Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L7ScKaU8iGU_VRZ-S9xlTdrKvss.roa
File: L7ScKaU8iGU_VRZ-S9xlTdrKvss.roa (raw, json)
Hash identifier: hILU0HsP5iSOimvILPtOlooezF/2WldgNBqF+FZwI3k=
Subject key identifier: 2F:B4:9C:29:A5:3C:88:65:3F:55:16:7E:4B:DC:65:4D:DA:CA:BE:CB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01820789D799F9FBCA70111AE9FB8D182CC7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L7ScKaU8iGU_VRZ-S9xlTdrKvss.roa
Signing time: Sat 16 Jul 2022 15:04:10 +0000
ROA not before: Sat 16 Jul 2022 15:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.254.37.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:07:89:d7:99:f9:fb:ca:70:11:1a:e9:fb:8d:18:2c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 16 15:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fb49c29a53c88653f55167e4bdc654ddacabecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:fa:ba:66:15:bf:47:8f:f1:ef:31:20:1f:
78:ce:28:fb:8f:9b:06:02:b6:fe:cc:1a:1e:30:de:
d1:ba:10:af:06:ad:3b:a0:6c:dd:0f:91:ff:06:8e:
8c:f0:9f:2a:cc:51:b0:f9:6c:17:be:f6:c3:e8:b7:
0f:97:04:c0:cc:db:d8:10:76:b2:cd:e1:0a:d2:7f:
a8:de:89:2b:5f:b4:45:d8:fc:a2:f3:0e:e2:05:69:
b9:40:e0:06:3f:be:f5:fd:71:e7:3a:d9:a2:4c:84:
bd:97:2b:67:a1:43:8f:3e:b5:b4:6b:bc:81:82:a7:
d6:d2:d0:1a:d3:1b:9c:fe:eb:88:a0:a2:3a:cd:cb:
90:d6:4f:55:04:85:3b:0d:ed:c3:75:29:65:87:c4:
3a:78:c1:9f:18:5d:81:f6:6b:2a:69:5a:fc:6c:76:
88:9a:4c:6e:cb:56:e9:c9:11:88:ad:60:6b:9d:25:
54:75:4a:6a:89:ae:69:20:fa:13:92:bd:e1:c1:08:
3f:93:6a:7e:11:22:10:d2:75:ce:f5:9b:91:a3:8b:
19:fa:c8:73:d4:72:e9:e4:57:ac:0e:22:d9:da:9c:
61:3f:6c:a4:34:85:39:bf:31:40:54:72:4e:be:ca:
8e:13:4d:5a:8d:0e:fe:18:18:a0:58:a7:25:11:5a:
19:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B4:9C:29:A5:3C:88:65:3F:55:16:7E:4B:DC:65:4D:DA:CA:BE:CB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L7ScKaU8iGU_VRZ-S9xlTdrKvss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
80.76.51.0/24
85.217.145.0/24
185.225.73.0/24
185.246.220.0/24
185.252.178.0/23
185.254.37.0/24
193.47.61.0/24
Signature Algorithm: sha256WithRSAEncryption
29:fa:65:2f:12:d0:35:68:ea:fe:74:9c:cd:dc:0a:ee:59:3e:
60:0a:18:79:c8:33:50:32:02:34:13:6a:b5:44:72:93:57:b3:
98:6a:1a:98:b4:3a:2b:b5:57:26:c6:b0:42:b2:83:25:f8:c2:
5c:63:4a:f2:5a:f4:9e:cf:23:a0:0b:e1:b8:fa:ae:71:d7:1c:
66:98:6d:c8:11:f7:b1:1d:f9:44:a5:e5:bc:20:f3:f5:4c:e7:
13:80:28:2a:89:66:41:48:fe:f3:49:9c:16:54:ed:00:99:8e:
f0:41:56:e0:c1:1c:6c:83:75:85:23:54:5b:1c:47:63:23:80:
d6:6c:16:62:20:18:e1:b3:9b:d4:5b:bd:6d:59:46:1f:ae:d0:
ce:8d:5d:f0:c9:5b:e5:82:a9:f9:d5:05:82:ce:31:c6:f0:6d:
68:23:e0:fd:67:0a:5b:7e:b0:6e:8d:d5:ec:6e:44:35:8d:1e:
7a:d7:af:ef:7a:a9:95:8b:be:63:a6:95:7b:fa:43:64:97:82:
8c:6f:a1:b3:e8:46:00:69:b9:ad:7c:fb:39:0c:0c:77:17:e0:
de:f6:01:5f:3f:c3:c8:d7:f4:1a:a3:df:6d:de:e2:ed:50:e3:
c0:bc:ea:87:59:16:bb:33:df:d1:d1:d0:a7:8c:15:56:0b:8d:
bb:9f:77:65
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYIHideZ+fvKcBEa6fuNGCzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzE2MTUwNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI0OWMyOWE1M2M4ODY1M2Y1NTE2N2U0YmRjNjU0ZGRhY2FiZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIH6umYVv0eP8e8xIB94zij7j5sG
Arb+zBoeMN7RuhCvBq07oGzdD5H/Bo6M8J8qzFGw+WwXvvbD6LcPlwTAzNvYEHay
zeEK0n+o3okrX7RF2Pyi8w7iBWm5QOAGP771/XHnOtmiTIS9lytnoUOPPrW0a7yB
gqfW0tAa0xuc/uuIoKI6zcuQ1k9VBIU7De3DdSllh8Q6eMGfGF2B9msqaVr8bHaI
mkxuy1bpyRGIrWBrnSVUdUpqia5pIPoTkr3hwQg/k2p+ESIQ0nXO9ZuRo4sZ+shz
1HLp5FesDiLZ2pxhP2ykNIU5vzFAVHJOvsqOE01ajQ7+GBigWKclEVoZPwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFC+0nCmlPIhlP1UWfkvcZU3ayr7LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTDdTY0thVThpR1VfVlJaLVM5eGxUZHJLdnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBJYuAAwQA
UEwzAwQAVdmRAwQAueFJAwQAufbcAwQBufyyAwQAuf4lAwQAwS89MA0GCSqGSIb3
DQEBCwUAA4IBAQAp+mUvEtA1aOr+dJzN3AruWT5gChh5yDNQMgI0E2q1RHKTV7OY
ahqYtDortVcmxrBCsoMl+MJcY0ryWvSezyOgC+G4+q5x1xxmmG3IEfexHflEpeW8
IPP1TOcTgCgqiWZBSP7zSZwWVO0AmY7wQVbgwRxsg3WFI1RbHEdjI4DWbBZiIBjh
s5vUW71tWUYfrtDOjV3wyVvlgqn51QWCzjHG8G1oI+D9ZwpbfrBujdXsbkQ1jR56
16/veqmVi75jppV7+kNkl4KMb6Gz6EYAabmtfPs5DAx3F+De9gFfP8PI1/Qao99t
3uLtUOPAvOqHWRa7M9/R0dCnjBVWC427n3dl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org