Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpzzlOAaD_tCKPIUw4ZImTC6VS4.roa
File: WpzzlOAaD_tCKPIUw4ZImTC6VS4.roa (raw, json)
Hash identifier: jh9Z4Z0X+ybVoVufPLqZjMmW5FupVZRyA1+qiTSszFM=
Subject key identifier: 5A:9C:F3:94:E0:1A:0F:FB:42:28:F2:14:C3:86:48:99:30:BA:55:2E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018920987948FD63A315AD2DD50CE29C16EE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpzzlOAaD_tCKPIUw4ZImTC6VS4.roa
Signing time: Tue 04 Jul 2023 11:10:10 +0000
ROA not before: Tue 04 Jul 2023 11:10:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 83.143.112.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:98:79:48:fd:63:a3:15:ad:2d:d5:0c:e2:9c:16:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 4 11:10:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a9cf394e01a0ffb4228f214c386489930ba552e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c5:9f:6f:ae:de:67:d4:5b:48:45:ee:61:4d:
ab:32:7c:41:a4:34:71:78:ff:e7:32:ab:94:45:86:
49:7f:88:fd:35:af:4f:b5:fb:06:ef:40:43:65:e5:
be:39:fe:75:a0:f9:e4:b0:b0:b3:95:0c:e4:c3:15:
c6:50:54:03:91:a9:18:c4:34:f7:68:0b:c3:14:46:
7c:86:e3:8f:59:ff:e8:0e:43:bf:52:01:5b:ab:cd:
35:ec:07:a0:2b:33:bc:54:0d:cf:db:16:ef:40:32:
6e:21:90:29:af:51:d3:1c:3b:a7:74:6c:38:4f:fc:
e7:ed:46:5e:49:e5:d0:18:c0:3f:d9:69:f7:59:bf:
ef:d5:d9:8b:73:7f:22:1a:de:ee:b8:21:86:f7:76:
42:cb:6f:47:24:7b:af:95:ce:82:5a:e1:55:e4:c8:
f0:02:bb:27:d1:52:68:50:c4:09:e0:f3:c7:55:54:
d4:46:a3:2f:c7:68:0d:6f:86:0d:37:41:01:f0:72:
65:5b:2c:0f:d6:79:5c:72:c0:5a:b5:b3:d6:29:fe:
27:63:42:48:bb:7c:ea:f0:d5:08:47:82:5d:0a:99:
b0:cf:9f:45:e7:ce:e3:e0:06:b1:ca:9f:e2:96:c4:
a3:5f:5d:92:9e:5b:14:6f:17:b1:64:bd:d4:76:5d:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9C:F3:94:E0:1A:0F:FB:42:28:F2:14:C3:86:48:99:30:BA:55:2E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WpzzlOAaD_tCKPIUw4ZImTC6VS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.128.99.0/24
83.143.112.0/23
85.209.132.0/24
85.217.145.0/24
87.121.69.0/24
176.125.252.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
48:15:e5:5f:c5:f8:d0:1a:e7:61:c9:78:97:23:fe:fb:9c:af:
c7:41:53:a2:c2:c1:01:96:61:b8:59:d3:d0:18:ae:2e:a2:0c:
a6:65:88:3c:0d:29:0e:5a:16:21:6e:9d:33:0f:83:8e:70:4a:
66:08:54:4a:29:1d:2d:5a:ba:75:af:50:6e:89:cf:08:df:d1:
8a:58:c6:c4:94:83:c3:22:09:f5:be:91:51:21:12:16:5c:0f:
c8:6f:c4:84:1f:b0:9b:39:84:c7:7f:e3:e1:bd:70:4c:30:f1:
dd:16:83:14:71:dd:e3:de:b7:ac:be:e6:e2:7a:fa:b6:2b:dc:
2a:4d:a4:00:a3:e3:68:6c:2b:7f:7f:63:38:ed:b2:43:c9:bd:
2f:33:d0:b8:78:f6:52:84:25:d0:28:f2:4f:9a:f6:ab:91:7b:
d2:83:c2:5e:92:6a:b7:51:00:97:da:77:ee:3d:02:12:e1:00:
9e:82:52:79:e3:11:31:ea:5f:df:cb:bd:58:85:a4:a7:84:d3:
91:d0:60:7d:96:61:12:9d:75:af:32:d4:32:0d:47:a4:4a:3c:
f4:89:f6:cc:eb:d3:0c:3c:37:ba:42:5b:de:78:fa:83:1b:f3:
d8:28:35:df:d3:48:e6:b7:23:bf:e0:d6:4b:c5:4a:60:b4:2d:
a9:48:98:4e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYkgmHlI/WOjFa0t1QzinBbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzA0MTExMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTljZjM5NGUwMWEwZmZiNDIyOGYyMTRjMzg2NDg5OTMwYmE1NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMWfb67eZ9RbSEXuYU2rMnxBpDRx
eP/nMquURYZJf4j9Na9PtfsG70BDZeW+Of51oPnksLCzlQzkwxXGUFQDkakYxDT3
aAvDFEZ8huOPWf/oDkO/UgFbq8017AegKzO8VA3P2xbvQDJuIZApr1HTHDundGw4
T/zn7UZeSeXQGMA/2Wn3Wb/v1dmLc38iGt7uuCGG93ZCy29HJHuvlc6CWuFV5Mjw
Arsn0VJoUMQJ4PPHVVTURqMvx2gNb4YNN0EB8HJlWywP1nlccsBatbPWKf4nY0JI
u3zq8NUIR4JdCpmwz59F587j4Aaxyp/ilsSjX12SnlsUbxexZL3Udl2fWwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFqc85TgGg/7QijyFMOGSJkwulUuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV3B6emxPQWFEX3RDS1BJVXc0WkltVEM2VlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALVRaAwQA
LYBjAwQBU49wAwQAVdGEAwQAVdmRAwQAV3lFAwQAsH38AwQAud6jAwQAwSoiAwQA
wS88AwQAwS8/AwQAwjD5AwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQBIFeVfxfjQ
GudhyXiXI/77nK/HQVOiwsEBlmG4WdPQGK4uogymZYg8DSkOWhYhbp0zD4OOcEpm
CFRKKR0tWrp1r1Buic8I39GKWMbElIPDIgn1vpFRIRIWXA/Ib8SEH7CbOYTHf+Ph
vXBMMPHdFoMUcd3j3resvubievq2K9wqTaQAo+NobCt/f2M47bJDyb0vM9C4ePZS
hCXQKPJPmvarkXvSg8Jekmq3UQCX2nfuPQIS4QCeglJ54xEx6l/fy71YhaSnhNOR
0GB9lmESnXWvMtQyDUekSjz0ifbM69MMPDe6QlveePqDG/PYKDXf00jmtyO/4NZL
xUpgtC2pSJhO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org