Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PjxD0CdWwh-x6WjzAipjCmLTzEA.roa
File: PjxD0CdWwh-x6WjzAipjCmLTzEA.roa (raw, json)
Hash identifier: 8vZAL3DQHZp7mcmH64WY7JUFEgCukkvTNjLinC9KNTQ=
Subject key identifier: 3E:3C:43:D0:27:56:C2:1F:B1:E9:68:F3:02:2A:63:0A:62:D3:CC:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D6CC71A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PjxD0CdWwh-x6WjzAipjCmLTzEA.roa
Signing time: Mon 07 Mar 2022 16:19:00 +0000
ROA not before: Mon 07 Mar 2022 16:19:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
79.110.60.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.160.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 493668122 (0x1d6cc71a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 7 16:19:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e3c43d02756c21fb1e968f3022a630a62d3cc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5f:66:cb:4f:ef:44:35:a3:ee:30:b6:88:f1:
78:cb:59:a8:5f:8e:f6:df:0b:cb:78:59:ef:46:68:
06:0c:99:f6:42:6c:a5:1f:73:bb:b7:cb:2e:40:e6:
0e:a1:02:99:c3:07:52:5c:8d:ca:e8:02:82:a3:69:
fa:9a:0c:4b:d3:3b:7a:53:7f:3b:3d:84:c1:2e:37:
2d:e8:33:3b:b5:ea:1d:ca:77:80:61:33:2f:fe:50:
c0:b8:84:c5:4f:2c:c0:27:e8:7d:c6:44:fa:1d:45:
e8:bc:2c:0a:97:e3:63:96:0d:a9:7c:b4:3e:f5:bf:
f6:7f:45:80:f9:f5:e8:bc:ae:ac:63:dc:30:39:28:
7a:da:11:12:ba:b5:57:9d:d2:c7:14:47:92:bf:d4:
f0:9b:4f:ed:38:db:1a:d3:41:11:5b:96:f7:a6:bf:
f8:4c:94:09:a0:7d:83:83:01:07:e8:ba:49:0d:0e:
51:00:71:a8:d6:e2:4a:f8:78:50:44:18:a5:28:e4:
bd:a7:52:b7:99:7f:98:82:37:34:c2:a4:92:4b:41:
29:b3:55:2a:01:4c:f5:dd:92:94:94:eb:4a:28:61:
2e:2f:a1:ce:b2:21:47:0c:b8:07:99:f1:a7:f5:a5:
c2:5f:3e:85:89:c0:8a:5f:fe:d4:47:76:6b:10:41:
f6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3C:43:D0:27:56:C2:1F:B1:E9:68:F3:02:2A:63:0A:62:D3:CC:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PjxD0CdWwh-x6WjzAipjCmLTzEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
79.110.60.0/22
85.31.44.0/22
94.154.160.0/22
178.215.236.0/22
194.55.224.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:17:42:48:a4:a3:00:4f:14:f7:8c:ce:ee:39:48:a6:26:7c:
c4:83:49:24:3f:6d:3c:5f:b9:13:e1:1a:e9:a0:0f:a8:e8:cc:
f2:9b:b3:ee:87:39:4f:3e:87:ab:0f:94:ae:26:cf:cf:bf:53:
8d:5e:cb:14:ba:8c:3b:c6:3c:b8:d7:37:2d:a6:f2:47:32:09:
46:5a:70:00:27:27:f5:93:f5:0a:c6:f4:8f:93:1f:53:b4:00:
1a:cb:2e:64:46:28:fc:65:85:0a:5a:9b:9b:5d:48:3b:7d:ee:
2f:08:f0:25:9a:ad:d5:5b:bb:7c:ac:5b:2b:4c:78:64:21:36:
a5:e6:fb:10:08:e3:a4:51:69:d3:02:12:3f:c1:e1:03:cd:a3:
23:2a:f8:5a:7f:8e:1b:32:f0:97:c2:a8:92:dc:07:e8:f2:58:
3b:b2:99:91:0f:07:af:65:f9:56:f1:2f:9a:71:e9:c5:5d:7f:
65:ed:42:25:7a:ed:39:ba:42:b4:e1:3e:90:fb:f6:c2:73:76:
ca:c3:bf:c2:ad:3c:96:c6:31:66:09:85:15:75:c8:8a:4c:2f:
8e:00:f6:9a:82:12:3b:7c:21:f0:cc:d0:94:38:ee:fe:d9:15:
d5:d0:90:14:0e:0e:1e:be:6a:c5:ab:0d:41:aa:8b:aa:aa:19:
0d:5c:d8:ae
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEHWzHGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDMw
NzE2MTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UzYzQzZDAyNzU2
YzIxZmIxZTk2OGYzMDIyYTYzMGE2MmQzY2M0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBfZstP70Q1o+4wtojxeMtZqF+O9t8Ly3hZ70ZoBgyZ9kJs
pR9zu7fLLkDmDqECmcMHUlyNyugCgqNp+poMS9M7elN/Oz2EwS43LegzO7XqHcp3
gGEzL/5QwLiExU8swCfofcZE+h1F6LwsCpfjY5YNqXy0PvW/9n9FgPn16LyurGPc
MDkoetoRErq1V53SxxRHkr/U8JtP7TjbGtNBEVuW96a/+EyUCaB9g4MBB+i6SQ0O
UQBxqNbiSvh4UEQYpSjkvadSt5l/mII3NMKkkktBKbNVKgFM9d2SlJTrSihhLi+h
zrIhRwy4B5nxp/Wlwl8+hYnAil/+1Ed2axBB9iECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ+PEPQJ1bCH7HpaPMCKmMKYtPMQDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1BqeEQwQ2RXd2gteDZXanpBaXBqQ21MVHpFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAh+pfAMEAk9uPAMEAlUfLAMEAl6a
oAMEArLX7AMEAsI34DANBgkqhkiG9w0BAQsFAAOCAQEADBdCSKSjAE8U94zO7jlI
piZ8xINJJD9tPF+5E+Ea6aAPqOjM8puz7oc5Tz6Hqw+UribPz79TjV7LFLqMO8Y8
uNc3LabyRzIJRlpwACcn9ZP1Csb0j5MfU7QAGssuZEYo/GWFClqbm11IO33uLwjw
JZqt1Vu7fKxbK0x4ZCE2peb7EAjjpFFp0wISP8HhA82jIyr4Wn+OGzLwl8KoktwH
6PJYO7KZkQ8Hr2X5VvEvmnHpxV1/Ze1CJXrtObpCtOE+kPv2wnN2ysO/wq08lsYx
ZgmFFXXIikwvjgD2moISO3wh8MzQlDju/tkV1dCQFA4OHr5qxasNQaqLqqoZDVzY
rg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org