Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aBrSEmdD5wHRHVv-EfhPzgB5fe8.roa
File: aBrSEmdD5wHRHVv-EfhPzgB5fe8.roa (raw, json)
Hash identifier: RhbgUKeMHLBx2kIs9QniKgL6/oh6b1hn4BTRjeUUNlI=
Subject key identifier: 68:1A:D2:12:67:43:E7:01:D1:1D:5B:FE:11:F8:4F:CE:00:79:7D:EF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1CC5E654
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aBrSEmdD5wHRHVv-EfhPzgB5fe8.roa
Signing time: Tue 18 Jan 2022 11:49:22 +0000
ROA not before: Tue 18 Jan 2022 11:49:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
79.110.60.0/22 maxlen: 24
83.219.96.0/22 maxlen: 24
185.218.136.0/22 maxlen: 24
82.115.208.0/22 maxlen: 24
193.37.40.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482731604 (0x1cc5e654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 18 11:49:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=681ad2126743e701d11d5bfe11f84fce00797def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6b:bd:85:72:0d:55:c1:0b:3b:45:83:2b:cc:
61:27:9f:e1:f3:98:71:1a:e1:a2:82:bc:d0:bf:e6:
cc:68:6e:c4:1c:57:da:a6:35:a6:8a:3b:67:0f:2c:
59:b1:76:04:e2:37:2e:e8:1f:b0:6f:6f:3a:7a:9e:
82:57:1d:fb:e7:59:7b:dd:d3:09:b3:c6:d9:ed:1f:
cb:2f:a6:52:b7:fe:25:93:15:f5:5f:3c:64:1b:49:
cc:37:bc:88:2a:eb:44:90:58:52:7c:9e:df:b4:59:
4a:a9:ec:bb:07:4c:24:31:ef:b6:2e:e5:fb:6b:9a:
c0:b0:d8:ae:c9:1a:aa:51:35:7e:74:e6:c6:09:a8:
f5:9f:61:d2:79:f3:12:90:bf:57:9c:be:d0:7f:74:
1f:c1:8e:13:b5:54:d7:8e:01:0a:ac:a8:7f:32:42:
0c:ad:4a:b4:3f:d2:53:6d:ac:13:39:f1:54:27:3b:
ac:d7:a7:94:c5:91:85:34:05:cd:b7:82:bf:a9:de:
c6:1f:61:3b:b9:38:36:5a:b0:cf:7c:11:7e:5b:af:
be:34:aa:5d:80:6c:66:71:d0:64:1b:e9:5e:ea:fd:
57:9e:a9:40:6e:78:3f:1f:9d:55:b0:67:d1:74:33:
fb:85:02:9a:e7:f5:ad:f0:01:8b:8b:1d:d0:a8:bd:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1A:D2:12:67:43:E7:01:D1:1D:5B:FE:11:F8:4F:CE:00:79:7D:EF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aBrSEmdD5wHRHVv-EfhPzgB5fe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.60.0/22
81.161.237.0/24
82.115.208.0/22
83.219.96.0/22
185.218.136.0/22
193.37.40.0/22
Signature Algorithm: sha256WithRSAEncryption
83:5e:d1:35:32:14:c5:1a:82:f3:d7:32:b0:ab:67:5e:66:ac:
75:52:5d:bf:ae:59:09:04:73:c2:5c:21:c4:c8:ab:f0:29:9e:
32:bb:f0:8f:a0:e9:c7:83:4b:9a:66:fb:28:f1:25:40:d3:b6:
96:20:1f:70:17:dd:51:a9:91:bf:51:b2:cc:d5:20:8b:62:a5:
a0:39:6e:c6:32:15:57:c4:18:18:6e:7b:aa:c6:b7:c1:43:84:
87:14:77:f2:94:a7:9e:a0:b0:2e:33:4e:45:d5:14:1c:36:86:
06:e1:02:77:08:78:88:9e:2f:2d:88:83:07:28:30:df:de:d2:
7f:34:03:a6:85:f8:c6:3c:c5:00:cd:3d:e6:0d:6f:5c:b1:5a:
6a:c8:c6:f9:3a:4b:7f:48:b5:28:46:6e:fe:e8:00:44:ff:16:
14:b9:84:80:d0:b1:4a:ad:a0:ac:3c:ce:c7:69:7e:0a:a1:11:
35:c7:10:2d:0d:19:07:05:9c:d6:2e:39:dc:f2:55:b7:0c:c7:
51:5b:7a:de:d0:b1:93:e0:f5:54:83:ce:c5:62:e5:e8:9e:29:
69:83:49:51:f7:1d:39:3d:dd:d1:a3:b9:50:78:e5:2a:7a:9d:
6d:f3:4e:48:2a:43:7a:90:8d:7e:bd:73:6c:18:31:d5:58:fc:
f4:b6:f3:b0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEHMXmVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEx
ODExNDkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgxYWQyMTI2NzQz
ZTcwMWQxMWQ1YmZlMTFmODRmY2UwMDc5N2RlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZrvYVyDVXBCztFgyvMYSef4fOYcRrhooK80L/mzGhuxBxX
2qY1poo7Zw8sWbF2BOI3LugfsG9vOnqeglcd++dZe93TCbPG2e0fyy+mUrf+JZMV
9V88ZBtJzDe8iCrrRJBYUnye37RZSqnsuwdMJDHvti7l+2uawLDYrskaqlE1fnTm
xgmo9Z9h0nnzEpC/V5y+0H90H8GOE7VU144BCqyofzJCDK1KtD/SU22sEznxVCc7
rNenlMWRhTQFzbeCv6nexh9hO7k4Nlqwz3wRfluvvjSqXYBsZnHQZBvpXur9V56p
QG54Px+dVbBn0XQz+4UCmuf1rfABi4sd0Ki96tsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRoGtISZ0PnAdEdW/4R+E/OAHl97zAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2FCclNFbWRENXdIUkhWdi1FZmhQemdCNWZlOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAk9uPAMEAFGh7QMEAlJz0AMEAlPb
YAMEArnaiAMEAsElKDANBgkqhkiG9w0BAQsFAAOCAQEAg17RNTIUxRqC89cysKtn
XmasdVJdv65ZCQRzwlwhxMir8CmeMrvwj6Dpx4NLmmb7KPElQNO2liAfcBfdUamR
v1GyzNUgi2KloDluxjIVV8QYGG57qsa3wUOEhxR38pSnnqCwLjNORdUUHDaGBuEC
dwh4iJ4vLYiDBygw397SfzQDpoX4xjzFAM095g1vXLFaasjG+TpLf0i1KEZu/ugA
RP8WFLmEgNCxSq2grDzOx2l+CqERNccQLQ0ZBwWc1i453PJVtwzHUVt63tCxk+D1
VIPOxWLl6J4paYNJUfcdOT3d0aO5UHjlKnqdbfNOSCpDepCNfr1zbBgx1Vj89Lbz
sA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org