Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ITE0wkCMKIDSAKY5mGEMHWYRSJk.roa
File: ITE0wkCMKIDSAKY5mGEMHWYRSJk.roa (raw, json)
Hash identifier: zisTB4qoU9KI1kWPBDLxxpDwyoM4zLQr179DguB9AWU=
Subject key identifier: 21:31:34:C2:40:8C:28:80:D2:00:A6:39:98:61:0C:1D:66:11:48:99
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183A255863A7B32DA4A9E63D4CCB011DEBB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ITE0wkCMKIDSAKY5mGEMHWYRSJk.roa
Signing time: Tue 04 Oct 2022 09:30:57 +0000
ROA not before: Tue 04 Oct 2022 09:30:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397423
IP address blocks: 185.246.223.0/24 maxlen: 24
92.249.51.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
176.125.252.0/22 maxlen: 24
94.154.160.0/24 maxlen: 24
94.154.173.0/24 maxlen: 24
109.206.238.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a2:55:86:3a:7b:32:da:4a:9e:63:d4:cc:b0:11:de:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 4 09:30:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=213134c2408c2880d200a63998610c1d66114899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:64:2b:7b:da:8c:31:92:09:1f:b0:18:f0:de:
f0:f4:5d:d2:02:29:f1:41:45:34:19:03:b3:d9:e1:
82:0d:c6:5b:f2:71:ea:31:dd:40:e5:5f:2f:be:e5:
a8:ba:b8:ee:22:1a:0e:07:b7:65:5b:80:08:d1:fd:
81:d5:7e:64:0b:21:2c:4f:27:d6:70:62:f4:8c:77:
58:1d:e5:f1:74:1e:a8:bd:13:49:c9:f5:07:94:ef:
2a:e6:f3:c4:65:10:8c:3f:1b:e0:da:bb:48:54:8d:
20:64:24:0a:35:1d:e4:98:12:1b:93:cb:76:8b:c8:
99:ab:c1:32:76:57:6d:8e:11:c8:c5:fc:cc:7f:f6:
a5:2c:4e:1f:6d:88:43:92:63:ca:99:8c:c9:5b:42:
7b:58:e0:b2:b8:88:6e:8f:34:9e:69:bc:dc:6f:4f:
cc:a2:dd:9f:7f:c6:70:5c:20:fd:aa:78:da:9a:e8:
fd:74:55:e1:de:e3:6e:47:03:8e:d0:66:50:95:5b:
46:50:51:0e:3b:f9:5f:4a:04:69:b2:19:64:47:0e:
d5:75:fb:97:9f:c8:af:55:94:84:3e:1d:8d:c4:21:
28:72:73:f7:43:25:9b:11:f7:a5:96:ba:98:2e:bf:
e3:41:c7:b7:f3:bf:33:26:f5:5d:74:60:ab:fb:e0:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:31:34:C2:40:8C:28:80:D2:00:A6:39:98:61:0C:1D:66:11:48:99
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ITE0wkCMKIDSAKY5mGEMHWYRSJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.61.0/24
79.110.63.0/24
80.76.50.0/24
83.219.97.0/24
85.217.144.0/24
92.249.48.0/24
92.249.51.0/24
94.103.124.0/24
94.103.127.0/24
94.154.160.0/24
94.154.173.0/24
109.206.238.0/24
176.125.252.0/22
178.215.224.0/24
185.246.223.0/24
185.252.177.0/24
185.252.179.0/24
193.25.216.0/24
193.37.44.0/24
