Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLmMhpKGHYPbWrgYLnfQvYV9nHE.roa
File: TLmMhpKGHYPbWrgYLnfQvYV9nHE.roa (raw, json)
Hash identifier: SED9z4yyxnQkzkScJTK8xr4y0wzMKOt7+BVHV1dN3Qc=
Subject key identifier: 4C:B9:8C:86:92:86:1D:83:DB:5A:B8:18:2E:77:D0:BD:85:7D:9C:71
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01826D2A9BFFE38DC43658F6CE1345226160
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLmMhpKGHYPbWrgYLnfQvYV9nHE.roa
Signing time: Fri 05 Aug 2022 08:41:25 +0000
ROA not before: Fri 05 Aug 2022 08:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:2a:9b:ff:e3:8d:c4:36:58:f6:ce:13:45:22:61:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 5 08:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cb98c8692861d83db5ab8182e77d0bd857d9c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6e:e8:a4:ce:cc:9d:0e:53:28:b2:15:55:fa:
53:f6:a8:02:37:f9:4c:23:15:f3:18:6e:7d:3d:70:
ea:db:53:a6:68:85:7a:eb:fd:74:7b:f3:f0:b4:54:
94:9c:cb:c9:d0:3a:f6:d2:38:5d:d6:87:2a:be:2f:
d3:6d:88:87:e4:bb:a5:69:86:ef:84:de:5e:bd:13:
d7:0a:25:fd:21:8b:fd:49:fd:3e:5f:ad:e5:8f:7a:
ca:b4:37:e6:28:a3:d7:61:da:d9:da:cb:59:c7:bd:
40:e6:b9:9d:9c:a5:a7:c1:04:ac:07:01:c6:49:e3:
21:4c:64:4a:32:a5:17:38:f3:29:37:f0:71:b1:a8:
08:dd:0f:a5:9d:e2:47:0c:2b:1e:66:9a:be:f0:d7:
32:8d:c7:c6:5f:87:33:5b:69:f2:15:3f:57:84:8e:
3e:2d:a0:1d:1d:33:50:30:1d:83:67:1e:45:5a:5f:
a4:70:4d:02:23:10:0d:6f:40:e7:d9:ae:0c:44:d8:
a5:14:99:20:15:be:54:8b:58:bf:ac:94:e1:62:a3:
5e:aa:93:28:3a:d7:72:78:ae:d2:a5:02:cc:c0:52:
fd:91:6c:d5:b4:9c:9b:28:1b:7c:ec:0a:3c:79:11:
3a:d8:0e:08:c6:1e:94:f0:0c:85:5e:9e:49:eb:3c:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B9:8C:86:92:86:1D:83:DB:5A:B8:18:2E:77:D0:BD:85:7D:9C:71
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TLmMhpKGHYPbWrgYLnfQvYV9nHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0/24
80.76.50.0/24
82.115.208.0/24
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
109.206.239.0/24
178.215.225.0-178.215.227.255
178.215.236.0/23
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.25.216.0/24
193.35.18.0/23
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
194.169.175.0/24
194.180.50.0/24
212.87.205.0-212.87.206.255
Signature Algorithm: sha256WithRSAEncryption
48:5f:fc:3d:d8:27:4f:6c:be:86:37:19:f8:9b:da:cd:5b:9a:
0a:e5:80:e4:c9:a3:81:3f:68:91:52:b1:0b:96:74:6c:ed:04:
a1:d9:0a:4c:3e:96:de:81:e1:5b:36:31:17:e2:90:57:b7:35:
a8:5e:ec:20:f8:58:b2:ee:7d:83:ed:ed:ab:83:4d:b6:f3:0e:
10:13:05:53:7e:ea:9e:5b:85:02:51:d3:da:3a:d0:43:e1:f2:
ad:af:19:4c:3a:db:26:2c:54:b7:2e:ec:da:bd:ab:d5:4d:04:
8d:92:f0:64:6d:64:93:ee:47:c3:f5:fd:b1:e5:19:40:6d:dd:
06:e9:0e:dc:ae:cf:a7:3d:3f:02:a3:d0:fe:4b:ae:8b:5b:1a:
28:79:81:f7:b0:83:be:d9:ae:75:d7:dc:05:c0:18:54:20:49:
51:25:8d:f7:94:48:f2:c3:46:3b:5c:87:4e:f7:6b:05:f0:43:
25:10:20:d9:28:fb:27:d5:6a:6b:be:fb:58:0e:2e:c8:29:0e:
79:31:79:20:28:9a:55:90:0d:bf:f7:e5:2b:cd:72:61:ff:d7:
ca:39:7c:38:db:c5:16:9f:04:26:d8:44:9d:cf:de:fa:32:03:
e4:7a:ef:91:64:58:44:f5:1c:2a:05:45:4f:00:6e:b2:26:e6:
7f:f5:b7:1a
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYJtKpv/443ENlj2zhNFImFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODA1MDg0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I5OGM4NjkyODYxZDgzZGI1YWI4MTgyZTc3ZDBiZDg1N2Q5YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp27opM7MnQ5TKLIVVfpT9qgCN/lM
IxXzGG59PXDq21OmaIV66/10e/PwtFSUnMvJ0Dr20jhd1ocqvi/TbYiH5LulaYbv
hN5evRPXCiX9IYv9Sf0+X63lj3rKtDfmKKPXYdrZ2stZx71A5rmdnKWnwQSsBwHG
SeMhTGRKMqUXOPMpN/BxsagI3Q+lneJHDCseZpq+8NcyjcfGX4czW2nyFT9XhI4+
LaAdHTNQMB2DZx5FWl+kcE0CIxANb0Dn2a4MRNilFJkgFb5Ui1i/rJThYqNeqpMo
OtdyeK7SpQLMwFL9kWzVtJybKBt87Ao8eRE62A4Ixh6U8AyFXp5J6zzpAwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFEy5jIaShh2D21q4GC530L2FfZxxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVExtTWhwS0dIWVBiV3JnWUxuZlF2WVY5bkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
T24wAwQAT249AwQAT24/AwQAUEwwAwQAUEwyAwQAUnPQAwQAU9thAwQAVDYxAwQA
VR8tAwQAVR8vAwQAVdmQAwQAV3hUAwQAV3hXAwQAXPkwMAwDBABeZ30DBAdeZwAD
BABemqwDBABtzu8wDAMEALLX4QMEArLX4AMEAbLX7AMEALLX7zAMAwQAudhFAwQA
udhGAwQAudqIAwQAufbdAwQBufywAwQAwRnYAwQBwSMSAwQAwSUqAwQAwSUvAwQA
wSogAwQBwS8+AwQAwd5hAwQAwqmvAwQAwrQyMAwDBADUV80DBADUV84wDQYJKoZI
hvcNAQELBQADggEBAEhf/D3YJ09svoY3Gfib2s1bmgrlgOTJo4E/aJFSsQuWdGzt
BKHZCkw+lt6B4Vs2MRfikFe3Nahe7CD4WLLufYPt7auDTbbzDhATBVN+6p5bhQJR
09o60EPh8q2vGUw62yYsVLcu7Nq9q9VNBI2S8GRtZJPuR8P1/bHlGUBt3QbpDtyu
z6c9PwKj0P5LrotbGih5gfewg77ZrnXX3AXAGFQgSVEljfeUSPLDRjtch073awXw
QyUQINko+yfVamu++1gOLsgpDnkxeSAomlWQDb/35SvNcmH/18o5fDjbxRafBCbY
RJ3P3voyA+R675FkWET1HCoFRU8AbrIm5n/1txo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org