Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5WIJWQbapiAihuH2EpJqc4oqmw.roa
File: a5WIJWQbapiAihuH2EpJqc4oqmw.roa (raw, json)
Hash identifier: c8DayXFvw6ysO9FDsQ0rdHNjZR2IR79qqh5T/epkefI=
Subject key identifier: 6B:95:88:25:64:1B:6A:98:80:8A:1B:87:D8:4A:49:A9:CE:28:AA:6C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018431D1488B722495408D0D4B730DDB7F22
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5WIJWQbapiAihuH2EpJqc4oqmw.roa
Signing time: Tue 01 Nov 2022 06:11:49 +0000
ROA not before: Tue 01 Nov 2022 06:11:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:31:d1:48:8b:72:24:95:40:8d:0d:4b:73:0d:db:7f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 1 06:11:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b958825641b6a98808a1b87d84a49a9ce28aa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:85:4f:22:ff:26:cd:8f:e7:cf:a9:09:9e:
ab:ef:3d:b3:fb:19:7d:0c:14:88:8f:59:e5:11:c0:
02:d4:af:42:44:1e:1b:c2:c4:64:22:87:78:15:e5:
63:00:66:7c:69:e8:62:34:c6:9a:ee:70:ad:b7:ae:
12:0a:dd:c2:05:93:01:8f:29:98:a7:33:ba:dd:5e:
be:38:36:5a:ea:52:56:6c:26:71:85:fd:89:41:42:
52:41:50:bc:8d:e1:fe:07:05:53:6e:4d:82:9b:16:
18:f5:d9:1e:0a:db:3c:d8:0b:18:21:be:2b:36:fd:
e1:46:60:68:20:fa:42:67:df:7f:eb:8f:93:bf:cc:
89:8b:75:3f:88:fc:b1:29:f3:04:ac:28:9c:3f:5d:
35:be:7b:c1:91:bb:9a:f2:7d:8b:31:b8:1e:65:b6:
e8:9f:d7:f5:a8:f7:13:69:a2:df:8d:b8:6f:be:cb:
fe:52:e4:d2:26:54:e4:31:77:9a:1e:be:a7:7d:c3:
e7:d0:11:1c:c5:b1:1c:a4:b3:3a:22:ef:ed:ef:40:
64:4c:61:b7:ee:bc:15:7d:48:78:80:ba:bf:8b:7e:
63:bf:3a:7c:f4:b7:ab:d0:41:07:3e:0a:22:2d:00:
7b:91:6e:df:84:a7:13:73:a5:51:55:93:b2:e2:8c:
17:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:95:88:25:64:1B:6A:98:80:8A:1B:87:D8:4A:49:A9:CE:28:AA:6C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a5WIJWQbapiAihuH2EpJqc4oqmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.96.0/24
84.21.173.0/24
94.154.162.0/24
193.37.43.0/24
194.55.224.0/23
194.55.227.0/24
194.169.173.0/24
Signature Algorithm: sha256WithRSAEncryption
59:56:b3:72:4f:c0:4d:5f:ae:ac:72:c3:fd:63:91:fb:09:2c:
2e:38:80:36:53:d1:72:38:43:6f:6d:32:9b:6f:73:21:04:37:
0f:cc:d8:35:2a:29:0a:7c:ba:15:6c:67:7b:5e:7d:53:0d:29:
14:0b:68:02:9c:d1:de:8b:65:14:13:52:4e:91:f9:68:da:0b:
56:76:d0:0a:8b:b6:3d:4e:76:93:d2:3b:74:30:a0:e0:27:fd:
1c:b3:c7:6b:7d:a9:66:21:62:0f:09:29:d9:21:01:95:40:b5:
c0:80:24:1e:76:6a:7d:58:7f:90:b3:cb:40:c4:43:f1:cf:b3:
c7:c8:6a:4f:09:ea:70:8e:af:78:7e:50:8b:e7:42:e6:35:f9:
4a:43:b9:52:15:96:08:c2:18:80:6a:1a:24:9c:08:54:cb:6a:
dc:72:43:ea:c5:0e:c9:3f:e6:1c:bd:2c:d1:41:1e:e3:5a:2e:
21:21:cb:7b:72:69:06:24:0d:2b:53:b1:03:ff:15:fa:6b:d3:
6c:ba:b9:2f:e7:d2:7c:6d:bf:e8:f5:ad:1a:0d:2e:8c:3c:d0:
11:b6:0f:79:17:08:3b:5b:a3:85:06:17:5e:55:d9:3d:4e:35:
79:85:75:79:47:d3:a5:d6:f0:fb:af:f5:46:12:de:d8:96:a7:
bd:34:a8:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQx0UiLciSVQI0NS3MN238iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTAxMDYxMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjk1ODgyNTY0MWI2YTk4ODA4YTFiODdkODRhNDlhOWNlMjhhYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCSFTyL/Js2P58+pCZ6r7z2z+xl9
DBSIj1nlEcAC1K9CRB4bwsRkIod4FeVjAGZ8aehiNMaa7nCtt64SCt3CBZMBjymY
pzO63V6+ODZa6lJWbCZxhf2JQUJSQVC8jeH+BwVTbk2CmxYY9dkeCts82AsYIb4r
Nv3hRmBoIPpCZ99/64+Tv8yJi3U/iPyxKfMErCicP101vnvBkbua8n2LMbgeZbbo
n9f1qPcTaaLfjbhvvsv+UuTSJlTkMXeaHr6nfcPn0BEcxbEcpLM6Iu/t70BkTGG3
7rwVfUh4gLq/i35jvzp89Ler0EEHPgoiLQB7kW7fhKcTc6VRVZOy4owXdwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGuViCVkG2qYgIobh9hKSanOKKpsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTVXSUpXUWJhcGlBaWh1SDJFcEpxYzRvcW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAU9tgAwQA
VBWtAwQAXpqiAwQAwSUrAwQBwjfgAwQAwjfjAwQAwqmtMA0GCSqGSIb3DQEBCwUA
A4IBAQBZVrNyT8BNX66scsP9Y5H7CSwuOIA2U9FyOENvbTKbb3MhBDcPzNg1KikK
fLoVbGd7Xn1TDSkUC2gCnNHei2UUE1JOkflo2gtWdtAKi7Y9TnaT0jt0MKDgJ/0c
s8drfalmIWIPCSnZIQGVQLXAgCQedmp9WH+Qs8tAxEPxz7PHyGpPCepwjq94flCL
50LmNflKQ7lSFZYIwhiAahoknAhUy2rcckPqxQ7JP+YcvSzRQR7jWi4hIct7cmkG
JA0rU7ED/xX6a9Nsurkv59J8bb/o9a0aDS6MPNARtg95Fwg7W6OFBhdeVdk9TjV5
hXV5R9Ol1vD7r/VGEt7Ylqe9NKj2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org