Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N-dcpjCSVRwHeSNgcL0xfx9l6Oo.roa
File: N-dcpjCSVRwHeSNgcL0xfx9l6Oo.roa (raw, json)
Hash identifier: io71EdPisXez8a0B2n6bNnxKRzjvFlI6gBo0aFlhR0Q=
Subject key identifier: 37:E7:5C:A6:30:92:55:1C:07:79:23:60:70:BD:31:7F:1F:65:E8:EA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182F82C3BC4D6C37BA2B82FD94D9E63F982
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N-dcpjCSVRwHeSNgcL0xfx9l6Oo.roa
Signing time: Thu 01 Sep 2022 08:30:24 +0000
ROA not before: Thu 01 Sep 2022 08:30:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:2c:3b:c4:d6:c3:7b:a2:b8:2f:d9:4d:9e:63:f9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 1 08:30:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37e75ca63092551c0779236070bd317f1f65e8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c1:7f:0b:2d:b3:42:b2:45:9b:10:0b:30:2b:
a1:9f:a0:bd:5a:b5:07:0a:b1:98:ff:cd:63:4c:dc:
58:c2:bc:4d:6e:f5:d8:99:9e:ec:32:ea:0b:e7:54:
99:b9:48:98:59:c3:83:10:6c:04:86:7c:83:71:c0:
ee:3a:33:d9:27:3b:e3:26:f5:64:33:bd:95:3c:98:
92:f1:6c:fc:0b:04:66:5f:9d:dc:75:2f:73:58:3f:
4e:4e:9b:df:10:d9:69:6b:49:a2:43:47:b6:e3:2e:
a1:fa:d4:3c:9b:e9:16:5f:af:ab:d7:ff:f4:93:6e:
3c:6e:d3:aa:e9:e3:5d:21:ec:40:e1:dd:d9:56:f3:
8c:28:c8:2f:66:44:69:67:b7:d7:92:ab:f5:27:a7:
14:3b:a5:08:17:4b:01:55:df:4c:c5:64:0d:23:fd:
91:cc:f5:ee:97:2c:a5:8b:7b:e6:ba:fb:ff:a7:7e:
d4:eb:39:2c:b5:f9:a3:37:a2:ff:b4:76:3c:cb:d3:
31:a5:be:6f:1a:ae:32:6a:f8:f3:57:a5:8d:c6:2a:
79:6b:33:eb:88:43:77:b9:ae:14:be:3b:8e:27:67:
17:66:2e:29:1c:12:c9:ab:68:e0:20:65:49:a2:e8:
c3:d3:12:5c:13:e4:df:c0:46:3d:e1:d3:53:f5:b3:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E7:5C:A6:30:92:55:1C:07:79:23:60:70:BD:31:7F:1F:65:E8:EA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N-dcpjCSVRwHeSNgcL0xfx9l6Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
80.76.50.0/24
82.115.208.0-82.115.210.255
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
92.249.50.0/24
94.103.125.0-94.103.126.255
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.236.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.177.0/24
193.25.216.0/24
193.35.19.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
194.180.36.0/24
212.87.206.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:d1:55:61:f5:86:ef:e0:f4:45:d3:c9:e7:e1:ed:24:ef:e6:
9a:76:dd:a6:04:6c:89:c9:35:db:5b:45:a8:f8:af:4b:ff:92:
93:61:34:67:ae:c2:29:3f:a0:cc:93:2a:c3:bc:55:c1:40:5a:
6b:10:31:25:26:fe:d7:60:1f:47:b7:c0:f6:4b:49:8b:b6:f7:
c3:0a:03:f3:3a:7d:41:96:51:7d:ee:b7:a3:14:17:67:fc:32:
5a:4b:98:85:58:9d:df:9f:6e:c2:82:10:87:5f:13:07:49:23:
74:13:cc:47:ea:14:70:e4:69:89:24:0c:96:2a:5e:08:8f:3e:
a5:e6:1e:30:70:1b:28:a0:13:3a:13:4f:43:6b:e2:be:33:28:
9c:05:43:09:ed:71:03:c1:d9:55:ad:77:62:dd:7e:8a:70:e0:
2b:f6:55:b4:6b:02:10:23:21:2d:41:2e:17:5f:0c:b8:ca:ad:
88:94:0f:f3:83:fe:ed:ab:03:43:94:3e:2a:56:75:1c:4c:58:
68:46:2f:55:da:36:7b:e0:b6:b5:8e:a9:4b:ae:7d:cd:c6:33:
7b:38:33:fd:01:a2:9e:de:c2:7a:79:11:ee:13:33:60:cb:e7:
b0:8e:3c:b8:0c:d7:ca:20:b9:52:ea:2c:a8:47:ac:f5:76:33:
8c:02:51:12
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYL4LDvE1sN7orgv2U2eY/mCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTAxMDgzMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2U3NWNhNjMwOTI1NTFjMDc3OTIzNjA3MGJkMzE3ZjFmNjVlOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscF/Cy2zQrJFmxALMCuhn6C9WrUH
CrGY/81jTNxYwrxNbvXYmZ7sMuoL51SZuUiYWcODEGwEhnyDccDuOjPZJzvjJvVk
M72VPJiS8Wz8CwRmX53cdS9zWD9OTpvfENlpa0miQ0e24y6h+tQ8m+kWX6+r1//0
k248btOq6eNdIexA4d3ZVvOMKMgvZkRpZ7fXkqv1J6cUO6UIF0sBVd9MxWQNI/2R
zPXulyyli3vmuvv/p37U6zkstfmjN6L/tHY8y9Mxpb5vGq4yavjzV6WNxip5azPr
iEN3ua4UvjuOJ2cXZi4pHBLJq2jgIGVJoujD0xJcE+TfwEY94dNT9bOE1QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFDfnXKYwklUcB3kjYHC9MX8fZejqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTi1kY3BqQ1NWUndIZVNOZ2NMMHhmeDlsNk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBABQ
TDADBABQTDIwDAMEBFJz0AMEAFJz0gMEAFQ2MQMEAFUfLQMEAFUfLwMEAFd4VAME
AFd4VwMEAFz5MAMEAFz5MjAMAwQAXmd9AwQAXmd+AwQAXpqsMAwDBACy1+EDBAKy
1+ADBACy1+wDBACy1+8wDAMEALnYRQMEALnYRgMEALnaiAMEALn23QMEALn8sQME
AMEZ2AMEAMEjEwMEAMElKgMEAMElLwMEAMEqIAMEAcEvPgMEAMHeYQMEAMK0JAME
ANRXzjANBgkqhkiG9w0BAQsFAAOCAQEArtFVYfWG7+D0RdPJ5+HtJO/mmnbdpgRs
ick121tFqPivS/+Sk2E0Z67CKT+gzJMqw7xVwUBaaxAxJSb+12AfR7fA9ktJi7b3
wwoD8zp9QZZRfe63oxQXZ/wyWkuYhVid359uwoIQh18TB0kjdBPMR+oUcORpiSQM
lipeCI8+peYeMHAbKKATOhNPQ2vivjMonAVDCe1xA8HZVa13Yt1+inDgK/ZVtGsC
ECMhLUEuF18MuMqtiJQP84P+7asDQ5Q+KlZ1HExYaEYvVdo2e+C2tY6pS659zcYz
ezgz/QGint7CenkR7hMzYMvnsI48uAzXyiC5UuosqEes9XYzjAJREg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org