Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JOnPjrjywXJraSWU1K1Kvcd_zsk.roa
File: JOnPjrjywXJraSWU1K1Kvcd_zsk.roa (raw, json)
Hash identifier: zjKpC3TDjgxqyr2ChDZ7mNxh4+3rGocNMfXbgpPSXjk=
Subject key identifier: 24:E9:CF:8E:B8:F2:C1:72:6B:69:25:94:D4:AD:4A:BD:C7:7F:CE:C9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182ED5E253F54460A2ABF5EBBF6E0395F97
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JOnPjrjywXJraSWU1K1Kvcd_zsk.roa
Signing time: Tue 30 Aug 2022 06:09:06 +0000
ROA not before: Tue 30 Aug 2022 06:09:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:5e:25:3f:54:46:0a:2a:bf:5e:bb:f6:e0:39:5f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 30 06:09:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24e9cf8eb8f2c1726b692594d4ad4abdc77fcec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6b:59:26:c7:27:04:d1:7a:1f:fb:8f:86:92:
45:66:c8:53:1b:79:9c:9d:79:27:d9:9b:dd:92:b2:
83:8d:96:76:49:03:cd:c6:da:3c:44:d4:c2:63:a6:
96:ac:6f:6f:20:10:08:ac:a7:c5:69:aa:26:27:db:
e7:06:b5:dc:36:6a:1d:64:fb:f9:05:97:93:13:84:
bd:99:a3:e6:6a:36:52:f7:4f:5b:0c:b9:9a:df:32:
ae:c4:d6:b6:e2:40:d2:77:21:8e:22:7b:79:27:f9:
38:b1:89:d6:74:79:34:9c:84:5a:aa:d8:a7:c4:ff:
89:2e:b7:cc:25:75:24:b5:10:99:35:76:d6:ef:75:
59:bf:7d:8d:74:0b:35:3d:86:60:44:61:cc:e9:91:
21:6d:df:95:56:87:e5:46:36:ff:ac:e8:82:89:e7:
18:0c:12:9e:a3:15:33:1f:56:37:7b:5a:1f:de:bb:
e1:6c:6b:ed:45:2e:e0:6f:6e:3a:1f:2e:37:48:6b:
31:08:4f:8b:df:30:7b:d0:09:88:69:12:b7:51:89:
ad:0d:5d:d1:ec:62:ed:93:06:7b:12:07:d1:7e:e2:
4d:92:e0:61:b9:f4:67:d1:ce:79:e0:ae:4f:bc:d2:
8c:81:38:69:ea:f9:2b:86:d4:5f:d3:f1:c2:0b:35:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E9:CF:8E:B8:F2:C1:72:6B:69:25:94:D4:AD:4A:BD:C7:7F:CE:C9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JOnPjrjywXJraSWU1K1Kvcd_zsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
80.76.50.0/24
82.115.208.0/24
82.115.210.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
92.249.50.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.236.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.177.0/24
193.25.216.0/24
193.35.19.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
194.180.36.0/24
212.87.206.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c0:d7:92:e4:8a:68:ba:75:4b:69:0f:06:f7:56:44:c6:4c:
23:54:b5:7f:1c:41:a3:df:28:01:31:dd:3c:1a:4c:d1:4d:af:
84:0a:89:87:f6:a9:6f:66:01:0a:ff:e4:67:ad:6c:63:c9:6f:
aa:d3:ac:25:16:53:ce:09:2c:f1:8f:60:1b:6c:c0:b9:60:99:
ec:5a:3c:21:14:28:40:56:83:d5:57:0f:52:36:f2:56:e5:ee:
9a:3c:9d:cd:df:06:e4:40:c5:a0:f7:4a:fe:d6:a1:f7:e5:20:
17:a8:85:23:b2:e8:e3:75:ce:7e:66:e6:60:7f:b3:d4:cc:15:
73:d4:d5:54:9c:1c:29:00:7c:d1:0b:fc:72:48:74:70:29:fb:
13:fc:a4:59:c4:53:52:b9:0f:04:7f:a1:6c:8e:01:fc:b1:4e:
9a:e1:99:e6:6d:e9:0d:05:bd:62:77:79:b0:4d:63:73:50:25:
77:4f:f3:d0:0c:e9:f5:b5:10:01:d0:76:cf:35:c8:87:93:37:
24:ed:69:2c:95:d8:0e:49:cc:87:9f:5f:ad:e5:27:c4:32:71:
20:d7:86:cc:33:b3:4f:0d:21:54:b4:70:5c:01:4f:34:e5:d6:
70:1a:ea:19:d9:10:5a:eb:af:fa:b1:37:9c:64:4a:af:f9:11:
20:7e:53:fa
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAYLtXiU/VEYKKr9eu/bgOV+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODMwMDYwOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU5Y2Y4ZWI4ZjJjMTcyNmI2OTI1OTRkNGFkNGFiZGM3N2ZjZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmtZJscnBNF6H/uPhpJFZshTG3mc
nXkn2ZvdkrKDjZZ2SQPNxto8RNTCY6aWrG9vIBAIrKfFaaomJ9vnBrXcNmodZPv5
BZeTE4S9maPmajZS909bDLma3zKuxNa24kDSdyGOInt5J/k4sYnWdHk0nIRaqtin
xP+JLrfMJXUktRCZNXbW73VZv32NdAs1PYZgRGHM6ZEhbd+VVoflRjb/rOiCiecY
DBKeoxUzH1Y3e1of3rvhbGvtRS7gb246Hy43SGsxCE+L3zB70AmIaRK3UYmtDV3R
7GLtkwZ7EgfRfuJNkuBhufRn0c554K5PvNKMgThp6vkrhtRf0/HCCzUy0wIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFCTpz4648sFya2kllNStSr3Hf87JMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSk9uUGpyanl3WEpyYVNXVTFLMUt2Y2RfenNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBABQ
TDADBABQTDIDBABSc9ADBABSc9IDBABUNjEDBABVHy0DBABVHy8DBABXeFQDBABX
eFcDBABc+TADBABc+TIwDAMEAF5nfQMEB15nAAMEAF6arDAMAwQAstfhAwQCstfg
AwQAstfsAwQAstfvMAwDBAC52EUDBAC52EYDBAC52ogDBAC59t0DBAC5/LEDBADB
GdgDBADBIxMDBADBJSoDBADBJS8DBADBKiADBAHBLz4DBADB3mEDBADCtCQDBADU
V84wDQYJKoZIhvcNAQELBQADggEBAFLA15Lkimi6dUtpDwb3VkTGTCNUtX8cQaPf
KAEx3TwaTNFNr4QKiYf2qW9mAQr/5GetbGPJb6rTrCUWU84JLPGPYBtswLlgmexa
PCEUKEBWg9VXD1I28lbl7po8nc3fBuRAxaD3Sv7WofflIBeohSOy6ON1zn5m5mB/
s9TMFXPU1VScHCkAfNEL/HJIdHAp+xP8pFnEU1K5DwR/oWyOAfyxTprhmeZt6Q0F
vWJ3ebBNY3NQJXdP89AM6fW1EAHQds81yIeTNyTtaSyV2A5JzIefX63lJ8QycSDX
hswzs08NIVS0cFwBTzTl1nAa6hnZEFrrr/qxN5xkSq/5ESB+U/o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org