Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b6-AWKTvUz2up4sVAIeI5zJbR4U.roa
File: b6-AWKTvUz2up4sVAIeI5zJbR4U.roa (raw, json)
Hash identifier: 74NB15Dn9OBkNN3/TsvKLsjBTDM2k5XrdD5sz5PryHs=
Subject key identifier: 6F:AF:80:58:A4:EF:53:3D:AE:A7:8B:15:00:87:88:E7:32:5B:47:85
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01821216A61CE4117F539FE69A7CA15627F4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b6-AWKTvUz2up4sVAIeI5zJbR4U.roa
Signing time: Mon 18 Jul 2022 16:14:10 +0000
ROA not before: Mon 18 Jul 2022 16:14:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:16:a6:1c:e4:11:7f:53:9f:e6:9a:7c:a1:56:27:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 18 16:14:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6faf8058a4ef533daea78b15008788e7325b4785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:ee:ee:74:4d:07:a5:08:2e:5a:8b:17:07:
31:2f:d5:67:ab:b0:70:1f:0d:31:a5:6c:0c:0b:22:
80:3e:fa:7c:8b:40:44:66:fb:e6:01:17:20:90:eb:
1c:1b:d2:59:91:65:df:19:a8:78:f2:aa:70:ca:5f:
c9:48:67:5a:21:1f:9b:69:61:23:2d:d6:a2:23:39:
b3:cd:0c:fb:c3:5c:4c:99:dc:7e:b4:5c:fa:1c:5e:
a2:a8:c3:49:91:7d:05:53:32:20:cb:c6:9f:d1:0a:
60:9b:62:5d:c1:3d:27:ad:db:a2:2d:8d:6a:30:92:
4f:96:f7:0f:82:e4:f0:74:0f:b2:5c:d5:19:c0:dc:
9e:0f:ee:32:f4:4a:49:0f:d5:1b:f9:03:ba:0a:bd:
9d:b4:59:96:d1:f8:ff:1a:33:7a:d4:2f:51:55:2e:
14:16:1b:b4:09:23:81:3d:fe:3f:60:62:d2:be:a4:
88:97:43:b6:84:a9:c9:46:bc:5d:cc:83:70:87:b8:
fd:2e:0b:14:df:3c:ca:18:77:62:f5:45:cf:3c:8f:
65:8b:33:a1:8e:8a:b8:4d:f0:60:13:98:94:38:cd:
8b:75:62:7b:4d:49:7c:3e:18:fb:33:f0:37:29:19:
80:b7:64:d6:d0:ca:1e:64:52:bf:4e:a9:1c:a5:a7:
30:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AF:80:58:A4:EF:53:3D:AE:A7:8B:15:00:87:88:E7:32:5B:47:85
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/b6-AWKTvUz2up4sVAIeI5zJbR4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
79.110.62.0/24
80.76.51.0/24
85.217.145.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/24
185.252.178.0/23
185.254.37.0/24
193.47.61.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4e:37:fe:dc:5f:a8:0c:a5:a0:ce:c4:a7:7a:8e:a7:53:4d:
97:b6:cc:9b:25:fb:98:cb:8b:68:3e:11:c6:71:d8:b5:6f:02:
47:86:e0:7e:83:ba:4d:50:dc:9b:02:d9:cb:7f:aa:22:23:5e:
57:99:bd:38:c8:b9:8b:0d:1a:14:5b:8c:e4:41:85:45:e8:cb:
20:43:0e:6f:96:bb:51:e9:0a:2a:5a:dc:74:2c:49:3e:be:56:
07:2a:e7:3f:f7:a0:55:25:52:b5:b3:c1:f8:8d:ff:63:fd:c5:
01:3c:9d:65:6f:06:1f:3b:1d:b9:42:66:8b:ef:14:06:90:ef:
82:56:88:96:09:49:68:91:a2:c2:3e:65:76:7c:cf:a9:92:38:
af:67:f2:b7:ca:8c:45:6e:d3:ae:02:26:5c:c6:9e:2d:75:a9:
95:8f:65:59:21:16:11:3b:54:2b:b0:83:f5:c7:81:1d:63:4e:
b8:8b:97:1d:0e:4d:0f:44:37:45:dc:42:ca:5f:78:6b:d7:55:
f7:01:60:b9:d1:38:e0:c3:44:fa:85:f7:24:f6:8c:54:5d:b0:
74:5e:67:fd:bc:aa:56:7b:5c:22:e9:90:4d:2c:ee:43:45:10:
41:29:73:9b:75:bb:07:2a:2d:dc:e7:33:7b:da:75:f1:1f:42:
90:6d:b5:76
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYISFqYc5BF/U5/mmnyhVif0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzE4MTYxNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFmODA1OGE0ZWY1MzNkYWVhNzhiMTUwMDg3ODhlNzMyNWI0Nzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvInu7nRNB6UILlqLFwcxL9Vnq7Bw
Hw0xpWwMCyKAPvp8i0BEZvvmARcgkOscG9JZkWXfGah48qpwyl/JSGdaIR+baWEj
LdaiIzmzzQz7w1xMmdx+tFz6HF6iqMNJkX0FUzIgy8af0Qpgm2JdwT0nrduiLY1q
MJJPlvcPguTwdA+yXNUZwNyeD+4y9EpJD9Ub+QO6Cr2dtFmW0fj/GjN61C9RVS4U
Fhu0CSOBPf4/YGLSvqSIl0O2hKnJRrxdzINwh7j9LgsU3zzKGHdi9UXPPI9lizOh
joq4TfBgE5iUOM2LdWJ7TUl8Phj7M/A3KRmAt2TW0MoeZFK/TqkcpacwOwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG+vgFik71M9rqeLFQCHiOcyW0eFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYjYtQVdLVHZVejJ1cDRzVkFJZUk1ekpiUjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBJYuAAwQA
T24+AwQAUEwzAwQAVdmRAwQAudhHAwQAueFJAwQAufbcAwQBufyyAwQAuf4lAwQA
wS89MA0GCSqGSIb3DQEBCwUAA4IBAQBiTjf+3F+oDKWgzsSneo6nU02XtsybJfuY
y4toPhHGcdi1bwJHhuB+g7pNUNybAtnLf6oiI15Xmb04yLmLDRoUW4zkQYVF6Msg
Qw5vlrtR6QoqWtx0LEk+vlYHKuc/96BVJVK1s8H4jf9j/cUBPJ1lbwYfOx25QmaL
7xQGkO+CVoiWCUlokaLCPmV2fM+pkjivZ/K3yoxFbtOuAiZcxp4tdamVj2VZIRYR
O1QrsIP1x4EdY064i5cdDk0PRDdF3ELKX3hr11X3AWC50Tjgw0T6hfck9oxUXbB0
Xmf9vKpWe1wi6ZBNLO5DRRBBKXObdbsHKi3c5zN72nXxH0KQbbV2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:14 2024 by rpki-client on console-fra.rpki-client.org