABemqwDBABt
zu8DBAKy1+ADBACy1+0DBACy1+8DBAC52EQDBAC52osDBAC5/LADBADBIxIDBADB
JS8DBAHBLz4DBADCMPgDBADCMPsDBADCqa8DBADCtDIDBADUV80wDQYJKoZIhvcN
AQELBQADggEBAFZjXxxwOKbmS4a+C8cTXBYXs528jmDjljBJw0nUhSw3GlfBm3JQ
198cNTXkJBuWVd9FXYa/4Zesxzs0LeTtU7hOXeGy7mJjnFrf9T6C1nBfmQNP6ist
/so4XoyI0TDmLpEYh6Lnb7kFGQ3ZhrnNj19OXUfpHDhdZEEhCBeGEDBzqlGPfZwb
/jYXJWh8KQRQiSnoqQgHuy5KeDr9jUUwVtZXIfqTeyLvaDerOjV64ZRo+Ea3+wrz
7Qk2iy6w0/HeZ8pw3wv4Vj0z0RYWYMqsuSdusE9/InqiYwaueYVb0J0pJUj1sjPb
jzp+/9V3Mi+Ni4h/QIdkp8+kdKFkV+suwc4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org