Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RawQrR0EZblGYOR8BquEmvIw-Ts.roa
File: RawQrR0EZblGYOR8BquEmvIw-Ts.roa (raw, json)
Hash identifier: ujiY6Qt/Cn3Lr3XOjAHwDoubwlisGCj+DtYZras5Lg8=
Subject key identifier: 45:AC:10:AD:1D:04:65:B9:46:60:E4:7C:06:AB:84:9A:F2:30:F9:3B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1CC094C1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RawQrR0EZblGYOR8BquEmvIw-Ts.roa
Signing time: Mon 17 Jan 2022 12:34:25 +0000
ROA not before: Mon 17 Jan 2022 12:34:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
81.161.238.0/23 maxlen: 24
212.87.220.0/22 maxlen: 24
193.168.196.0/22 maxlen: 24
193.58.120.0/22 maxlen: 24
193.37.46.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
91.92.115.0/24 maxlen: 24
87.120.84.0/22 maxlen: 24
185.207.12.0/24 maxlen: 24
193.148.48.0/22 maxlen: 24
94.154.174.0/23 maxlen: 24
84.21.172.0/23 maxlen: 24
109.206.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482383041 (0x1cc094c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 17 12:34:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45ac10ad1d0465b94660e47c06ab849af230f93b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:bc:76:1e:27:54:ab:60:78:63:4a:c8:b6:
f6:a8:1b:89:e3:bf:2e:6f:d8:48:15:14:56:0a:6b:
c9:77:ab:2d:b1:92:35:2b:19:c3:e3:1d:b7:47:17:
23:b5:18:16:d7:20:44:ea:86:48:02:89:42:e4:b1:
73:c6:1f:76:ec:c8:d6:67:5e:1e:3c:bb:81:a8:f5:
06:55:1c:e9:3a:5d:b1:f9:f5:4e:42:18:70:67:90:
14:04:5b:e9:be:4e:1c:5f:53:00:28:c3:97:06:de:
a0:e3:0e:51:8c:d2:86:b4:a4:e0:f8:12:2d:a8:d8:
b9:fc:67:a7:26:55:41:14:a0:6d:73:cf:24:84:d8:
46:bf:eb:77:c1:a1:ca:ee:1c:e8:84:e7:09:e8:76:
c9:bb:8c:9d:ba:b3:93:55:11:1f:7f:32:0f:0b:d3:
44:7a:21:c0:3f:75:d2:3c:58:94:3a:20:b3:87:96:
de:6c:1b:ac:f5:de:20:7e:a5:81:d6:37:6b:0c:69:
62:cd:86:81:95:de:24:de:94:fe:3e:04:a9:fb:a1:
f0:40:55:68:7c:f6:56:41:fd:c5:14:85:f4:6b:25:
5d:e4:4c:df:b9:4e:49:9b:5a:06:eb:a4:f4:4f:bd:
f6:22:7f:18:60:b4:8e:bc:c6:e8:31:a4:a5:25:15:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AC:10:AD:1D:04:65:B9:46:60:E4:7C:06:AB:84:9A:F2:30:F9:3B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RawQrR0EZblGYOR8BquEmvIw-Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
84.21.172.0/23
87.120.84.0/22
87.121.122.0-87.121.125.255
88.218.76.0/22
91.92.115.0/24
94.154.174.0/23
109.206.238.0/24
185.207.12.0/24
193.37.46.0/24
193.58.120.0/22
193.148.48.0/22
193.168.196.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:b7:f8:9b:ca:0b:9c:a7:03:b2:fd:a2:b5:d2:f6:1f:c1:62:
29:74:f2:84:f9:7a:d2:55:93:2a:75:10:37:e2:94:ba:ad:4d:
12:a2:48:59:c9:06:81:63:56:c8:1d:9e:d1:bd:f8:4e:e4:11:
f1:d9:29:9f:e5:11:3e:2b:51:d0:b1:33:c3:0e:1b:c0:3f:75:
b4:ca:1b:d4:b4:67:79:d6:ba:8e:f5:a1:55:8b:fc:07:60:a8:
da:bd:c8:74:e1:e7:84:2c:f0:61:36:e4:20:8b:c2:8f:c0:7d:
b3:88:a2:ff:3e:6e:4f:8c:40:9b:46:25:6a:33:b7:21:bf:13:
72:80:a8:03:8f:a5:56:27:2e:b5:48:56:85:fb:a6:6a:5a:75:
38:b9:e9:17:bf:3d:f0:28:45:97:42:2e:d4:b2:06:1a:f4:d5:
22:3d:f5:1d:f9:fa:66:e1:5f:a6:5c:ca:c2:4e:4e:27:a7:14:
3a:59:ef:8b:32:98:58:48:54:5d:50:57:4c:22:d4:1b:27:6c:
c7:7a:0c:37:93:05:8a:45:73:1a:14:85:bb:01:5c:e3:91:a0:
39:81:95:b0:51:1c:76:e3:cc:0c:6d:b0:68:6f:c4:41:cf:f0:
ec:68:ca:80:ae:a8:ff:f2:fa:40:9d:6e:ed:13:12:58:82:37:
1a:79:93:ba
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEHMCUwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEx
NzEyMzQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDVhYzEwYWQxZDA0
NjViOTQ2NjBlNDdjMDZhYjg0OWFmMjMwZjkzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2UvHYeJ1SrYHhjSsi29qgbieO/Lm/YSBUUVgpryXerLbGS
NSsZw+Mdt0cXI7UYFtcgROqGSAKJQuSxc8YfduzI1mdeHjy7gaj1BlUc6Tpdsfn1
TkIYcGeQFARb6b5OHF9TACjDlwbeoOMOUYzShrSk4PgSLajYufxnpyZVQRSgbXPP
JITYRr/rd8Ghyu4c6ITnCeh2ybuMnbqzk1URH38yDwvTRHohwD910jxYlDogs4eW
3mwbrPXeIH6lgdY3awxpYs2GgZXeJN6U/j4Eqfuh8EBVaHz2VkH9xRSF9GslXeRM
37lOSZtaBuuk9E+99iJ/GGC0jrzG6DGkpSUVKLsCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBRFrBCtHQRluUZg5HwGq4Sa8jD5OzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1Jhd1FyUjBFWmJsR1lPUjhCcXVFbXZJdy1Ucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAVGh7gMEAVQVrAMEAld4VDAMAwQB
V3l6AwQBV3l8AwQCWNpMAwQAW1xzAwQBXpquAwQAbc7uAwQAuc8MAwQAwSUuAwQC
wTp4AwQCwZQwAwQCwajEAwQC1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQA4t/ibyguc
pwOy/aK10vYfwWIpdPKE+XrSVZMqdRA34pS6rU0SokhZyQaBY1bIHZ7RvfhO5BHx
2Smf5RE+K1HQsTPDDhvAP3W0yhvUtGd51rqO9aFVi/wHYKjavch04eeELPBhNuQg
i8KPwH2ziKL/Pm5PjECbRiVqM7chvxNygKgDj6VWJy61SFaF+6ZqWnU4uekXvz3w
KEWXQi7UsgYa9NUiPfUd+fpm4V+mXMrCTk4npxQ6We+LMphYSFRdUFdMItQbJ2zH
egw3kwWKRXMaFIW7AVzjkaA5gZWwURx248wMbbBob8RBz/DsaMqArqj/8vpAnW7t
ExJYgjcaeZO6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org