Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QHWHN5C1IKCqrrJn33aqA17OQ-Y.roa
File: QHWHN5C1IKCqrrJn33aqA17OQ-Y.roa (raw, json)
Hash identifier: +RVpLXBrteQtgF8uqtaPUMGUvGV8ygNyFPUTVLtfva0=
Subject key identifier: 40:75:87:37:90:B5:20:A0:AA:AE:B2:67:DF:76:AA:03:5E:CE:43:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186607BE5EB8496E174CEC698DC524818CB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QHWHN5C1IKCqrrJn33aqA17OQ-Y.roa
Signing time: Fri 17 Feb 2023 17:46:17 +0000
ROA not before: Fri 17 Feb 2023 17:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 81.161.230.0/24 maxlen: 24
94.156.234.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
176.125.253.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:60:7b:e5:eb:84:96:e1:74:ce:c6:98:dc:52:48:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 17 17:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4075873790b520a0aaaeb267df76aa035ece43e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9a:c1:6f:df:65:74:44:db:87:9a:a8:86:2b:
2a:86:10:d7:85:14:39:1f:0b:fa:9e:08:2d:93:f9:
cb:15:ac:14:d8:29:20:6d:76:3d:23:20:d4:64:71:
eb:e1:3e:66:53:1e:bc:0e:e0:09:fb:4c:9e:78:e7:
74:ee:58:85:47:cc:4a:a1:d7:97:36:e6:53:a0:e3:
cb:6a:c8:79:e3:2b:87:ae:4c:5f:1e:c7:71:ac:81:
46:1a:cf:98:b4:8e:25:09:ad:94:52:a8:1b:b0:6b:
c8:12:53:a9:09:cf:cd:4e:7a:b1:33:5a:8d:5d:96:
32:31:bf:16:ca:1f:f4:e1:7c:cb:be:ef:d1:a7:98:
39:ce:4d:1d:03:ff:b3:77:6b:a2:5b:34:ed:78:97:
52:37:b5:a7:80:aa:39:22:3f:71:31:d6:0b:a5:8c:
46:a7:da:49:a7:d6:9d:ee:70:ea:12:bf:b0:b4:76:
02:5c:75:85:fe:16:02:4c:1e:8c:45:f7:5f:5b:ec:
d7:b4:cb:b8:be:51:7e:55:a8:5f:8b:16:2b:b9:86:
8b:c2:07:fa:a1:0a:6b:57:6a:54:86:4c:06:ca:38:
86:c8:e4:d6:68:64:a3:1f:5e:a1:71:1b:e5:e9:b8:
79:a2:ba:ba:ec:42:39:09:5e:04:15:22:10:6d:9d:
2b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:75:87:37:90:B5:20:A0:AA:AE:B2:67:DF:76:AA:03:5E:CE:43:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QHWHN5C1IKCqrrJn33aqA17OQ-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.84.91.0/24
45.88.64.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
81.161.230.0/24
94.154.162.0/24
94.156.160.0/24
94.156.234.0/24
176.125.252.0/23
178.215.226.0/24
185.222.160.0/24
185.222.162.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:c6:0d:89:f9:8d:cc:1f:e1:20:b8:4e:44:27:07:65:5b:19:
99:11:e0:3a:dc:e2:d6:a4:cd:81:2c:b0:72:e6:e8:53:cd:22:
4e:69:94:c8:67:8b:8c:09:64:bb:e9:69:01:4d:22:bf:e6:86:
04:c1:96:36:79:9f:28:0c:5f:1b:2a:9f:35:14:15:0c:c8:7e:
d0:36:b5:72:88:46:e1:05:36:c7:b7:29:d8:87:8d:2f:05:e5:
e9:3f:24:4e:35:b4:f1:f9:a6:a6:2c:4b:6b:7d:5c:e7:b1:86:
9f:00:94:8a:7e:76:c1:86:23:1b:fd:9e:62:d4:53:ad:8f:7f:
46:b9:29:06:64:6b:e5:b1:9e:c9:e0:29:2a:52:8a:26:a3:73:
5f:4e:d2:1e:d1:80:5c:4d:d5:e2:ee:6f:fe:3a:2e:b2:46:62:
5b:6d:a5:df:89:c1:de:54:b8:c5:86:6a:b2:fb:91:52:e0:5a:
bb:91:ac:bc:10:aa:35:44:a7:43:05:c3:6d:f8:bd:bf:07:c3:
2c:88:1f:a0:39:e2:1b:ae:e4:60:b9:85:37:ac:f0:d7:9d:ab:
11:0b:45:df:7b:a4:7e:dc:e8:46:4e:b0:b4:c4:8c:4a:43:12:
12:1a:d0:b5:a1:0a:9a:8b:9b:6c:06:2f:b5:b1:22:fa:1d:38:
bf:f3:1c:d1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYZge+XrhJbhdM7GmNxSSBjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE3MTc0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc1ODczNzkwYjUyMGEwYWFhZWIyNjdkZjc2YWEwMzVlY2U0M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjprBb99ldETbh5qohisqhhDXhRQ5
Hwv6nggtk/nLFawU2CkgbXY9IyDUZHHr4T5mUx68DuAJ+0yeeOd07liFR8xKodeX
NuZToOPLash54yuHrkxfHsdxrIFGGs+YtI4lCa2UUqgbsGvIElOpCc/NTnqxM1qN
XZYyMb8Wyh/04XzLvu/Rp5g5zk0dA/+zd2uiWzTteJdSN7WngKo5Ij9xMdYLpYxG
p9pJp9ad7nDqEr+wtHYCXHWF/hYCTB6MRfdfW+zXtMu4vlF+VahfixYruYaLwgf6
oQprV2pUhkwGyjiGyOTWaGSjH16hcRvl6bh5orq67EI5CV4EFSIQbZ0r6QIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEB1hzeQtSCgqq6yZ992qgNezkPmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUUhXSE41QzFJS0NxcnJKbjMzYXFBMTdPUS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALQmc
AwQALQz/AwQALULkAwQALVRbAwQALVhAAwQALYFUAwQALYFWAwQALYtoAwQAUaHm
AwQAXpqiAwQAXpygAwQAXpzqAwQBsH38AwQAstfiAwQAud6gAwQAud6iAwQAwSoi
AwQAwS88AwQAwS8/AwQAwrQnMA0GCSqGSIb3DQEBCwUAA4IBAQCexg2J+Y3MH+Eg
uE5EJwdlWxmZEeA63OLWpM2BLLBy5uhTzSJOaZTIZ4uMCWS76WkBTSK/5oYEwZY2
eZ8oDF8bKp81FBUMyH7QNrVyiEbhBTbHtynYh40vBeXpPyRONbTx+aamLEtrfVzn
sYafAJSKfnbBhiMb/Z5i1FOtj39GuSkGZGvlsZ7J4CkqUoomo3NfTtIe0YBcTdXi
7m/+Oi6yRmJbbaXficHeVLjFhmqy+5FS4Fq7kay8EKo1RKdDBcNt+L2/B8MsiB+g
OeIbruRguYU3rPDXnasRC0Xfe6R+3OhGTrC0xIxKQxISGtC1oQqai5tsBi+1sSL6
HTi/8xzR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org