Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VzFGvBpo-ac8xesKGzysR-Jsoww.roa
File: VzFGvBpo-ac8xesKGzysR-Jsoww.roa (raw, json)
Hash identifier: MKQUDfh27x+lNWaWeoFcOh3N3sxvsOeuPS2o/m9M5h4=
Subject key identifier: 57:31:46:BC:1A:68:F9:A7:3C:C5:EB:0A:1B:3C:AC:47:E2:6C:A3:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186841E2C8327CB412FC5349CCAC4D0C35A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VzFGvBpo-ac8xesKGzysR-Jsoww.roa
Signing time: Fri 24 Feb 2023 15:50:15 +0000
ROA not before: Fri 24 Feb 2023 15:50:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 81.161.231.0/24 maxlen: 24
45.81.240.0/24 maxlen: 24
81.161.238.0/23 maxlen: 24
45.81.242.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.37.40.0/22 maxlen: 24
45.84.90.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
92.249.50.0/24 maxlen: 24
45.91.192.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
82.115.210.0/23 maxlen: 24
83.219.99.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
85.208.137.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:1e:2c:83:27:cb:41:2f:c5:34:9c:ca:c4:d0:c3:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 24 15:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=573146bc1a68f9a73cc5eb0a1b3cac47e26ca30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:d2:b3:0a:97:5e:ba:50:34:a7:3a:22:53:
66:ed:8b:70:c8:11:f1:b5:dc:42:8f:cf:fb:f3:fd:
f5:f8:4e:06:bc:38:91:51:5e:9b:34:bf:88:97:95:
7a:f2:89:50:b8:fe:24:d7:71:59:87:f0:b7:66:ef:
e6:b1:ac:35:f2:f7:12:a5:3a:26:48:13:e7:8e:48:
ca:9e:e7:9e:9b:d0:c7:6b:6a:01:86:99:9f:90:40:
31:53:b2:a7:c5:de:08:42:7b:b0:84:15:79:f4:8c:
eb:7a:b2:7f:9c:47:81:18:aa:b5:50:8e:fc:28:a7:
b9:0d:77:c0:5c:89:ba:6d:d5:61:cb:ba:ae:00:3d:
c2:85:8d:4c:87:20:2d:10:96:6f:48:1e:a2:c4:35:
83:8d:8a:91:22:29:83:a9:3f:97:3a:36:9a:90:8a:
c7:db:c5:3a:e9:ac:67:01:8e:27:55:3e:ed:2d:1d:
c5:d0:76:0a:4c:d4:4b:9a:d9:19:8a:e3:17:cf:76:
35:a0:12:44:89:ed:c1:a7:a7:56:fe:11:89:f3:4e:
bf:da:7a:d1:bb:bd:d3:0e:d2:dc:1b:02:07:20:17:
57:c7:3d:e3:08:26:2e:91:fa:b9:ba:84:a3:24:b8:
d0:ea:a4:8c:f7:86:43:d4:2d:37:7d:d1:6d:b1:c9:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:31:46:BC:1A:68:F9:A7:3C:C5:EB:0A:1B:3C:AC:47:E2:6C:A3:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VzFGvBpo-ac8xesKGzysR-Jsoww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
45.81.242.0/24
45.84.90.0/24
45.91.192.0/24
45.139.106.0/24
80.76.48.0/24
81.161.231.0/24
81.161.238.0/23
82.115.210.0/23
83.219.96.0/24
83.219.98.0/23
85.208.137.0/24
87.121.44.0/22
92.119.198.0/24
92.249.50.0/24
193.37.40.0/22
194.31.205.0/24
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a5:e6:93:77:50:64:d7:26:e3:16:0f:65:67:51:d8:ec:83:
47:96:e3:d2:2a:7b:f5:49:2a:f7:de:9b:bf:40:3e:92:c5:14:
08:3b:d2:23:ef:5a:e6:bb:73:14:7f:25:74:3a:67:0a:95:fc:
a1:82:2c:4d:e4:53:9e:a0:62:f8:bb:32:7a:bf:26:95:e2:07:
46:2a:6d:c0:32:f2:8c:62:73:af:47:0f:62:00:65:d4:8c:c4:
fb:84:d9:15:e8:74:40:d4:70:d8:f5:4f:e4:b1:7e:55:88:57:
fa:aa:f2:ba:3a:d9:ae:b2:86:5f:7b:8c:47:4e:36:fe:a1:ca:
1c:df:ac:ef:89:06:c5:61:65:a9:55:66:52:82:99:ba:75:2a:
02:7f:bc:51:a5:d5:4c:fc:a8:23:db:7b:58:89:4c:6d:6a:43:
9a:2e:f1:ea:e2:84:77:16:b1:04:96:a8:b3:91:2d:05:14:9a:
8d:47:4b:fa:b4:a5:8e:6c:f2:65:08:15:15:cd:74:33:97:76:
f2:ef:dc:61:44:6f:bb:f6:ae:f8:04:28:e5:9c:44:25:53:58:
d9:e2:64:3d:fb:00:7e:ce:5e:48:88:94:db:db:3b:0d:bd:3f:
2f:9f:e7:fb:df:4f:2a:b1:c6:4d:c3:d3:e7:21:85:f8:e5:13:
78:a9:41:86
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYaEHiyDJ8tBL8U0nMrE0MNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjI0MTU1MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMxNDZiYzFhNjhmOWE3M2NjNWViMGExYjNjYWM0N2UyNmNhMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD3SswqXXrpQNKc6IlNm7YtwyBHx
tdxCj8/78/31+E4GvDiRUV6bNL+Il5V68olQuP4k13FZh/C3Zu/msaw18vcSpTom
SBPnjkjKnueem9DHa2oBhpmfkEAxU7Knxd4IQnuwhBV59IzrerJ/nEeBGKq1UI78
KKe5DXfAXIm6bdVhy7quAD3ChY1MhyAtEJZvSB6ixDWDjYqRIimDqT+XOjaakIrH
28U66axnAY4nVT7tLR3F0HYKTNRLmtkZiuMXz3Y1oBJEie3Bp6dW/hGJ806/2nrR
u73TDtLcGwIHIBdXxz3jCCYukfq5uoSjJLjQ6qSM94ZD1C03fdFtsclmGwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFcxRrwaaPmnPMXrChs8rEfibKMMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVnpGR3ZCcG8tYWM4eGVzS0d6eXNSLUpzb3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC1R8AME
AC1R8gMEAC1UWgMEAC1bwAMEAC2LagMEAFBMMAMEAFGh5wMEAVGh7gMEAVJz0gME
AFPbYAMEAVPbYgMEAFXQiQMEAld5LAMEAFx3xgMEAFz5MgMEAsElKAMEAMIfzQME
AMI3uzANBgkqhkiG9w0BAQsFAAOCAQEAm6Xmk3dQZNcm4xYPZWdR2OyDR5bj0ip7
9Ukq996bv0A+ksUUCDvSI+9a5rtzFH8ldDpnCpX8oYIsTeRTnqBi+Lsyer8mleIH
RiptwDLyjGJzr0cPYgBl1IzE+4TZFeh0QNRw2PVP5LF+VYhX+qryujrZrrKGX3uM
R042/qHKHN+s74kGxWFlqVVmUoKZunUqAn+8UaXVTPyoI9t7WIlMbWpDmi7x6uKE
dxaxBJaos5EtBRSajUdL+rSljmzyZQgVFc10M5d28u/cYURvu/au+AQo5ZxEJVNY
2eJkPfsAfs5eSIiU29s7Db0/L5/n+99PKrHGTcPT5yGF+OUTeKlBhg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org