Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vj1RPxAWT3K3Mz_5EKXhghFYSSU.roa
File: Vj1RPxAWT3K3Mz_5EKXhghFYSSU.roa (raw, json)
Hash identifier: KHd076aRHhcGjIBC4K91cmeXo1vyYMA03rjM8CO/LEU=
Subject key identifier: 56:3D:51:3F:10:16:4F:72:B7:33:3F:F9:10:A5:E1:82:11:58:49:25
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E6118D30FF830D9D4C95133F9C483FD3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vj1RPxAWT3K3Mz_5EKXhghFYSSU.roa
Signing time: Mon 17 Oct 2022 13:10:53 +0000
ROA not before: Mon 17 Oct 2022 13:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 93.123.88.0/21 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.120.77.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
31.13.252.0/24 maxlen: 24
31.13.253.0/24 maxlen: 24
31.13.254.0/24 maxlen: 24
31.13.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:11:8d:30:ff:83:0d:9d:4c:95:13:3f:9c:48:3f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 13:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=563d513f10164f72b7333ff910a5e18211584925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:14:ea:4a:de:24:8e:a7:5d:73:11:f8:81:
2c:d2:71:12:cc:99:3b:97:9a:51:51:8f:7a:a2:19:
0b:5f:20:08:52:78:f6:3c:b4:a5:ea:31:4f:14:bc:
bb:4f:99:ab:db:c6:ce:34:95:37:e7:08:72:f2:80:
62:86:c4:e7:01:0b:26:3a:6f:0b:7d:f7:b2:55:9c:
7e:85:c8:a8:07:8d:e7:d1:43:e8:b3:02:77:a3:11:
4e:e4:89:24:9b:b7:cb:1a:6e:9d:90:f8:99:bd:06:
d2:f7:50:97:7a:86:dc:51:84:77:38:61:36:dc:c4:
46:9e:bc:27:70:a4:e8:f9:38:94:82:e0:ce:7d:d8:
8c:86:94:26:7c:9c:4e:7e:29:8f:ac:36:5b:b5:1f:
dc:06:48:9c:3c:43:a2:ab:13:fc:e1:3f:96:64:ec:
f2:32:0c:4e:28:20:b8:8f:12:15:9e:e9:09:b6:5a:
f1:97:df:6a:99:ef:48:99:f7:63:ef:8e:e7:27:b2:
46:0e:61:f0:b3:87:c1:fc:65:a9:8b:88:3f:1b:d0:
2e:2b:51:fa:36:46:d3:ce:24:5f:19:ab:b4:39:f9:
ba:40:2b:93:7e:04:e5:4b:80:92:af:9e:3d:e1:8a:
65:6f:c3:a9:f2:98:25:da:ce:8d:18:42:3e:e5:f3:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3D:51:3F:10:16:4F:72:B7:33:3F:F9:10:A5:E1:82:11:58:49:25
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vj1RPxAWT3K3Mz_5EKXhghFYSSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.72.0/21
87.121.104.0/23
93.123.88.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:11:1e:ca:0e:69:bd:2e:20:6c:58:79:c9:31:c0:41:5d:b1:
b3:f8:cc:b3:bc:34:e4:ea:30:ed:77:ab:86:06:73:e2:d3:e0:
09:8d:cd:68:be:09:76:b3:93:9c:f8:3c:49:71:77:10:79:ca:
20:7d:5b:05:00:21:dc:6c:33:7f:10:63:74:fe:84:6c:00:20:
e6:f9:d8:59:39:5e:bc:72:18:3a:a6:87:86:32:90:2a:6d:b6:
f2:f6:a1:55:b8:92:bd:f8:e8:a6:32:8a:8f:a5:7a:a2:e7:db:
69:92:d0:8f:b1:3d:57:c0:0e:3e:a8:0e:25:0f:76:a0:81:84:
24:ea:1f:01:c3:09:af:e3:fd:f6:68:06:6b:b8:89:4c:78:fb:
da:1e:35:80:99:81:b9:31:a8:d2:46:85:03:0e:34:37:ca:1f:
87:62:9d:b0:90:e0:99:be:6a:5a:00:c1:1d:8f:20:f0:1e:76:
b4:f7:4e:d4:d2:ec:0e:a6:8f:3f:3e:39:11:58:a9:a0:a5:fe:
fb:60:26:e6:42:1c:d4:19:a1:94:aa:0a:9e:fc:ef:92:85:56:
8b:1f:b5:41:47:45:59:7c:6a:8c:80:0d:6b:d1:f4:eb:f4:09:
26:44:cd:2c:f1:42:0f:e0:47:f4:60:96:b8:05:fb:61:e6:d0:
65:8f:56:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPmEY0w/4MNnUyVEz+cSD/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MTMxMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNkNTEzZjEwMTY0ZjcyYjczMzNmZjkxMGE1ZTE4MjExNTg0OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCMU6kreJI6nXXMR+IEs0nESzJk7
l5pRUY96ohkLXyAIUnj2PLSl6jFPFLy7T5mr28bONJU35why8oBihsTnAQsmOm8L
ffeyVZx+hcioB43n0UPoswJ3oxFO5Ikkm7fLGm6dkPiZvQbS91CXeobcUYR3OGE2
3MRGnrwncKTo+TiUguDOfdiMhpQmfJxOfimPrDZbtR/cBkicPEOiqxP84T+WZOzy
MgxOKCC4jxIVnukJtlrxl99qme9Imfdj747nJ7JGDmHws4fB/GWpi4g/G9AuK1H6
NkbTziRfGau0Ofm6QCuTfgTlS4CSr5494Yplb8Op8pgl2s6NGEI+5fOYgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFY9UT8QFk9ytzM/+RCl4YIRWEklMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVmoxUlB4QVdUM0szTXpfNUVLWGhnaEZZU1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHw38AwQD
V3hIAwQBV3loAwQDXXtYMA0GCSqGSIb3DQEBCwUAA4IBAQA/ER7KDmm9LiBsWHnJ
McBBXbGz+MyzvDTk6jDtd6uGBnPi0+AJjc1ovgl2s5Oc+DxJcXcQecogfVsFACHc
bDN/EGN0/oRsACDm+dhZOV68chg6poeGMpAqbbby9qFVuJK9+OimMoqPpXqi59tp
ktCPsT1XwA4+qA4lD3aggYQk6h8Bwwmv4/32aAZruIlMePvaHjWAmYG5MajSRoUD
DjQ3yh+HYp2wkOCZvmpaAMEdjyDwHna0907U0uwOpo8/PjkRWKmgpf77YCbmQhzU
GaGUqgqe/O+ShVaLH7VBR0VZfGqMgA1r0fTr9AkmRM0s8UIP4Ef0YJa4Bfth5tBl
j1bj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org