Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bV_IkfYeNF9_qcA7Mgg4aRBzkCg.roa
File: bV_IkfYeNF9_qcA7Mgg4aRBzkCg.roa (raw, json)
Hash identifier: WInRiAlQUOpWzlrwA9T0HB2q32FuPT3zG5FZqYzs/pM=
Subject key identifier: 6D:5F:C8:91:F6:1E:34:5F:7F:A9:C0:3B:32:08:38:69:10:73:90:28
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184756C9FF05DFD7B06A0B50179DD8574AA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bV_IkfYeNF9_qcA7Mgg4aRBzkCg.roa
Signing time: Mon 14 Nov 2022 09:16:03 +0000
ROA not before: Mon 14 Nov 2022 09:16:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.180.51.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:6c:9f:f0:5d:fd:7b:06:a0:b5:01:79:dd:85:74:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 14 09:16:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5fc891f61e345f7fa9c03b3208386910739028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5d:5e:1a:a9:cd:51:96:aa:84:f7:e8:6d:b8:
b1:85:d5:d1:d0:fd:cd:6b:c9:d6:60:27:b7:e7:e4:
98:6b:52:95:cc:2a:f0:57:69:fd:da:36:83:44:62:
fa:96:9d:96:25:b9:26:9e:34:cb:df:c3:62:91:6b:
73:2d:5a:53:c3:75:1f:cc:5c:5c:47:af:56:2a:82:
8d:40:1c:58:2f:3b:37:d4:e8:de:00:18:57:03:c4:
61:74:94:a9:e7:9e:b6:2a:0c:f1:5e:c3:b5:3d:e8:
be:a0:e6:f3:9a:69:21:f1:9f:04:1d:8a:78:5e:42:
51:b9:8b:81:df:00:de:f5:88:c3:f8:50:6d:6f:64:
1d:68:2b:ee:42:82:32:a7:37:00:be:7e:40:a8:23:
d9:a2:33:de:dc:3a:2a:d6:80:54:2d:1b:f5:d7:f0:
ab:a7:81:38:8b:2a:62:a4:3e:87:d3:b6:93:a5:43:
03:c4:3f:47:40:b8:e5:72:f3:e0:3c:9e:44:c3:b2:
3c:93:e4:38:f5:5f:69:f7:0a:e5:17:d8:06:8a:03:
bd:4f:a2:59:9f:1e:ba:4f:e1:3a:9a:a7:ce:1c:ca:
c1:b5:61:0d:4f:11:d6:49:08:d0:e6:c3:f8:6d:ae:
95:0f:8b:5e:49:07:b2:a8:c7:0f:57:59:6c:1f:cb:
a0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5F:C8:91:F6:1E:34:5F:7F:A9:C0:3B:32:08:38:69:10:73:90:28
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bV_IkfYeNF9_qcA7Mgg4aRBzkCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
87.121.220.0/24
94.154.162.0/24
193.37.43.0/24
193.42.34.0/24
194.55.224.0/23
194.55.227.0/24
194.169.173.0/24
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
31:62:8a:59:7f:c3:54:fc:98:d7:1e:ac:61:63:51:bb:99:a2:
20:0a:d1:95:d3:29:24:eb:88:cb:85:48:96:41:4c:0e:8c:fb:
2c:9c:dd:b1:b8:f3:da:cc:46:ad:bd:5e:b2:19:4b:59:e1:5e:
70:08:2d:e8:f6:17:d4:26:3b:3c:2a:1d:1e:6c:97:50:3f:30:
c5:53:c4:44:d3:5c:de:37:aa:b7:80:7e:12:b7:00:79:3f:41:
30:00:d1:35:52:3b:78:34:fe:87:91:87:56:b8:91:aa:77:1b:
e4:17:35:bf:4e:16:5c:53:8d:02:5b:ce:3c:2e:63:00:a8:51:
74:c9:2c:f7:85:ac:1f:5a:9f:91:3a:39:98:3d:93:6e:02:52:
09:f9:fe:20:e3:7a:f0:f7:71:75:12:e2:33:48:3f:21:3d:59:
69:33:c9:ef:c2:31:c2:a2:b2:8c:cc:92:d1:54:4b:60:8f:6d:
a0:3a:46:5c:69:65:3d:14:7a:9d:57:01:7d:12:a8:bd:b4:3c:
02:f1:13:cf:c8:17:26:b5:6d:c8:c7:df:c7:56:93:13:06:7f:
28:02:d9:d6:6f:36:78:74:da:fd:fe:65:51:61:ea:b4:4e:d9:
04:7b:83:e7:3f:77:ff:80:01:77:3b:4d:c4:32:1a:d0:ca:d1:
1b:04:55:28
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYR1bJ/wXf17BqC1AXndhXSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTE0MDkxNjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVmYzg5MWY2MWUzNDVmN2ZhOWMwM2IzMjA4Mzg2OTEwNzM5MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql1eGqnNUZaqhPfobbixhdXR0P3N
a8nWYCe35+SYa1KVzCrwV2n92jaDRGL6lp2WJbkmnjTL38NikWtzLVpTw3UfzFxc
R69WKoKNQBxYLzs31OjeABhXA8RhdJSp5562KgzxXsO1Pei+oObzmmkh8Z8EHYp4
XkJRuYuB3wDe9YjD+FBtb2QdaCvuQoIypzcAvn5AqCPZojPe3Doq1oBULRv11/Cr
p4E4iypipD6H07aTpUMDxD9HQLjlcvPgPJ5Ew7I8k+Q49V9p9wrlF9gGigO9T6JZ
nx66T+E6mqfOHMrBtWENTxHWSQjQ5sP4ba6VD4teSQeyqMcPV1lsH8ugkwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFG1fyJH2HjRff6nAOzIIOGkQc5AoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYlZfSWtmWWVORjlfcWNBN01nZzRhUkJ6a0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAU9tgAwQA
VBWtAwQAVDYyAwQAV3ncAwQAXpqiAwQAwSUrAwQAwSoiAwQBwjfgAwQAwjfjAwQA
wqmtAwQAwrQzMA0GCSqGSIb3DQEBCwUAA4IBAQAxYopZf8NU/JjXHqxhY1G7maIg
CtGV0ykk64jLhUiWQUwOjPssnN2xuPPazEatvV6yGUtZ4V5wCC3o9hfUJjs8Kh0e
bJdQPzDFU8RE01zeN6q3gH4StwB5P0EwANE1Ujt4NP6HkYdWuJGqdxvkFzW/ThZc
U40CW848LmMAqFF0ySz3hawfWp+ROjmYPZNuAlIJ+f4g43rw93F1EuIzSD8hPVlp
M8nvwjHCorKMzJLRVEtgj22gOkZcaWU9FHqdVwF9Eqi9tDwC8RPPyBcmtW3Ix9/H
VpMTBn8oAtnWbzZ4dNr9/mVRYeq0TtkEe4PnP3f/gAF3O03EMhrQytEbBFUo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org