Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UYbNbDmd8D5WqJxtkuhA7iqXN8U.roa
File: UYbNbDmd8D5WqJxtkuhA7iqXN8U.roa (raw, json)
Hash identifier: cQIL2REpdY5MSJGMq75kpKCZ90d5wKhhdFumphy4r9U=
Subject key identifier: 51:86:CD:6C:39:9D:F0:3E:56:A8:9C:6D:92:E8:40:EE:2A:97:37:C5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E551D652437485E7756E13B01900EA8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UYbNbDmd8D5WqJxtkuhA7iqXN8U.roa
Signing time: Mon 17 Oct 2022 09:41:29 +0000
ROA not before: Mon 17 Oct 2022 09:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
185.221.66.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
85.217.128.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
164.40.186.0/23 maxlen: 24
164.40.184.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:51:d6:52:43:74:85:e7:75:6e:13:b0:19:00:ea:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 09:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5186cd6c399df03e56a89c6d92e840ee2a9737c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:84:a1:35:81:66:0e:04:11:a4:13:2b:4a:a1:
a0:62:37:60:fb:4d:4c:62:cd:ec:6a:19:23:cc:e4:
3c:f5:6f:f5:70:49:0e:b0:b8:a1:0c:18:48:ea:d2:
14:39:18:df:7e:01:4c:e8:aa:fe:37:65:ea:64:f7:
ac:19:82:18:fc:1a:13:ee:c2:4d:c5:71:b3:8f:c1:
3e:e6:d7:5f:b0:5a:32:10:73:c0:0f:81:b2:c7:1e:
72:e5:7b:21:21:74:05:ef:cf:16:cd:2e:2d:9f:9d:
d2:95:e0:32:83:16:41:4b:7a:dd:1d:e2:ab:60:e5:
6c:f5:75:ac:d0:67:2c:ea:ce:87:e6:c9:2b:e1:ee:
df:e7:b5:78:a5:dc:ce:61:46:f5:22:cc:59:2d:ee:
a1:c8:4d:44:fd:d1:94:04:1a:02:b8:8f:8b:3f:ff:
65:5f:ed:61:23:fd:6a:c1:81:ce:ae:3f:f6:2f:38:
cf:41:58:1a:98:ad:55:87:9b:f1:62:d5:c0:72:6a:
99:1c:9d:e4:0a:3b:a8:c9:e1:f8:66:cf:49:ad:4b:
36:8e:b4:c7:14:d4:ab:9c:6b:08:53:b9:d1:c9:28:
e4:ed:7f:95:32:5d:87:66:30:f1:75:50:5f:92:d7:
00:48:bc:e8:a2:b8:0f:36:d5:f2:fe:34:6c:e2:d2:
b0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:86:CD:6C:39:9D:F0:3E:56:A8:9C:6D:92:E8:40:EE:2A:97:37:C5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UYbNbDmd8D5WqJxtkuhA7iqXN8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
79.110.49.0/24
84.54.50.0/24
85.217.128.0/24
164.40.184.0/24
164.40.186.0/23
185.221.66.0/24
185.225.72.0/24
194.180.49.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f8:e7:94:0e:d9:fa:6a:d0:af:28:2d:5e:de:5b:80:21:2d:
cf:ea:de:a3:13:9e:9f:d9:21:36:34:60:b5:1b:2b:64:f0:a0:
20:b5:a8:4f:66:73:fc:3a:f2:e3:73:52:04:6b:b3:77:1e:11:
ed:dc:31:1f:3d:34:2e:9c:9c:77:6d:20:8b:0e:84:fb:27:7b:
c3:8c:d1:60:0a:f8:98:ad:4b:70:0e:87:f1:38:8b:57:7b:c0:
0f:d3:18:59:76:53:83:8b:46:c3:be:08:5c:9c:c9:1f:2c:0f:
b2:4f:44:4e:43:c7:66:bc:e6:3e:40:7d:0c:3e:e5:0d:2b:09:
08:c1:e2:f8:0c:d7:f4:91:79:df:2a:e8:4e:2b:8e:45:70:65:
69:72:32:b9:c3:95:3d:84:40:03:29:76:88:ed:cc:32:4f:e6:
e9:82:98:0e:d4:f8:85:e6:7a:09:72:b2:8f:b4:7a:57:b0:6e:
43:b6:11:7f:e3:3b:dc:27:a7:b9:dc:ec:ae:4f:43:ad:aa:78:
f0:5e:83:9f:54:04:00:55:82:3e:b9:a0:95:4b:d0:9a:c5:01:
65:f8:6b:a4:ba:45:93:3a:3d:50:9a:ee:34:ed:aa:5a:11:da:
cc:c3:3c:bb:6f:8a:9d:25:bc:94:8b:3b:06:30:7d:61:2e:a4:
a6:e3:b9:a7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYPlUdZSQ3SF53VuE7AZAOqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MDk0MTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg2Y2Q2YzM5OWRmMDNlNTZhODljNmQ5MmU4NDBlZTJhOTczN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYShNYFmDgQRpBMrSqGgYjdg+01M
Ys3sahkjzOQ89W/1cEkOsLihDBhI6tIUORjffgFM6Kr+N2XqZPesGYIY/BoT7sJN
xXGzj8E+5tdfsFoyEHPAD4Gyxx5y5XshIXQF788WzS4tn53SleAygxZBS3rdHeKr
YOVs9XWs0Gcs6s6H5skr4e7f57V4pdzOYUb1IsxZLe6hyE1E/dGUBBoCuI+LP/9l
X+1hI/1qwYHOrj/2LzjPQVgamK1Vh5vxYtXAcmqZHJ3kCjuoyeH4Zs9JrUs2jrTH
FNSrnGsIU7nRySjk7X+VMl2HZjDxdVBfktcASLzoorgPNtXy/jRs4tKwBQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFGGzWw5nfA+VqicbZLoQO4qlzfFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVVliTmJEbWQ4RDVXcUp4dGt1aEE3aXFYTjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCH6l8AwQA
T24xAwQAVDYyAwQAVdmAAwQApCi4AwQBpCi6AwQAud1CAwQAueFIAwQAwrQxMA0G
CSqGSIb3DQEBCwUAA4IBAQCV+OeUDtn6atCvKC1e3luAIS3P6t6jE56f2SE2NGC1
Gytk8KAgtahPZnP8OvLjc1IEa7N3HhHt3DEfPTQunJx3bSCLDoT7J3vDjNFgCviY
rUtwDofxOItXe8AP0xhZdlODi0bDvghcnMkfLA+yT0ROQ8dmvOY+QH0MPuUNKwkI
weL4DNf0kXnfKuhOK45FcGVpcjK5w5U9hEADKXaI7cwyT+bpgpgO1PiF5noJcrKP
tHpXsG5DthF/4zvcJ6e53OyuT0OtqnjwXoOfVAQAVYI+uaCVS9CaxQFl+GukukWT
Oj1Qmu407apaEdrMwzy7b4qdJbyUizsGMH1hLqSm47mn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org