Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q4u_JKfibSuLR1KHGSeJcYEOKI8.roa
File: Q4u_JKfibSuLR1KHGSeJcYEOKI8.roa (raw, json)
Hash identifier: s1/jvCA1+uLhc2o83AN53WtE+l0jsQOMiaVxTSiAMio=
Subject key identifier: 43:8B:BF:24:A7:E2:6D:2B:8B:47:52:87:19:27:89:71:81:0E:28:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1DD342B8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q4u_JKfibSuLR1KHGSeJcYEOKI8.roa
Signing time: Fri 08 Apr 2022 14:30:45 +0000
ROA not before: Fri 08 Apr 2022 14:30:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
193.149.28.0/22 maxlen: 24
79.110.60.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 500384440 (0x1dd342b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 14:30:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=438bbf24a7e26d2b8b47528719278971810e288f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a8:66:5b:f7:13:b0:ed:58:a9:2f:6a:40:3b:
ea:6b:78:33:09:db:64:16:66:00:73:ee:af:92:dc:
fb:fb:af:b0:88:3f:34:8b:f8:80:4b:8e:75:15:35:
4a:a4:5e:71:7c:f3:e3:64:97:65:8b:76:16:26:b6:
62:0c:a8:4f:fb:2d:21:43:ba:eb:bd:23:c3:06:b7:
37:9a:aa:3b:ac:2b:5b:c9:48:eb:cb:5e:0c:20:3c:
3a:8c:7e:7d:c0:b3:ff:9e:ec:f5:31:9b:7f:25:62:
8a:36:d8:54:44:b2:9b:58:6e:f1:62:64:b2:11:56:
98:06:a1:00:61:a5:8c:79:0a:58:57:a8:3b:f5:be:
b6:87:a4:da:de:37:af:af:1f:20:35:8f:52:6a:6e:
74:1e:8a:2c:12:b8:e1:2e:f6:2e:69:ad:b2:41:38:
6c:fa:6f:28:17:7f:b4:28:97:64:1b:b7:d7:e1:e1:
ac:ee:55:97:75:e5:23:bf:2d:99:e4:9b:47:55:74:
0d:98:29:66:52:f4:74:65:26:45:85:39:52:0b:ef:
53:f7:27:92:66:a5:3f:ad:29:77:ba:6f:a4:75:5f:
06:7b:1d:02:50:38:26:d4:47:7c:36:fa:be:34:9e:
74:92:cf:33:dc:df:33:5e:8d:49:61:e2:a2:d3:60:
0f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8B:BF:24:A7:E2:6D:2B:8B:47:52:87:19:27:89:71:81:0E:28:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q4u_JKfibSuLR1KHGSeJcYEOKI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
79.110.60.0/22
85.31.44.0/22
178.215.236.0/22
193.149.28.0/22
194.55.224.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:2b:e1:a6:fc:5e:1c:d3:ef:bd:79:04:5b:e3:69:cf:6c:c0:
fe:2e:30:b0:92:c0:57:32:a1:01:e4:64:c0:5a:68:50:70:cd:
e6:2c:fe:73:58:33:19:97:f1:3b:62:19:85:e0:3a:cf:ca:f4:
ac:b6:b5:d8:de:9e:47:a7:4e:76:bc:85:ed:3a:ac:d9:00:9e:
a3:ea:7d:83:a9:28:16:4a:14:b6:dd:1b:cd:e9:11:72:ab:2f:
a2:b5:08:50:6b:16:9e:5a:f3:d4:0d:20:90:91:e3:cc:64:eb:
3a:86:ee:93:28:a0:16:74:23:57:c4:c5:6a:35:90:64:b6:19:
ac:1c:40:3b:17:c5:07:9e:c1:05:8d:9c:50:10:8a:08:d7:49:
db:56:f7:c8:d7:cf:eb:ab:91:d9:78:d8:db:30:8b:1d:cf:27:
6b:94:9d:47:cd:bc:9e:32:ae:3b:72:aa:18:3a:9e:56:ea:40:
b1:1b:79:10:41:cd:c2:81:d6:f6:5e:01:49:63:51:d5:12:d1:
55:34:03:81:21:2a:6c:95:97:6d:04:b1:74:b5:69:9f:ac:89:
a8:18:12:37:6a:8c:4c:2a:ef:84:0c:54:51:c9:94:07:c3:18:
28:b4:07:60:3b:11:bc:61:89:fc:a7:bb:74:6d:b3:85:55:96:
c1:a0:b3:53
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEHdNCuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQw
ODE0MzA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM4YmJmMjRhN2Uy
NmQyYjhiNDc1Mjg3MTkyNzg5NzE4MTBlMjg4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGoZlv3E7DtWKkvakA76mt4MwnbZBZmAHPur5Lc+/uvsIg/
NIv4gEuOdRU1SqRecXzz42SXZYt2Fia2YgyoT/stIUO6670jwwa3N5qqO6wrW8lI
68teDCA8Oox+fcCz/57s9TGbfyViijbYVESym1hu8WJkshFWmAahAGGljHkKWFeo
O/W+toek2t43r68fIDWPUmpudB6KLBK44S72LmmtskE4bPpvKBd/tCiXZBu31+Hh
rO5Vl3XlI78tmeSbR1V0DZgpZlL0dGUmRYU5UgvvU/cnkmalP60pd7pvpHVfBnsd
AlA4JtRHfDb6vjSedJLPM9zfM16NSWHiotNgD1sCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRDi78kp+JtK4tHUocZJ4lxgQ4ojzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1E0dV9KS2ZpYlN1TFIxS0hHU2VKY1lFT0tJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAh+pfAMEAk9uPAMEAlUfLAMEArLX
7AMEAsGVHAMEAsI34DANBgkqhkiG9w0BAQsFAAOCAQEALCvhpvxeHNPvvXkEW+Np
z2zA/i4wsJLAVzKhAeRkwFpoUHDN5iz+c1gzGZfxO2IZheA6z8r0rLa12N6eR6dO
dryF7Tqs2QCeo+p9g6koFkoUtt0bzekRcqsvorUIUGsWnlrz1A0gkJHjzGTrOobu
kyigFnQjV8TFajWQZLYZrBxAOxfFB57BBY2cUBCKCNdJ21b3yNfP66uR2XjY2zCL
Hc8na5SdR828njKuO3KqGDqeVupAsRt5EEHNwoHW9l4BSWNR1RLRVTQDgSEqbJWX
bQSxdLVpn6yJqBgSN2qMTCrvhAxUUcmUB8MYKLQHYDsRvGGJ/Ke7dG2zhVWWwaCz
Uw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org