Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VrxPsr_oEWoH3JNmt23DfAKA_Xw.roa
File: VrxPsr_oEWoH3JNmt23DfAKA_Xw.roa (raw, json)
Hash identifier: Gqvdmin/QKIGjineb8k+723VEjrefuOibj3qwC0291E=
Subject key identifier: 56:BC:4F:B2:BF:E8:11:6A:07:DC:93:66:B7:6D:C3:7C:02:80:FD:7C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1EA4E9B1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VrxPsr_oEWoH3JNmt23DfAKA_Xw.roa
Signing time: Wed 25 May 2022 13:19:13 +0000
ROA not before: Wed 25 May 2022 13:19:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 185.218.139.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 514124209 (0x1ea4e9b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 13:19:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56bc4fb2bfe8116a07dc9366b76dc37c0280fd7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d5:44:ce:12:b5:d8:01:28:ed:eb:9c:70:f5:
a5:25:2a:e6:2c:df:e9:4d:c2:0a:73:b5:33:10:68:
93:42:58:23:a1:99:2f:c3:3a:9b:55:ea:3a:be:18:
7a:20:8f:ec:09:0b:30:42:d4:0c:b3:62:f8:ab:2d:
cc:21:54:2e:e2:cd:17:d4:db:16:83:c0:38:e3:ea:
46:ed:5d:68:51:4b:c0:ff:4d:25:27:94:7a:cc:ba:
02:d7:8d:cc:11:ff:78:28:ff:0b:d6:e0:88:56:1d:
30:da:f9:db:a3:0b:a5:35:14:05:08:b9:0e:42:96:
1c:c0:db:15:b5:77:6c:eb:a7:0e:5d:0d:3e:ea:6a:
8e:16:7b:d8:c1:0d:0f:26:3c:6f:4b:7d:c9:92:ff:
c7:43:fe:10:59:da:97:56:b9:00:54:82:97:4f:a3:
96:eb:e7:d3:63:40:d9:b1:aa:52:89:10:73:6d:4e:
ee:0c:d6:49:ad:77:e5:91:c4:9b:a5:b0:49:3a:26:
0e:54:e8:80:6f:ff:85:ac:b1:8b:fa:19:1b:50:36:
15:68:7a:d7:c6:b6:1d:f2:a6:ff:cd:9f:de:09:c0:
8e:6f:fe:6b:8b:f8:69:ef:5d:4e:50:0b:13:35:c7:
4c:80:83:a9:67:d8:26:4e:72:15:b5:e0:1e:4e:2e:
b9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BC:4F:B2:BF:E8:11:6A:07:DC:93:66:B7:6D:C3:7C:02:80:FD:7C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VrxPsr_oEWoH3JNmt23DfAKA_Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0-79.110.50.255
80.76.51.0/24
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
94.154.172.0/24
178.215.224.0/22
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/22
194.55.184.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:02:b6:6f:80:61:9d:e6:01:d3:f6:a1:4c:e7:48:e6:35:b7:
83:6a:a9:c2:07:45:63:d3:a5:2e:c2:de:ea:17:93:1d:33:b6:
68:81:dd:aa:f7:ab:6b:b6:62:1b:4e:48:1f:ec:a2:55:c5:7a:
e6:06:eb:52:4b:b2:8e:0d:7a:3a:1c:26:e5:c8:a5:22:41:ec:
83:15:ef:34:0c:0d:6f:b6:70:b7:26:11:22:b6:ac:d7:4d:ae:
da:f1:b4:db:c4:80:d7:64:bb:59:27:3b:05:01:bf:20:1c:24:
0b:b8:2e:a5:ad:ba:a0:f9:a3:c9:01:d9:f6:62:99:80:5c:7d:
16:0e:3c:dc:78:c2:2d:5b:3e:80:58:95:71:59:8c:37:42:14:
84:67:fc:42:1f:06:c1:88:b9:5d:24:14:60:6d:86:c2:98:eb:
92:d7:d6:77:5e:73:58:e0:a4:23:51:64:1d:2f:3b:69:ba:cf:
3b:f8:59:e5:98:85:13:50:99:b3:f4:58:bc:51:c2:c9:3a:bb:
98:26:58:ba:e2:8c:ce:79:75:c1:a2:f4:d0:32:9e:c7:12:35:
9a:45:d1:94:ac:25:df:ae:f8:f2:45:a8:5d:33:26:a3:dc:da:
c0:be:24:d5:74:37:a0:ea:6b:8a:1a:51:dc:80:7f:9f:0a:7a:
e1:09:95:46
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIEHqTpsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUy
NTEzMTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZiYzRmYjJiZmU4
MTE2YTA3ZGM5MzY2Yjc2ZGMzN2MwMjgwZmQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDVRM4StdgBKO3rnHD1pSUq5izf6U3CCnO1MxBok0JYI6GZ
L8M6m1XqOr4YeiCP7AkLMELUDLNi+KstzCFULuLNF9TbFoPAOOPqRu1daFFLwP9N
JSeUesy6AteNzBH/eCj/C9bgiFYdMNr526MLpTUUBQi5DkKWHMDbFbV3bOunDl0N
PupqjhZ72MENDyY8b0t9yZL/x0P+EFnal1a5AFSCl0+jluvn02NA2bGqUokQc21O
7gzWSa135ZHEm6WwSTomDlTogG//hayxi/oZG1A2FWh618a2HfKm/82f3gnAjm/+
a4v4ae9dTlALEzXHTICDqWfYJk5yFbXgHk4uuUsCAwEAAaOCAnIwggJuMB0GA1Ud
DgQWBBRWvE+yv+gRagfck2a3bcN8AoD9fDAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1ZyeFBzcl9vRVdvSDNKTm10MjNEZkFLQV9Ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hwYIKwYBBQUHAQcBAf8EeDB2MHQEAgABMG4DBAEli4IwDAMEBE9uMAMEAE9uMgME
AFBMMwMEAlPbYAMEAFd4VAMEAFd4VwMEAF6arAMEArLX4AMEALLX7wMEALnYRAME
ALnaiwMEALn8sAMEAMEjEgMEAMEvPAMEAcEvPgMEAsIw+AMEAcI3uDANBgkqhkiG
9w0BAQsFAAOCAQEACgK2b4BhneYB0/ahTOdI5jW3g2qpwgdFY9OlLsLe6heTHTO2
aIHdqvera7ZiG05IH+yiVcV65gbrUkuyjg16Ohwm5cilIkHsgxXvNAwNb7ZwtyYR
Iras102u2vG028SA12S7WSc7BQG/IBwkC7gupa26oPmjyQHZ9mKZgFx9Fg483HjC
LVs+gFiVcVmMN0IUhGf8Qh8GwYi5XSQUYG2GwpjrktfWd15zWOCkI1FkHS87abrP
O/hZ5ZiFE1CZs/RYvFHCyTq7mCZYuuKMznl1waL00DKexxI1mkXRlKwl36748kWo
XTMmo9zawL4k1XQ3oOprihpR3IB/nwp64QmVRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org