Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WPOZZGW1yp2A-lL6iNvxNg17DDE.roa
File: WPOZZGW1yp2A-lL6iNvxNg17DDE.roa (raw, json)
Hash identifier: /xXqRbrW6YPSFeC6Au5zfC+BVTstSM2q7d8TSUDrrZE=
Subject key identifier: 58:F3:99:64:65:B5:CA:9D:80:FA:52:FA:88:DB:F1:36:0D:7B:0C:31
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183D17E45B72F9C0FF731FC681969F36D13
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WPOZZGW1yp2A-lL6iNvxNg17DDE.roa
Signing time: Thu 13 Oct 2022 13:17:36 +0000
ROA not before: Thu 13 Oct 2022 13:17:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 87.121.124.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
176.125.252.0/22 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d1:7e:45:b7:2f:9c:0f:f7:31:fc:68:19:69:f3:6d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 13 13:17:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58f3996465b5ca9d80fa52fa88dbf1360d7b0c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9e:1f:2d:85:63:ec:a9:37:c9:32:8e:ae:5a:
01:24:51:dd:71:61:55:76:41:ac:9b:df:30:b5:77:
3b:81:ee:da:56:2e:a1:78:1e:11:28:d7:c2:51:75:
77:0a:86:d2:de:59:1e:4f:ce:eb:9a:b7:f3:2e:85:
fa:ed:11:45:83:fd:c7:ac:35:8c:3f:58:9c:1a:11:
f9:89:67:5e:20:3e:66:48:7a:ef:2a:f7:5c:d5:44:
dc:a5:eb:c6:9a:7b:f1:11:8d:4d:4a:77:30:e7:2d:
1a:b1:e8:dd:a9:ef:d3:de:0f:ba:b6:8f:41:a4:9e:
b9:d3:f4:6a:a6:79:0b:16:68:7a:2e:20:00:45:a7:
d3:17:af:b4:56:d6:18:ac:db:f6:f4:ca:af:44:3a:
3f:d6:20:91:db:f0:29:2c:e5:19:00:49:ff:2e:57:
16:09:39:4f:ee:d1:d6:72:20:3c:0b:c0:1a:64:bd:
c5:af:cf:09:fe:e8:30:63:b7:36:24:f6:23:83:77:
0d:a9:0a:9e:fe:80:12:0d:1e:55:4c:3b:63:10:4f:
bf:33:85:7d:fe:e7:78:62:72:86:7f:dc:15:60:d1:
42:2a:29:cb:b9:ab:34:24:e2:53:a4:c3:2b:ad:21:
73:47:c7:e5:1e:8a:92:e1:47:d5:bf:99:2b:90:ff:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F3:99:64:65:B5:CA:9D:80:FA:52:FA:88:DB:F1:36:0D:7B:0C:31
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WPOZZGW1yp2A-lL6iNvxNg17DDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.49.0/24
87.121.124.0/23
94.154.161.0-94.154.163.255
164.40.185.0/24
176.125.252.0/22
185.218.137.0/24
185.218.139.0/24
185.252.176.0/24
193.222.98.0/24
194.48.248.0/24
194.55.226.0/24
Signature Algorithm: sha256WithRSAEncryption
11:1b:13:ae:94:55:4e:fe:f7:c1:f8:16:ad:bb:83:3e:35:f7:
de:23:15:a2:c8:8e:82:a1:29:fe:47:8f:56:75:8e:73:e6:57:
d7:f4:23:8f:1a:91:26:5b:6d:15:e9:29:82:0a:9d:9e:76:73:
53:38:eb:7d:25:d2:e0:30:96:c6:fb:41:30:15:2e:8c:a5:ab:
e7:da:50:4f:28:90:28:90:06:e1:06:4d:24:31:fc:b7:15:36:
a4:ff:12:f6:2c:36:b5:c1:75:5c:3f:84:53:96:8c:00:cc:7b:
23:69:d2:4d:41:c6:f0:31:3f:64:53:77:71:45:63:5a:0d:74:
aa:28:a0:54:6e:a7:9d:49:15:42:fa:5a:22:14:0d:13:9e:90:
a1:ab:ba:19:26:46:93:31:a6:9e:2d:94:a1:94:fa:11:99:c1:
1b:6e:49:65:07:98:8f:8d:e4:ea:3d:45:8c:c4:2f:73:07:9f:
dc:9e:c1:34:7a:48:40:2c:0c:87:f4:57:ba:a4:4d:d2:ce:9a:
da:f9:71:eb:17:9b:2a:a2:14:05:81:0f:6a:79:2c:7f:4b:ee:
31:f2:b7:0b:75:67:60:85:df:34:12:ae:58:32:43:61:ed:0f:
78:83:0e:65:1f:cb:99:19:69:82:02:bb:5d:bd:91:f2:4e:72:
1e:c7:7a:64
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYPRfkW3L5wP9zH8aBlp820TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDEzMTMxNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGYzOTk2NDY1YjVjYTlkODBmYTUyZmE4OGRiZjEzNjBkN2IwYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ4fLYVj7Kk3yTKOrloBJFHdcWFV
dkGsm98wtXc7ge7aVi6heB4RKNfCUXV3CobS3lkeT87rmrfzLoX67RFFg/3HrDWM
P1icGhH5iWdeID5mSHrvKvdc1UTcpevGmnvxEY1NSncw5y0asejdqe/T3g+6to9B
pJ650/RqpnkLFmh6LiAARafTF6+0VtYYrNv29MqvRDo/1iCR2/ApLOUZAEn/LlcW
CTlP7tHWciA8C8AaZL3Fr88J/ugwY7c2JPYjg3cNqQqe/oASDR5VTDtjEE+/M4V9
/ud4YnKGf9wVYNFCKinLuas0JOJTpMMrrSFzR8flHoqS4UfVv5krkP9sbwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFFjzmWRltcqdgPpS+ojb8TYNewwxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV1BPWlpHVzF5cDJBLWxMNmlOdnhOZzE3RERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAUEwxAwQB
V3l8MAwDBABemqEDBAJemqADBACkKLkDBAKwffwDBAC52okDBAC52osDBAC5/LAD
BADB3mIDBADCMPgDBADCN+IwDQYJKoZIhvcNAQELBQADggEBABEbE66UVU7+98H4
Fq27gz41994jFaLIjoKhKf5Hj1Z1jnPmV9f0I48akSZbbRXpKYIKnZ52c1M4630l
0uAwlsb7QTAVLoylq+faUE8okCiQBuEGTSQx/LcVNqT/EvYsNrXBdVw/hFOWjADM
eyNp0k1BxvAxP2RTd3FFY1oNdKoooFRup51JFUL6WiIUDROekKGruhkmRpMxpp4t
lKGU+hGZwRtuSWUHmI+N5Oo9RYzEL3MHn9yewTR6SEAsDIf0V7qkTdLOmtr5cesX
myqiFAWBD2p5LH9L7jHytwt1Z2CF3zQSrlgyQ2HtD3iDDmUfy5kZaYICu129kfJO
ch7HemQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org