Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IWB-iys_IoUzMZbCyZ6neDChRWs.roa
File: IWB-iys_IoUzMZbCyZ6neDChRWs.roa (raw, json)
Hash identifier: NsTdwR5z683dXw1cf7t6E5J2tAGJqqiNIgVnDGMMzBU=
Subject key identifier: 21:60:7E:8B:2B:3F:22:85:33:31:96:C2:C9:9E:A7:78:30:A1:45:6B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01852F82E8B955CD63390CA3884AAADA8A67
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IWB-iys_IoUzMZbCyZ6neDChRWs.roa
Signing time: Tue 20 Dec 2022 12:29:46 +0000
ROA not before: Tue 20 Dec 2022 12:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20454
IP address blocks: 81.161.237.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
94.156.234.0/23 maxlen: 24
185.222.160.0/22 maxlen: 24
93.123.81.0/24 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.182.0/23 maxlen: 24
193.37.40.0/23 maxlen: 24
194.48.250.0/23 maxlen: 24
194.55.184.0/24 maxlen: 24
194.59.30.0/23 maxlen: 24
87.120.84.0/24 maxlen: 24
94.103.124.0/23 maxlen: 24
194.180.36.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
83.219.98.0/23 maxlen: 24
82.115.210.0/23 maxlen: 24
87.120.5.0/24 maxlen: 24
176.125.252.0/22 maxlen: 24
94.154.174.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:82:e8:b9:55:cd:63:39:0c:a3:88:4a:aa:da:8a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 12:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21607e8b2b3f2285333196c2c99ea77830a1456b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:36:e2:3d:72:a3:fc:18:a5:98:2f:e7:a2:b8:
ae:6b:e6:d6:9a:2d:ef:73:47:ff:11:04:cb:60:1e:
47:40:06:99:c9:a7:31:87:d1:cc:94:70:e3:49:9b:
09:66:41:d0:8d:bb:4e:b8:d5:8e:eb:f8:73:07:f0:
a5:ca:3d:ec:49:ea:50:73:ad:79:17:37:2a:45:1f:
63:f8:b9:39:6b:e3:52:b8:4e:27:91:5b:48:90:16:
98:36:62:bb:54:9e:0e:67:aa:c2:43:ec:41:c8:9e:
c0:55:45:aa:ef:46:e2:cb:55:f2:26:3f:45:51:5b:
9a:5e:db:ae:5d:04:23:bf:7e:ac:97:7b:02:73:88:
e1:eb:6e:e8:9d:c5:a7:45:dc:28:d0:bf:be:2c:09:
b6:a6:e4:e2:87:a0:bd:ba:d0:ff:6e:2d:03:b3:b3:
d7:b0:1b:0a:1c:87:ff:ae:f0:d9:8e:c4:3e:c1:be:
ef:85:d8:81:e9:48:e3:10:af:83:02:5e:6f:ae:37:
79:49:c8:f5:f8:61:af:e0:8e:11:64:88:10:3e:da:
14:fc:04:0e:d4:82:2c:ba:6c:18:01:40:76:9c:41:
02:18:19:08:ea:37:c2:5b:5d:6f:0d:70:0a:ad:8d:
a4:c6:93:4d:f1:fc:46:64:44:ad:40:28:1e:d6:55:
94:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:60:7E:8B:2B:3F:22:85:33:31:96:C2:C9:9E:A7:78:30:A1:45:6B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IWB-iys_IoUzMZbCyZ6neDChRWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
82.115.210.0/23
83.219.98.0/23
