Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5VJa78ITe3fWPJSeT4ibcZShD4.roa
File: a5VJa78ITe3fWPJSeT4ibcZShD4.roa (raw, json)
Hash identifier: kgNBvDvdr7CespWE8cgMZnE4pp4P2zAMn5SH7ZRLABo=
Subject key identifier: 6B:95:49:6B:BF:08:4D:ED:DF:58:F2:52:79:3E:22:6D:C6:52:84:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01823F678072D4C0C7B1D5DDF2954E89C134
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5VJa78ITe3fWPJSeT4ibcZShD4.roa
Signing time: Wed 27 Jul 2022 11:25:23 +0000
ROA not before: Wed 27 Jul 2022 11:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:67:80:72:d4:c0:c7:b1:d5:dd:f2:95:4e:89:c1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 27 11:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b95496bbf084deddf58f252793e226dc652843e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:be:56:da:86:3e:73:e6:ca:27:59:06:a3:
2f:13:ba:1d:56:f5:b6:67:a9:99:76:31:c6:6d:2c:
07:94:e6:9b:8d:bb:e9:13:e1:02:7f:63:db:11:85:
77:ce:50:ff:31:a1:71:46:6e:33:ef:ae:ee:f5:74:
e6:78:32:64:31:c5:c8:03:d6:bc:e2:6b:3d:24:0a:
5a:f0:cf:5f:8e:e2:8a:fb:c8:70:1e:dd:83:b4:4e:
1b:72:73:38:85:29:99:bb:be:34:2b:af:ba:4a:81:
dc:63:dc:2e:e0:de:e7:d4:5c:58:d3:8a:f4:16:d8:
9d:e0:fb:c6:93:b6:57:52:73:3c:09:15:46:b4:2a:
2b:6b:a2:f6:65:25:92:c7:e6:70:fb:a3:a3:48:21:
fe:e9:a2:bc:ef:8b:12:4c:81:62:8d:a8:30:c5:72:
08:37:d1:a2:e2:87:11:ce:4f:05:db:cb:c8:ea:24:
a8:3e:75:7d:dc:c7:5c:41:4f:c0:f9:5a:35:b3:ca:
e1:8c:e7:0d:3d:1f:b6:3d:12:f9:00:4e:d4:27:10:
69:b2:29:e1:22:fb:f1:a0:a3:d6:28:67:4f:a9:b0:
c2:5f:b6:ff:04:f9:3f:46:b5:42:ef:e6:8d:4b:85:
a7:48:9f:8b:e1:51:59:0c:52:48:99:3a:8a:76:ed:
01:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:95:49:6B:BF:08:4D:ED:DF:58:F2:52:79:3E:22:6D:C6:52:84:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5VJa78ITe3fWPJSeT4ibcZShD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0/24
80.76.50.0/24
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
109.206.239.0/24
178.215.225.0-178.215.227.255
178.215.236.0/23
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.35.18.0/23
193.37.42.0/24
193.37.47.0/24
193.47.62.0/23
193.222.97.0/24
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b5:51:fd:b4:97:82:4e:3f:35:b0:b8:7c:07:c8:af:ff:2e:
8c:9c:0c:ab:57:31:3a:a8:cd:45:7c:e8:d4:39:2a:29:cd:b5:
b3:b2:8a:f5:22:7b:16:18:0e:d9:77:0d:51:dd:46:24:45:17:
a7:67:95:7a:b4:2a:e2:4f:cf:43:7d:8a:04:15:47:da:7f:b0:
ff:d8:aa:01:e1:80:aa:e7:86:4f:c1:89:71:7b:ab:3d:18:99:
57:56:bb:6d:24:29:79:5f:3f:c2:3b:62:29:d5:4d:9c:38:7f:
5e:6f:33:4d:53:28:23:5e:72:b7:29:20:a9:2f:d8:ca:5f:69:
57:e4:18:53:d1:78:4c:19:c7:e3:d7:a6:1e:35:ed:6b:a9:fa:
de:bd:d7:65:70:3c:01:23:27:86:58:31:eb:5a:dd:0d:4b:a4:
a8:57:fe:49:a8:ae:84:5b:8f:0a:2f:f5:b8:4b:5f:69:7c:ef:
6c:eb:4d:28:3e:7d:d4:32:94:44:c6:62:e3:1d:23:ac:24:fa:
ca:62:c7:4e:10:53:f2:50:84:32:f5:0e:22:cd:2d:7b:1a:b2:
a9:d8:2d:7b:d7:ef:36:10:97:54:bf:be:98:b4:95:10:93:a3:
5b:30:4d:63:df:a3:04:7a:1d:96:f8:0d:53:84:94:c5:c8:de:
0a:95:07:a6
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYI/Z4By1MDHsdXd8pVOicE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzI3MTEyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjk1NDk2YmJmMDg0ZGVkZGY1OGYyNTI3OTNlMjI2ZGM2NTI4NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoW+VtqGPnPmyidZBqMvE7odVvW2
Z6mZdjHGbSwHlOabjbvpE+ECf2PbEYV3zlD/MaFxRm4z767u9XTmeDJkMcXIA9a8
4ms9JApa8M9fjuKK+8hwHt2DtE4bcnM4hSmZu740K6+6SoHcY9wu4N7n1FxY04r0
Ftid4PvGk7ZXUnM8CRVGtCora6L2ZSWSx+Zw+6OjSCH+6aK874sSTIFijagwxXII
N9Gi4ocRzk8F28vI6iSoPnV93MdcQU/A+Vo1s8rhjOcNPR+2PRL5AE7UJxBpsinh
IvvxoKPWKGdPqbDCX7b/BPk/RrVC7+aNS4WnSJ+L4VFZDFJImTqKdu0BvwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFGuVSWu/CE3t31jyUnk+Im3GUoQ+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTVWSmE3OElUZTNmV1BKU2VUNGliY1pTaEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBABP
bjADBABPbj0DBABPbj8DBABQTDADBABQTDIDBABT22EDBABUNjEDBABVHy0DBABV
Hy8DBABV2ZADBABXeFQDBABXeFcwDAMEAF5nfQMEB15nAAMEAF6arAMEAG3O7zAM
AwQAstfhAwQCstfgAwQBstfsAwQAstfvMAwDBAC52EUDBAC52EYDBAC52ogDBAC5
9t0DBAG5/LADBAHBIxIDBADBJSoDBADBJS8DBAHBLz4DBADB3mEDBADCqa8DBADC
tDIDBADUV80wDQYJKoZIhvcNAQELBQADggEBABG1Uf20l4JOPzWwuHwHyK//Loyc
DKtXMTqozUV86NQ5KinNtbOyivUiexYYDtl3DVHdRiRFF6dnlXq0KuJPz0N9igQV
R9p/sP/YqgHhgKrnhk/BiXF7qz0YmVdWu20kKXlfP8I7YinVTZw4f15vM01TKCNe
crcpIKkv2MpfaVfkGFPReEwZx+PXph417Wup+t6912VwPAEjJ4ZYMeta3Q1LpKhX
/kmoroRbjwov9bhLX2l872zrTSg+fdQylETGYuMdI6wk+spix04QU/JQhDL1DiLN
LXsasqnYLXvX7zYQl1S/vpi0lRCTo1swTWPfowR6HZb4DVOElMXI3gqVB6Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org