Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PPWwOkMBy28QL11rDrlRC2wjjUY.roa
File: PPWwOkMBy28QL11rDrlRC2wjjUY.roa (raw, json)
Hash identifier: qRjjgx9xHB9RWjEEmQZF7IbjL8yaMX1OwhwzH+tb/XE=
Subject key identifier: 3C:F5:B0:3A:43:01:CB:6F:10:2F:5D:6B:0E:B9:51:0B:6C:23:8D:46
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01828D154E76F2842C907F1A5CE60A80F133
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PPWwOkMBy28QL11rDrlRC2wjjUY.roa
Signing time: Thu 11 Aug 2022 13:25:59 +0000
ROA not before: Thu 11 Aug 2022 13:25:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:15:4e:76:f2:84:2c:90:7f:1a:5c:e6:0a:80:f1:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 11 13:25:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cf5b03a4301cb6f102f5d6b0eb9510b6c238d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f2:65:57:a6:4a:cf:11:8b:d4:93:dd:5d:ef:
b6:80:35:51:ec:d6:3b:9c:f3:f4:b8:32:34:22:73:
d3:07:6c:bc:65:ed:aa:77:d6:8a:6c:03:ef:c5:ee:
c9:60:78:e5:7a:fb:22:d1:c9:57:ab:e4:f3:37:05:
da:ed:6c:9a:1a:f6:78:25:8c:bd:65:1b:0b:74:ee:
ad:36:cd:98:b5:74:10:a5:a0:15:41:49:3b:14:8d:
c5:9a:6f:0d:fd:25:d9:38:f1:70:61:ad:d6:57:e8:
08:ee:cd:41:32:eb:7e:d0:50:0b:71:63:21:c0:2c:
7f:3c:16:fb:20:d2:a0:2a:0d:de:e5:2c:bd:5d:1f:
2b:eb:60:dd:64:f1:8d:f1:2f:56:59:41:3a:f3:df:
86:f6:7d:33:76:1b:b1:0f:41:a1:f5:7f:ed:6b:d0:
ee:97:31:ec:28:d5:42:41:2a:7e:8a:18:2f:59:6b:
75:49:a0:38:36:a5:93:ea:b2:51:c6:b8:74:ab:e0:
6a:ee:a3:7e:3f:be:bd:10:30:7f:a0:90:1b:59:de:
4c:88:d8:46:bf:b0:cc:0e:b9:ee:2e:78:5e:f2:92:
7d:e1:9f:62:d4:bb:a7:fe:64:ea:98:69:c1:7a:57:
c1:3f:ff:d2:f5:65:8c:61:d6:0a:cd:53:4e:07:c9:
a7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F5:B0:3A:43:01:CB:6F:10:2F:5D:6B:0E:B9:51:0B:6C:23:8D:46
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PPWwOkMBy28QL11rDrlRC2wjjUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0/24
80.76.50.0/24
82.115.208.0/24
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.236.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.25.216.0/24
193.35.19.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
194.180.50.0/24
212.87.205.0-212.87.206.255
Signature Algorithm: sha256WithRSAEncryption
46:d8:dc:78:ae:46:84:16:6c:51:27:dc:f5:35:4f:d0:cb:c0:
b2:d7:1b:76:60:91:3b:04:68:e6:ea:a3:1e:0f:94:ac:2c:79:
10:fb:e6:e6:d4:1e:cc:31:7f:4e:3c:13:a2:4c:70:f7:78:48:
bf:18:86:d5:de:86:08:ec:63:33:cb:23:b1:d3:1a:3e:2e:95:
a0:83:d4:3b:f0:1e:50:3f:bb:a2:cb:07:77:bc:84:c6:ef:f3:
9c:02:22:e6:bb:09:b8:e3:c8:fa:3b:ba:c5:3a:2f:5a:8b:10:
02:f4:02:0d:11:f9:3c:cf:d9:66:01:4a:ca:b1:dd:0f:ac:be:
2f:d6:54:4c:78:c3:43:db:1c:34:af:84:68:62:96:1c:8c:db:
ee:20:2b:25:96:2a:86:26:e8:c5:6a:93:38:98:37:69:ba:34:
a2:9d:61:fa:21:ca:f9:9b:9d:db:88:36:de:1f:9a:d9:b1:2c:
b6:f1:ec:d0:ca:54:48:38:24:54:48:8b:f9:4f:45:65:6c:36:
da:11:bc:74:57:ea:c8:33:75:af:3f:7c:a5:01:4f:b3:8c:09:
35:01:05:e2:56:b7:fa:ff:b2:9b:25:09:e5:c0:be:97:41:67:
39:17:cc:c7:7e:80:50:b0:6b:e4:32:bb:a8:74:1c:7b:ff:42:
13:e3:1c:14
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYKNFU528oQskH8aXOYKgPEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODExMTMyNTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Y1YjAzYTQzMDFjYjZmMTAyZjVkNmIwZWI5NTEwYjZjMjM4ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/JlV6ZKzxGL1JPdXe+2gDVR7NY7
nPP0uDI0InPTB2y8Ze2qd9aKbAPvxe7JYHjlevsi0clXq+TzNwXa7WyaGvZ4JYy9
ZRsLdO6tNs2YtXQQpaAVQUk7FI3Fmm8N/SXZOPFwYa3WV+gI7s1BMut+0FALcWMh
wCx/PBb7INKgKg3e5Sy9XR8r62DdZPGN8S9WWUE689+G9n0zdhuxD0Gh9X/ta9Du
lzHsKNVCQSp+ihgvWWt1SaA4NqWT6rJRxrh0q+Bq7qN+P769EDB/oJAbWd5MiNhG
v7DMDrnuLnhe8pJ94Z9i1Lun/mTqmGnBelfBP//S9WWMYdYKzVNOB8mndQIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFDz1sDpDActvEC9daw65UQtsI41GMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUFBXd09rTUJ5MjhRTDExckRybFJDMndqalVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBABP
bjADBABPbj0DBABPbj8DBABQTDADBABQTDIDBABSc9ADBABT22EDBABUNjEDBABV
Hy0DBABVHy8DBABV2ZADBABXeFQDBABXeFcDBABc+TAwDAMEAF5nfQMEB15nAAME
AF6arDAMAwQAstfhAwQCstfgAwQAstfsAwQAstfvMAwDBAC52EUDBAC52EYDBAC5
2ogDBAC59t0DBAG5/LADBADBGdgDBADBIxMDBADBJSoDBADBJS8DBADBKiADBAHB
Lz4DBADB3mEDBADCtDIwDAMEANRXzQMEANRXzjANBgkqhkiG9w0BAQsFAAOCAQEA
RtjceK5GhBZsUSfc9TVP0MvAstcbdmCROwRo5uqjHg+UrCx5EPvm5tQezDF/TjwT
okxw93hIvxiG1d6GCOxjM8sjsdMaPi6VoIPUO/AeUD+7ossHd7yExu/znAIi5rsJ
uOPI+ju6xTovWosQAvQCDRH5PM/ZZgFKyrHdD6y+L9ZUTHjDQ9scNK+EaGKWHIzb
7iArJZYqhiboxWqTOJg3abo0op1h+iHK+Zud24g23h+a2bEstvHs0MpUSDgkVEiL
+U9FZWw22hG8dFfqyDN1rz98pQFPs4wJNQEF4la3+v+ymyUJ5cC+l0FnORfMx36A
ULBr5DK7qHQce/9CE+McFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:32 2024 by rpki-client on console-ams.rpki-client.org