Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Wnv7TtZerhGEdRW6CXxBkAwhUBI.roa
File: Wnv7TtZerhGEdRW6CXxBkAwhUBI.roa (raw, json)
Hash identifier: UogsuMml/lYhzxYnOvqRaDEBWlGNaNr6nI9FyQsWre0=
Subject key identifier: 5A:7B:FB:4E:D6:5E:AE:11:84:75:15:BA:09:7C:41:90:0C:21:50:12
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182AC41A4DF25C1FC3C1B6B1ACFA6FD7767
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Wnv7TtZerhGEdRW6CXxBkAwhUBI.roa
Signing time: Wed 17 Aug 2022 14:42:39 +0000
ROA not before: Wed 17 Aug 2022 14:42:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
212.87.206.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ac:41:a4:df:25:c1:fc:3c:1b:6b:1a:cf:a6:fd:77:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 17 14:42:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a7bfb4ed65eae11847515ba097c41900c215012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:83:6c:4f:b9:24:05:25:1d:4c:bb:26:bc:58:
f6:1b:4f:b1:57:d1:37:31:d1:ee:65:5e:c1:37:95:
cf:ba:20:e6:ab:f1:18:68:6d:e2:0d:74:52:f4:39:
ed:27:32:43:7f:d0:ea:c5:18:0f:e2:fb:4f:c1:bd:
20:23:1b:6d:4c:65:b8:02:ea:ec:12:ce:19:fc:5e:
cb:5c:41:22:fe:e9:ea:95:f3:88:86:8a:d2:72:4d:
d8:fc:70:e1:af:60:8e:04:30:0f:d9:3f:02:cd:04:
92:ee:e9:50:3a:8d:80:c0:ad:c3:14:fe:56:b0:42:
d3:be:1d:ca:37:b6:86:97:c6:32:d2:c3:f1:cd:f4:
b2:9b:d7:62:93:ea:33:94:b9:b7:7b:e7:03:06:40:
f5:71:02:95:74:92:12:c7:41:22:bd:5d:08:e0:aa:
f6:bb:ee:1f:2c:73:06:3a:6f:76:ac:b5:5f:d2:75:
7b:c6:bd:5d:64:1f:20:e6:b4:3c:1d:47:38:c1:8c:
d7:75:38:87:ac:db:b9:49:bb:e6:5f:3a:16:b6:9e:
63:ad:30:a5:8a:fd:8b:e8:04:88:65:8f:26:b8:fc:
ab:7b:ee:a0:42:0f:ed:be:73:cc:9c:3b:85:73:d2:
49:0b:64:3b:f2:2f:16:fb:cd:e5:37:e7:6b:72:b7:
8d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:FB:4E:D6:5E:AE:11:84:75:15:BA:09:7C:41:90:0C:21:50:12
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Wnv7TtZerhGEdRW6CXxBkAwhUBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
80.76.48.0/24
80.76.50.0/24
82.115.208.0/24
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
92.249.48.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.236.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.25.216.0/24
193.35.19.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
194.180.50.0/24
212.87.206.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:6a:cf:dd:93:4f:ac:8d:a9:b9:c5:12:a9:ea:d9:4e:1d:0c:
44:f8:f6:b0:30:0a:1c:71:54:68:4c:33:15:15:c1:85:17:be:
df:2c:c5:c0:a2:bc:6e:c2:cf:28:3e:ca:66:91:5c:07:73:ca:
03:b5:10:c9:35:f1:6e:c1:f0:54:4b:fa:2c:81:05:18:cc:10:
4c:ca:ca:af:8f:93:a4:c0:5d:ef:af:1a:17:36:1c:dd:01:61:
58:85:85:30:22:33:10:eb:11:8e:c7:46:d8:77:d6:3d:54:48:
0a:ac:4c:a6:d1:3e:a3:e0:9a:24:5f:e0:b4:e6:1f:c0:9d:ac:
0f:d1:f6:ed:bd:2d:2c:0b:05:24:b9:e2:d7:40:b6:48:a5:ed:
0f:09:92:b9:f8:dd:c6:40:d9:4f:ea:77:ab:d7:31:66:cf:5d:
28:e3:9f:b4:66:c9:36:32:2b:1a:8a:57:fe:11:86:c9:fd:4f:
9a:7a:26:cb:75:27:ea:65:a6:a5:59:74:39:18:0b:ab:42:9a:
8a:09:7e:fe:4b:9f:98:c0:34:fc:49:3a:69:b9:a7:c1:b0:1d:
5e:38:87:fc:1b:0d:37:b1:d3:ea:13:20:e7:08:f2:9c:e6:d9:
50:9a:39:ba:2c:6f:24:e1:42:df:2d:fd:18:a2:78:fd:4a:95:
d9:28:6e:e4
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYKsQaTfJcH8PBtrGs+m/XdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE3MTQ0MjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdiZmI0ZWQ2NWVhZTExODQ3NTE1YmEwOTdjNDE5MDBjMjE1MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoNsT7kkBSUdTLsmvFj2G0+xV9E3
MdHuZV7BN5XPuiDmq/EYaG3iDXRS9DntJzJDf9DqxRgP4vtPwb0gIxttTGW4Aurs
Es4Z/F7LXEEi/unqlfOIhorSck3Y/HDhr2COBDAP2T8CzQSS7ulQOo2AwK3DFP5W
sELTvh3KN7aGl8Yy0sPxzfSym9dik+ozlLm3e+cDBkD1cQKVdJISx0EivV0I4Kr2
u+4fLHMGOm92rLVf0nV7xr1dZB8g5rQ8HUc4wYzXdTiHrNu5SbvmXzoWtp5jrTCl
iv2L6ASIZY8muPyre+6gQg/tvnPMnDuFc9JJC2Q78i8W+83lN+drcreNVQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFFp7+07WXq4RhHUVugl8QZAMIVASMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV252N1R0WmVyaEdFZFJXNkNYeEJrQXdoVUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABP
bjADBABPbj0DBABQTDADBABQTDIDBABSc9ADBABT22EDBABUNjEDBABVHy0DBABV
Hy8DBABV2ZADBABXeFQDBABXeFcDBABc+TAwDAMEAF5nfQMEB15nAAMEAF6arDAM
AwQAstfhAwQCstfgAwQAstfsAwQAstfvMAwDBAC52EUDBAC52EYDBAC52ogDBAC5
9t0DBAG5/LADBADBGdgDBADBIxMDBADBJSoDBADBJS8DBADBKiADBAHBLz4DBADB
3mEDBADCtDIDBADUV84wDQYJKoZIhvcNAQELBQADggEBAI1qz92TT6yNqbnFEqnq
2U4dDET49rAwChxxVGhMMxUVwYUXvt8sxcCivG7Czyg+ymaRXAdzygO1EMk18W7B
8FRL+iyBBRjMEEzKyq+Pk6TAXe+vGhc2HN0BYViFhTAiMxDrEY7HRth31j1USAqs
TKbRPqPgmiRf4LTmH8CdrA/R9u29LSwLBSS54tdAtkil7Q8Jkrn43cZA2U/qd6vX
MWbPXSjjn7RmyTYyKxqKV/4Rhsn9T5p6Jst1J+plpqVZdDkYC6tCmooJfv5Ln5jA
NPxJOmm5p8GwHV44h/wbDTex0+oTIOcI8pzm2VCaObosbyThQt8t/RiieP1Kldko
buQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org