Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TszBv2PQk3jVnKDc75Z9p6rvZa0.roa
File: TszBv2PQk3jVnKDc75Z9p6rvZa0.roa (raw, json)
Hash identifier: 9btFzeDu2CfAkMysxtLTNLxtPPkoV+zs5yQ7ickoG2A=
Subject key identifier: 4E:CC:C1:BF:63:D0:93:78:D5:9C:A0:DC:EF:96:7D:A7:AA:EF:65:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E937177
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TszBv2PQk3jVnKDc75Z9p6rvZa0.roa
Signing time: Fri 20 May 2022 13:56:30 +0000
ROA not before: Fri 20 May 2022 13:56:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 185.218.139.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 512979319 (0x1e937177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 20 13:56:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eccc1bf63d09378d59ca0dcef967da7aaef65ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:41:f0:7c:5b:58:fe:d2:7f:0a:39:10:b3:
ba:f8:2c:cc:1c:77:af:63:b8:37:6c:89:6e:37:53:
15:93:bb:60:24:37:bc:3e:36:44:eb:64:12:bf:98:
22:43:5f:81:66:d5:3d:9c:06:89:27:1b:b5:eb:bf:
f3:a5:19:21:d0:dc:71:61:49:67:a8:72:af:47:e9:
9e:5d:72:e5:7b:00:a5:5a:f1:f7:fc:b9:57:a4:0f:
56:da:a1:a4:32:92:71:65:4f:e3:2a:03:b9:80:7f:
56:b0:da:bc:4d:e2:cb:0a:30:07:00:d3:ad:fc:9b:
24:40:dc:5e:5a:b8:d3:e3:80:7e:6d:a6:6f:1a:1d:
0d:81:4d:36:08:26:90:1d:b0:8a:50:f0:b6:07:bc:
bd:59:47:88:ab:19:ea:f3:25:01:fa:eb:53:76:79:
9b:c7:85:c7:2e:d6:e4:25:84:67:a2:4f:1b:7f:59:
3d:2e:27:24:e6:51:cd:c8:28:df:66:aa:40:f1:54:
f5:1e:eb:c2:be:8c:e5:38:a0:ef:09:f6:3f:9b:a4:
0e:b1:54:1b:e6:4f:1b:01:04:e0:01:97:19:66:6d:
b5:88:ac:3d:93:ff:be:ac:5e:bb:ab:43:18:02:75:
bb:8e:a4:10:29:9d:70:e4:1c:62:03:de:59:45:48:
97:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CC:C1:BF:63:D0:93:78:D5:9C:A0:DC:EF:96:7D:A7:AA:EF:65:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TszBv2PQk3jVnKDc75Z9p6rvZa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/22
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
94.154.172.0/24
178.215.224.0/22
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/22
194.55.184.0/23
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:84:03:20:81:15:1c:95:86:81:9a:f0:91:cf:10:31:49:37:
d5:9c:f7:dc:c4:9c:63:50:d5:9a:88:04:ff:b0:90:5a:e7:af:
a4:37:db:ed:c8:0d:57:2d:56:08:89:ed:cf:d7:25:d5:08:0b:
30:22:71:9a:7e:ed:10:98:8b:40:35:0b:29:4f:91:0b:0e:83:
2a:40:d2:a8:63:9f:ac:bb:59:7e:f3:a6:85:fd:64:42:8e:7b:
9a:28:09:98:8b:dd:09:78:9c:4e:e8:93:e5:ac:e4:79:3a:7a:
f3:f8:c3:5b:89:13:94:26:32:45:d8:a0:40:af:f2:0a:68:cf:
09:73:cf:d6:4c:1f:8d:0f:7c:de:b8:c5:ac:6d:f7:4e:03:2e:
4c:e5:f5:b1:03:6c:14:33:12:d9:d6:3a:2e:62:bd:df:c0:58:
31:97:53:bf:b8:4b:c5:d4:f1:d6:ed:24:58:04:30:14:ba:a7:
d8:31:6b:30:38:69:21:f3:fd:1f:09:9c:c7:8c:d7:a0:44:8b:
ea:dd:ab:87:91:fc:83:66:f3:a3:5f:b7:fa:76:71:20:76:9b:
95:96:b1:ff:cc:00:82:ce:b1:5c:b5:93:ee:0d:99:7a:24:db:
2a:46:b0:2c:fa:91:dd:08:27:5d:ba:f8:ac:2b:3a:56:ba:0c:
d3:68:c0:35
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIEHpNxdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUy
MDEzNTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVjY2MxYmY2M2Qw
OTM3OGQ1OWNhMGRjZWY5NjdkYTdhYWVmNjVhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLzQfB8W1j+0n8KORCzuvgszBx3r2O4N2yJbjdTFZO7YCQ3
vD42ROtkEr+YIkNfgWbVPZwGiScbteu/86UZIdDccWFJZ6hyr0fpnl1y5XsApVrx
9/y5V6QPVtqhpDKScWVP4yoDuYB/VrDavE3iywowBwDTrfybJEDcXlq40+OAfm2m
bxodDYFNNggmkB2wilDwtge8vVlHiKsZ6vMlAfrrU3Z5m8eFxy7W5CWEZ6JPG39Z
PS4nJOZRzcgo32aqQPFU9R7rwr6M5Tig7wn2P5ukDrFUG+ZPGwEE4AGXGWZttYis
PZP/vqxeu6tDGAJ1u46kECmdcOQcYgPeWUVIl2kCAwEAAaOCAnAwggJsMB0GA1Ud
DgQWBBROzMG/Y9CTeNWcoNzvln2nqu9lrTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1RzekJ2MlBRazNqVm5LRGM3NVo5cDZydlphMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hQYIKwYBBQUHAQcBAf8EdjB0MHIEAgABMGwDBAEli4IDBAJPbjADBABQTDMDBAJT
22ADBABXeFQDBABXeFcDBABemqwDBAKy1+ADBACy1+8DBAC52EQDBAC52osDBAC5
/LADBADBIxIDBADBLzwDBAHBLz4DBALCMPgDBAHCN7gDBADCN7swDQYJKoZIhvcN
AQELBQADggEBAFyEAyCBFRyVhoGa8JHPEDFJN9Wc99zEnGNQ1ZqIBP+wkFrnr6Q3
2+3IDVctVgiJ7c/XJdUICzAicZp+7RCYi0A1CylPkQsOgypA0qhjn6y7WX7zpoX9
ZEKOe5ooCZiL3Ql4nE7ok+Ws5Hk6evP4w1uJE5QmMkXYoECv8gpozwlzz9ZMH40P
fN64xaxt904DLkzl9bEDbBQzEtnWOi5ivd/AWDGXU7+4S8XU8dbtJFgEMBS6p9gx
azA4aSHz/R8JnMeM16BEi+rdq4eR/INm86Nft/p2cSB2m5WWsf/MAILOsVy1k+4N
mXok2ypGsCz6kd0IJ126+KwrOla6DNNowDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org