193.37.47.0/24
193.47.60.0/24
194.48.250.0/24
194.55.184.0/24
194.55.187.0/24
212.87.205.0-212.87.206.255
Signature Algorithm: sha256WithRSAEncryption
05:ae:21:a9:55:be:5c:64:eb:c0:6b:97:79:35:43:6e:80:c1:
d8:15:6a:39:ee:52:34:54:01:12:45:1c:fe:06:dd:be:9e:f5:
91:13:4a:a9:9c:29:8a:7b:99:db:e2:5f:09:96:6d:a3:41:02:
b6:69:16:b1:b7:30:5d:9b:ba:07:c1:76:ca:c4:be:20:2d:54:
22:27:04:e8:a1:ab:19:f2:4d:e9:dd:02:34:b3:97:49:c8:4b:
f0:bd:b3:3b:6d:31:03:c8:47:16:93:f4:5b:b3:59:f8:95:79:
32:7a:c2:7b:06:80:e2:17:c9:8d:8c:ff:72:c2:2a:55:ac:b3:
fb:51:35:32:ad:b9:30:d5:03:bb:04:75:0e:ad:44:f5:14:1f:
3f:63:df:2c:6c:8c:62:76:77:a7:99:2c:45:85:58:ae:f5:3b:
88:36:3a:ca:ec:70:92:c2:85:99:36:c7:c9:85:98:20:24:6b:
2d:93:9c:b0:da:45:da:d1:ef:27:0d:ba:5d:f1:9c:3f:6d:b6:
fe:32:97:fa:6a:1d:70:e6:3d:8f:f3:8e:a8:0d:0f:11:20:4f:
6c:87:3b:e4:31:59:f3:16:0d:52:ec:55:b0:5c:8a:21:00:9f:
9a:8f:51:ea:32:65:06:5c:68:97:dc:48:d5:c5:04:0a:92:92:
12:7b:88:d3
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYOiVYY6ezLaSp5j1MywEd67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDA0MDkzMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMxMzRjMjQwOGMyODgwZDIwMGE2Mzk5ODYxMGMxZDY2MTE0ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWQre9qMMZIJH7AY8N7w9F3SAinx
QUU0GQOz2eGCDcZb8nHqMd1A5V8vvuWourjuIhoOB7dlW4AI0f2B1X5kCyEsTyfW
cGL0jHdYHeXxdB6ovRNJyfUHlO8q5vPEZRCMPxvg2rtIVI0gZCQKNR3kmBIbk8t2
i8iZq8EydldtjhHIxfzMf/alLE4fbYhDkmPKmYzJW0J7WOCyuIhujzSeabzcb0/M
ot2ff8ZwXCD9qnjamuj9dFXh3uNuRwOO0GZQlVtGUFEOO/lfSgRpshlkRw7VdfuX
n8ivVZSEPh2NxCEocnP3QyWbEfellrqYLr/jQce3878zJvVddGCr++DnLQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFCExNMJAjCiA0gCmOZhhDB1mEUiZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSVRFMHdrQ01LSURTQUtZNW1HRU1IV1lSU0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBABP
bj0DBABPbj8DBABQTDIDBABT22EDBABV2ZADBABc+TADBABc+TMDBABeZ3wDBABe
Z38DBABemqADBABemq0DBABtzu4DBAKwffwDBACy1+ADBAC59t8DBAC5/LEDBAC5
/LMDBADBGdgDBADBJSwDBADBJS8DBADBLzwDBADCMPoDBADCN7gDBADCN7swDAME
ANRXzQMEANRXzjANBgkqhkiG9w0BAQsFAAOCAQEABa4hqVW+XGTrwGuXeTVDboDB
2BVqOe5SNFQBEkUc/gbdvp71kRNKqZwpinuZ2+JfCZZto0ECtmkWsbcwXZu6B8F2
ysS+IC1UIicE6KGrGfJN6d0CNLOXSchL8L2zO20xA8hHFpP0W7NZ+JV5MnrCewaA
4hfJjYz/csIqVayz+1E1Mq25MNUDuwR1Dq1E9RQfP2PfLGyMYnZ3p5ksRYVYrvU7
iDY6yuxwksKFmTbHyYWYICRrLZOcsNpF2tHvJw26XfGcP222/jKX+modcOY9j/OO
qA0PESBPbIc75DFZ8xYNUuxVsFyKIQCfmo9R6jJlBlxol9xI1cUECpKSEnuI0w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org