Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J_IApEgSN1dH0W4LO-O3dgY_wks.roa
File: J_IApEgSN1dH0W4LO-O3dgY_wks.roa (raw, json)
Hash identifier: t9P+8cHfMyPl3OXx8IAP3CzBDfOtTCrd+MvmSh9Y99M=
Subject key identifier: 27:F2:00:A4:48:12:37:57:47:D1:6E:0B:3B:E3:B7:76:06:3F:C2:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183C5DFBB7FC03E525BA1A27E6F5807D7FD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J_IApEgSN1dH0W4LO-O3dgY_wks.roa
Signing time: Tue 11 Oct 2022 07:08:37 +0000
ROA not before: Tue 11 Oct 2022 07:08:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 87.121.124.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
176.125.252.0/22 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:df:bb:7f:c0:3e:52:5b:a1:a2:7e:6f:58:07:d7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 11 07:08:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27f200a44812375747d16e0b3be3b776063fc24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:7b:d2:8f:34:8c:a8:0a:21:7a:da:e6:3d:
12:9d:d6:cc:ba:29:e8:07:82:20:21:db:35:33:70:
48:9b:c8:3e:74:d7:d4:3a:e5:a1:dc:58:77:36:90:
07:04:11:db:4c:6e:e2:78:59:7e:b0:a8:a5:f9:a4:
27:db:60:ef:68:4a:e5:3c:5d:a7:73:5a:fb:6a:ac:
c2:0f:cc:a9:f7:3c:a1:c2:9d:20:b6:33:a1:78:8f:
f3:0f:2e:ef:52:3a:6f:e3:42:e1:e8:b7:24:17:c2:
65:8b:74:25:b1:26:d7:75:c8:93:1a:0c:5b:8e:5b:
f6:cb:33:a0:f1:a0:9c:d3:15:17:c5:d7:b7:06:4d:
66:6e:31:9c:e3:50:a2:09:cb:9c:d0:bd:46:37:0f:
91:8e:d5:90:e6:8c:ed:4d:ae:2c:4a:f2:4b:15:94:
ed:fb:dd:ac:4f:1e:02:8c:2e:f0:30:15:35:72:3a:
09:28:dd:ac:f1:0e:0c:01:79:55:5c:bc:6a:8f:3c:
2a:91:f5:4e:90:ca:56:5f:14:4f:b0:a9:18:fc:79:
8b:4a:c4:9d:0c:e5:13:cc:44:ac:39:a5:37:2b:eb:
47:ac:39:8d:5a:fc:e6:57:76:cb:63:07:3a:f1:14:
b9:65:d2:be:0f:35:10:ef:b5:dd:db:13:07:72:bd:
31:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F2:00:A4:48:12:37:57:47:D1:6E:0B:3B:E3:B7:76:06:3F:C2:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J_IApEgSN1dH0W4LO-O3dgY_wks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.49.0/24
87.121.124.0/23
94.154.161.0-94.154.163.255
109.206.239.0/24
164.40.185.0/24
176.125.252.0/22
185.218.137.0/24
185.218.139.0/24
193.222.98.0/24
194.48.248.0/24
194.55.226.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c1:f2:d7:f5:2d:23:df:2e:3e:db:6b:b5:ea:b0:2a:d0:e8:
1d:cb:91:29:08:78:e0:be:33:59:e1:b4:be:00:03:5c:b0:22:
ba:d8:cd:ba:40:e3:03:25:b3:c5:8e:38:4e:25:43:09:98:db:
9d:51:a5:4c:63:94:cd:a0:fc:99:c4:d4:08:7e:86:c5:d4:bd:
d4:38:37:f1:07:ae:03:0f:74:6c:56:46:de:21:f9:85:27:eb:
1a:44:ac:c6:2d:2a:bd:2c:1c:f9:d3:76:fc:15:7b:0e:84:73:
07:47:dc:cc:0b:4e:04:79:99:fd:f3:f7:fd:3e:50:6c:04:ae:
a7:71:f3:cc:7e:11:d8:9e:5a:17:fa:49:7d:b5:af:c8:5c:65:
80:1e:7c:a2:ca:f0:49:1e:8a:8f:1e:c4:24:5f:09:27:e7:32:
ee:70:e7:1e:9a:7a:5a:9f:b9:48:cd:f9:0b:a1:fb:28:75:a0:
ca:dd:00:bb:02:44:ca:c7:15:c1:04:56:ae:24:5f:cc:49:8c:
1e:83:9f:e5:44:37:d5:0e:a2:2d:42:fd:b8:1a:3d:78:aa:d2:
9c:8b:3c:83:bf:8d:5e:06:9c:82:84:fb:a5:e3:64:ac:bc:ba:
ed:db:c5:5f:cd:67:c0:2b:4e:15:65:1e:07:22:ce:19:ab:2d:
cd:c9:67:80
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYPF37t/wD5SW6Gifm9YB9f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDExMDcwODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2YyMDBhNDQ4MTIzNzU3NDdkMTZlMGIzYmUzYjc3NjA2M2ZjMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYp70o80jKgKIXra5j0SndbMuino
B4IgIds1M3BIm8g+dNfUOuWh3Fh3NpAHBBHbTG7ieFl+sKil+aQn22DvaErlPF2n
c1r7aqzCD8yp9zyhwp0gtjOheI/zDy7vUjpv40Lh6LckF8Jli3QlsSbXdciTGgxb
jlv2yzOg8aCc0xUXxde3Bk1mbjGc41CiCcuc0L1GNw+RjtWQ5oztTa4sSvJLFZTt
+92sTx4CjC7wMBU1cjoJKN2s8Q4MAXlVXLxqjzwqkfVOkMpWXxRPsKkY/HmLSsSd
DOUTzESsOaU3K+tHrDmNWvzmV3bLYwc68RS5ZdK+DzUQ77Xd2xMHcr0x1QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCfyAKRIEjdXR9FuCzvjt3YGP8JLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSl9JQXBFZ1NOMWRIMFc0TE8tTzNkZ1lfd2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAUEwxAwQB
V3l8MAwDBABemqEDBAJemqADBABtzu8DBACkKLkDBAKwffwDBAC52okDBAC52osD
BADB3mIDBADCMPgDBADCN+IwDQYJKoZIhvcNAQELBQADggEBAJTB8tf1LSPfLj7b
a7XqsCrQ6B3LkSkIeOC+M1nhtL4AA1ywIrrYzbpA4wMls8WOOE4lQwmY251RpUxj
lM2g/JnE1Ah+hsXUvdQ4N/EHrgMPdGxWRt4h+YUn6xpErMYtKr0sHPnTdvwVew6E
cwdH3MwLTgR5mf3z9/0+UGwErqdx88x+EdieWhf6SX21r8hcZYAefKLK8Ekeio8e
xCRfCSfnMu5w5x6aelqfuUjN+Quh+yh1oMrdALsCRMrHFcEEVq4kX8xJjB6Dn+VE
N9UOoi1C/bgaPXiq0pyLPIO/jV4GnIKE+6XjZKy8uu3bxV/NZ8ArThVlHgcizhmr
Lc3JZ4A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org