Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vt1ZLIqGE6WK5PajUQl8wwg1pVQ.roa
File: Vt1ZLIqGE6WK5PajUQl8wwg1pVQ.roa (raw, json)
Hash identifier: 7Z46Byp/RIPcS/Z4kV8uaWANmyKx1o+ri6EGvaO83mg=
Subject key identifier: 56:DD:59:2C:8A:86:13:A5:8A:E4:F6:A3:51:09:7C:C3:08:35:A5:54
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018268B316E3DEFA3CD40CF06C7860F5BA70
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vt1ZLIqGE6WK5PajUQl8wwg1pVQ.roa
Signing time: Thu 04 Aug 2022 11:52:23 +0000
ROA not before: Thu 04 Aug 2022 11:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
85.217.128.0/24 maxlen: 24
164.40.186.0/23 maxlen: 24
164.40.184.0/24 maxlen: 24
84.54.50.0/23 maxlen: 24
193.37.43.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.184.0/23 maxlen: 24
194.55.187.0/24 maxlen: 24
185.221.66.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
185.225.72.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:b3:16:e3:de:fa:3c:d4:0c:f0:6c:78:60:f5:ba:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 4 11:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56dd592c8a8613a58ae4f6a351097cc30835a554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:52:7b:74:09:b3:1c:2e:0b:b9:f4:c3:ba:f0:
91:a2:06:22:6c:08:ca:22:9a:4b:dc:bc:df:47:e8:
11:cf:e2:68:3c:c6:45:7d:08:7d:70:b1:c7:4d:dd:
89:db:89:c4:a7:50:29:7a:bb:de:cb:a2:34:0b:17:
5c:7a:e6:4c:c8:10:37:3a:60:fc:15:04:a7:db:62:
73:27:38:96:2a:15:f9:72:5b:a5:21:cc:90:87:34:
15:c6:9f:38:ba:15:5d:83:19:83:48:61:74:4c:3e:
a4:d2:a2:37:62:ef:6e:45:6e:df:7c:f1:40:76:68:
65:6e:cf:e8:62:e2:30:ab:68:1f:5a:49:4b:42:53:
fe:e9:ca:20:0f:69:11:77:e5:1d:7d:ea:4c:46:8a:
98:26:de:e9:81:11:c6:a4:4c:e8:73:31:b0:6b:40:
d6:d3:be:87:d1:65:83:3f:a8:7c:0c:2a:91:a6:43:
7e:0b:02:77:33:8d:a9:24:43:08:99:f5:13:84:e7:
7d:61:4f:3f:6c:8f:62:17:1d:17:8c:c8:d5:70:ad:
2f:27:a5:e9:c2:39:e9:0a:a4:d1:7d:18:d0:a2:b5:
00:07:67:2b:2c:9f:4e:0d:eb:f2:ff:1e:52:61:6c:
04:31:fd:2b:01:4c:04:16:87:9d:55:f1:73:4b:0a:
9e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DD:59:2C:8A:86:13:A5:8A:E4:F6:A3:51:09:7C:C3:08:35:A5:54
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vt1ZLIqGE6WK5PajUQl8wwg1pVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
79.110.49.0/24
84.54.50.0/23
85.217.128.0/24
94.154.161.0-94.154.163.255
164.40.184.0/24
164.40.186.0/23
185.221.66.0/24
185.225.72.0/24
193.37.43.0/24
194.48.249.0/24
194.55.184.0/23
194.55.187.0/24
194.169.173.0-194.169.174.255
194.180.49.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9e:a0:a3:6c:4b:13:83:b2:94:b7:89:e4:4a:07:a4:44:be:
29:95:21:02:c3:c4:ea:b2:0c:ee:b1:58:8d:92:b4:9b:e7:0d:
27:c5:8d:2b:84:bf:55:5c:6e:92:57:22:03:79:92:df:16:5c:
81:06:ce:46:41:80:ce:1e:8a:0a:ac:f3:6a:ff:89:12:1b:f6:
f4:73:43:65:7b:1d:4b:aa:e7:98:39:e0:c5:87:ff:05:58:32:
c9:07:6e:21:29:b5:56:26:d2:49:b4:8e:31:55:f6:5e:da:be:
80:f6:9c:50:73:52:7b:ee:6c:eb:63:e2:6c:fc:60:7e:91:a5:
40:dc:6c:d5:d2:6f:4b:23:27:fb:c2:bb:20:d9:5e:1f:70:59:
2e:2a:f4:d8:9a:b1:05:26:57:64:0b:64:d9:c7:35:b9:b0:0c:
ec:b8:14:92:f5:a8:aa:a6:d8:d1:6a:91:e7:24:39:63:94:82:
50:49:64:7a:e5:11:e2:ec:2b:f1:9a:f9:9a:17:1f:98:27:6c:
e4:86:7f:fe:e1:1b:34:33:90:80:c9:5c:e1:3a:6c:de:a6:56:
f1:c9:a7:11:9f:af:47:1d:80:23:98:85:33:ef:84:92:9a:23:
65:70:6d:25:2a:f7:74:12:18:b1:c3:6a:1c:51:8d:8a:fc:d1:
b3:0d:c7:8a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYJosxbj3vo81AzwbHhg9bpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODA0MTE1MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRkNTkyYzhhODYxM2E1OGFlNGY2YTM1MTA5N2NjMzA4MzVhNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVJ7dAmzHC4LufTDuvCRogYibAjK
IppL3LzfR+gRz+JoPMZFfQh9cLHHTd2J24nEp1Apervey6I0CxdceuZMyBA3OmD8
FQSn22JzJziWKhX5clulIcyQhzQVxp84uhVdgxmDSGF0TD6k0qI3Yu9uRW7ffPFA
dmhlbs/oYuIwq2gfWklLQlP+6cogD2kRd+UdfepMRoqYJt7pgRHGpEzoczGwa0DW
076H0WWDP6h8DCqRpkN+CwJ3M42pJEMImfUThOd9YU8/bI9iFx0XjMjVcK0vJ6Xp
wjnpCqTRfRjQorUAB2crLJ9ODevy/x5SYWwEMf0rAUwEFoedVfFzSwqeKQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFbdWSyKhhOliuT2o1EJfMMINaVUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVnQxWkxJcUdFNldLNVBhalVRbDh3d2cxcFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAh+pfAME
AE9uMQMEAVQ2MgMEAFXZgDAMAwQAXpqhAwQCXpqgAwQApCi4AwQBpCi6AwQAud1C
AwQAueFIAwQAwSUrAwQAwjD5AwQBwje4AwQAwje7MAwDBADCqa0DBADCqa4DBADC
tDEwDQYJKoZIhvcNAQELBQADggEBAC+eoKNsSxODspS3ieRKB6REvimVIQLDxOqy
DO6xWI2StJvnDSfFjSuEv1VcbpJXIgN5kt8WXIEGzkZBgM4eigqs82r/iRIb9vRz
Q2V7HUuq55g54MWH/wVYMskHbiEptVYm0km0jjFV9l7avoD2nFBzUnvubOtj4mz8
YH6RpUDcbNXSb0sjJ/vCuyDZXh9wWS4q9NiasQUmV2QLZNnHNbmwDOy4FJL1qKqm
2NFqkeckOWOUglBJZHrlEeLsK/Ga+ZoXH5gnbOSGf/7hGzQzkIDJXOE6bN6mVvHJ
pxGfr0cdgCOYhTPvhJKaI2VwbSUq93QSGLHDahxRjYr80bMNx4o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org