Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PC3VZJh7Z_aN5yHtLTiroPqSyQo.roa
File: PC3VZJh7Z_aN5yHtLTiroPqSyQo.roa (raw, json)
Hash identifier: NEHs3vdX74H0s4KwOe0z4EO3+Mo8f6GD9n/93Jh8Wm4=
Subject key identifier: 3C:2D:D5:64:98:7B:67:F6:8D:E7:21:ED:2D:38:AB:A0:FA:92:C9:0A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1CFDFB92
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PC3VZJh7Z_aN5yHtLTiroPqSyQo.roa
Signing time: Thu 03 Feb 2022 16:20:17 +0000
ROA not before: Thu 03 Feb 2022 16:20:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.218.136.0/22 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
82.115.208.0/22 maxlen: 24
193.37.40.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486407058 (0x1cfdfb92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 3 16:20:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c2dd564987b67f68de721ed2d38aba0fa92c90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:be:f7:3e:6e:1c:60:8e:f0:ef:b2:3c:96:ae:
87:39:75:da:e9:25:7b:5b:e7:96:6f:54:6b:8d:66:
a5:27:c9:de:42:fb:76:c2:66:d0:c4:06:28:4f:7f:
8f:95:08:e0:eb:60:72:a6:25:dc:02:68:a7:78:e7:
21:d3:6a:d2:1b:08:19:cb:05:07:1f:31:ef:a7:e6:
3b:a0:21:69:c6:80:6f:0b:84:0d:72:c9:40:66:31:
61:e2:42:09:eb:19:6e:18:04:84:74:dc:46:50:1b:
6a:cb:6b:0a:0e:bb:5b:d7:57:c1:4f:72:45:1e:c0:
03:c3:45:00:d5:66:36:01:34:6b:72:61:2f:ae:42:
4d:70:8c:74:eb:8b:1d:7a:aa:48:47:62:f3:75:3e:
0f:19:42:1f:87:0c:ab:35:83:ef:97:4b:d8:84:4b:
8a:a0:0f:b7:62:0b:82:c4:61:1e:5c:ce:2a:66:8b:
56:d6:3b:f1:45:b0:1c:e6:59:7e:74:21:e7:20:e1:
ba:e4:83:3b:fa:bd:59:61:77:37:22:10:8e:db:a0:
05:34:00:ea:2a:8e:ed:af:9e:a6:c3:f3:bc:a7:4a:
4b:41:ed:8d:06:ce:59:87:35:51:7b:db:d8:c1:80:
a2:8d:60:86:41:90:d5:ef:f3:1f:86:50:46:10:cc:
b8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2D:D5:64:98:7B:67:F6:8D:E7:21:ED:2D:38:AB:A0:FA:92:C9:0A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PC3VZJh7Z_aN5yHtLTiroPqSyQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
82.115.208.0/22
185.218.136.0/22
193.37.40.0/22
193.42.32.0/22
193.58.120.0/22
Signature Algorithm: sha256WithRSAEncryption
62:f0:5a:01:dd:07:e3:57:c5:1b:8f:35:0d:4c:46:29:c7:6c:
94:79:7c:c1:cc:ca:34:d4:1d:a5:f1:02:7d:e7:c4:2f:22:ef:
4a:f5:d6:c4:e2:d8:79:23:c6:21:85:bb:21:ff:7e:cb:e2:00:
3a:0a:7a:b4:7e:1f:e2:2a:99:43:6d:8c:d9:26:31:fc:2f:30:
68:f0:29:76:2f:ec:2b:d0:90:31:3a:75:20:3d:2a:47:f6:2b:
da:96:37:14:43:78:da:4d:44:64:bb:7e:df:a6:e8:f9:1f:44:
66:ec:dc:e9:f7:34:77:8a:c1:63:fb:63:a5:6d:30:cc:04:87:
b6:d5:4b:38:44:68:19:28:fd:ba:31:10:c9:35:f9:70:99:b3:
dc:f8:9e:8a:29:0d:59:5d:2f:38:72:82:8a:5a:04:d3:2d:c7:
b7:2b:30:ba:4d:12:88:32:c4:46:77:48:1e:96:4c:a5:7c:18:
d7:5c:84:f7:e5:c1:da:08:06:8b:90:04:7c:a5:f9:30:80:de:
d9:26:83:c7:62:83:29:d5:2d:e3:38:f2:76:dd:81:ec:d6:c5:
48:61:f7:54:ab:3f:7b:2f:c5:b9:ca:13:b8:03:3b:60:99:8d:
2d:9d:a5:45:f7:23:ae:2f:5b:33:dc:3b:74:82:01:18:0e:28:
0b:56:2d:21
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEHP37kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDIw
MzE2MjAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MyZGQ1NjQ5ODdi
NjdmNjhkZTcyMWVkMmQzOGFiYTBmYTkyYzkwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW+9z5uHGCO8O+yPJauhzl12ukle1vnlm9Ua41mpSfJ3kL7
dsJm0MQGKE9/j5UI4OtgcqYl3AJop3jnIdNq0hsIGcsFBx8x76fmO6AhacaAbwuE
DXLJQGYxYeJCCesZbhgEhHTcRlAbastrCg67W9dXwU9yRR7AA8NFANVmNgE0a3Jh
L65CTXCMdOuLHXqqSEdi83U+DxlCH4cMqzWD75dL2IRLiqAPt2ILgsRhHlzOKmaL
VtY78UWwHOZZfnQh5yDhuuSDO/q9WWF3NyIQjtugBTQA6iqO7a+epsPzvKdKS0Ht
jQbOWYc1UXvb2MGAoo1ghkGQ1e/zH4ZQRhDMuLECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ8LdVkmHtn9o3nIe0tOKug+pLJCjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1BDM1ZaSmg3Wl9hTjV5SHRMVGlyb1BxU3lRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFGh7QMEAlJz0AMEArnaiAMEAsEl
KAMEAsEqIAMEAsE6eDANBgkqhkiG9w0BAQsFAAOCAQEAYvBaAd0H41fFG481DUxG
KcdslHl8wczKNNQdpfECfefELyLvSvXWxOLYeSPGIYW7If9+y+IAOgp6tH4f4iqZ
Q22M2SYx/C8waPApdi/sK9CQMTp1ID0qR/Yr2pY3FEN42k1EZLt+36bo+R9EZuzc
6fc0d4rBY/tjpW0wzASHttVLOERoGSj9ujEQyTX5cJmz3PieiikNWV0vOHKCiloE
0y3Htyswuk0SiDLERndIHpZMpXwY11yE9+XB2ggGi5AEfKX5MIDe2SaDx2KDKdUt
4zjydt2B7NbFSGH3VKs/ey/FucoTuAM7YJmNLZ2lRfcjri9bM9w7dIIBGA4oC1Yt
IQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org