84.54.48.0/24
87.120.5.0/24
87.120.84.0/24
87.121.58.0/24
93.123.81.0/24
94.103.124.0/23
94.154.174.0/23
94.156.160.0/23
94.156.182.0/23
94.156.234.0/23
176.125.252.0/22
185.222.160.0/22
193.37.40.0/23
194.48.250.0/23
194.55.184.0/24
194.59.30.0/23
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1e:4c:2a:4d:3a:1b:e5:81:cc:be:73:0f:eb:bb:3c:6b:cf:
0a:f8:56:4d:46:6e:1e:1b:22:20:82:f0:51:f9:6a:a7:c2:ca:
03:d5:fe:cc:de:9c:89:a0:89:e9:ae:fd:ce:fd:49:db:fa:31:
fd:bd:cf:d8:d6:9a:55:0a:30:c5:dc:b7:29:00:ac:ed:3e:74:
0c:16:b6:1d:5e:20:a5:8c:25:e1:b3:6e:7e:45:5c:9d:14:21:
a5:90:c4:6d:85:d4:05:70:b3:5f:46:4d:d2:8f:21:40:7e:81:
d8:32:76:db:fc:ea:b3:c4:f9:e0:53:33:3c:b0:f1:0b:b3:08:
e6:5c:38:5b:49:f6:ff:b5:74:f0:5d:0f:92:c8:17:28:b8:ff:
72:2c:6b:9c:dc:bd:8a:69:ad:48:8b:16:7d:1a:f3:5a:db:37:
12:17:90:0a:a8:dc:3b:7c:2d:40:a3:04:f0:45:0d:87:b7:0c:
91:f7:df:ab:99:c0:26:c9:8f:19:9c:71:7b:a1:fc:b3:06:53:
16:e3:a7:07:e4:47:0a:3d:45:d3:c5:c4:75:95:ee:da:9f:1c:
ab:68:18:12:a5:36:29:99:ca:55:af:48:cc:8d:82:33:33:37:
c5:50:71:f3:4e:e7:52:4e:7a:87:3a:6a:a6:a1:3e:88:17:f7:
2d:d5:38:54
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYUvgui5Vc1jOQyjiEqq2opnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjIwMTIyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTYwN2U4YjJiM2YyMjg1MzMzMTk2YzJjOTllYTc3ODMwYTE0NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzbiPXKj/BilmC/noriua+bWmi3v
c0f/EQTLYB5HQAaZyacxh9HMlHDjSZsJZkHQjbtOuNWO6/hzB/Clyj3sSepQc615
FzcqRR9j+Lk5a+NSuE4nkVtIkBaYNmK7VJ4OZ6rCQ+xByJ7AVUWq70biy1XyJj9F
UVuaXtuuXQQjv36sl3sCc4jh627oncWnRdwo0L++LAm2puTih6C9utD/bi0Ds7PX
sBsKHIf/rvDZjsQ+wb7vhdiB6UjjEK+DAl5vrjd5Scj1+GGv4I4RZIgQPtoU/AQO
1IIsumwYAUB2nEECGBkI6jfCW11vDXAKrY2kxpNN8fxGZEStQCge1lWU7QIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCFgfosrPyKFMzGWwsmep3gwoUVrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSVdCLWl5c19Jb1V6TVpiQ3laNm5lRENoUldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAUaHt
AwQBUnPSAwQBU9tiAwQAVDYwAwQAV3gFAwQAV3hUAwQAV3k6AwQAXXtRAwQBXmd8
AwQBXpquAwQBXpygAwQBXpy2AwQBXpzqAwQCsH38AwQCud6gAwQBwSUoAwQBwjD6
AwQAwje4AwQBwjseAwQAwrQkMA0GCSqGSIb3DQEBCwUAA4IBAQAvHkwqTTob5YHM
vnMP67s8a88K+FZNRm4eGyIggvBR+WqnwsoD1f7M3pyJoInprv3O/Unb+jH9vc/Y
1ppVCjDF3LcpAKztPnQMFrYdXiCljCXhs25+RVydFCGlkMRthdQFcLNfRk3SjyFA
foHYMnbb/OqzxPngUzM8sPELswjmXDhbSfb/tXTwXQ+SyBcouP9yLGuc3L2Kaa1I
ixZ9GvNa2zcSF5AKqNw7fC1AowTwRQ2HtwyR99+rmcAmyY8ZnHF7ofyzBlMW46cH
5EcKPUXTxcR1le7anxyraBgSpTYpmcpVr0jMjYIzMzfFUHHzTudSTnqHOmqmoT6I
F/ct1ThU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org