Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cFe0hNhW915hPyPQtE0NOJFE7n0.roa
File: cFe0hNhW915hPyPQtE0NOJFE7n0.roa (raw, json)
Hash identifier: bx90N7zhuT+S1PTtRwCQQGjvXss1QdsEHEHD87KA4UY=
Subject key identifier: 70:57:B4:84:D8:56:F7:5E:61:3F:23:D0:B4:4D:0D:38:91:44:EE:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E35EEF0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cFe0hNhW915hPyPQtE0NOJFE7n0.roa
Signing time: Fri 29 Apr 2022 13:38:45 +0000
ROA not before: Fri 29 Apr 2022 13:38:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.180.50.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 506851056 (0x1e35eef0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 29 13:38:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7057b484d856f75e613f23d0b44d0d389144ee7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5f:39:8a:63:be:1c:70:bc:81:b2:a3:9b:f6:
8e:07:44:51:6e:4d:88:d3:87:39:0e:f3:4b:2a:af:
a8:5b:a5:db:1b:04:c9:f9:92:d8:e0:ff:88:6e:be:
9a:01:cc:f7:82:99:a5:28:3b:d2:1d:c2:c6:13:83:
17:4c:c0:1d:3a:4c:66:3d:7b:89:ac:24:a6:01:f6:
35:df:38:9b:34:22:e3:ee:72:f2:b2:7c:59:8e:b7:
5e:a3:ef:44:f5:84:3d:49:6b:ec:0b:03:5a:8f:9e:
76:8e:11:d8:d9:2d:d5:af:6f:05:30:df:16:1e:c5:
d5:d2:5f:04:32:d4:18:f8:4c:69:08:c5:3b:a5:ca:
3e:1d:f0:1c:32:dd:69:ac:4f:af:84:c7:6b:1c:ba:
35:4d:5e:f8:b8:91:76:91:9f:bc:b2:57:92:ff:59:
b3:50:5b:ad:c4:e7:57:01:e9:04:2a:7d:74:3b:67:
1f:d4:1b:ba:d0:45:0c:1d:6a:14:a5:a0:1a:c9:a5:
cd:7b:ca:da:10:27:0d:70:c5:c8:a0:29:ab:05:35:
b5:8b:87:dd:07:60:f7:bb:7e:d9:d5:42:a8:2a:32:
8f:69:6b:21:6d:79:1b:48:06:6a:1a:d5:ee:94:5b:
01:db:cf:87:8b:1d:f4:8f:ca:3d:10:2f:cb:f2:e8:
ff:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:B4:84:D8:56:F7:5E:61:3F:23:D0:B4:4D:0D:38:91:44:EE:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cFe0hNhW915hPyPQtE0NOJFE7n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/22
83.219.96.0/22
178.215.224.0/22
185.252.176.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/22
194.55.184.0/23
194.55.187.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3d:cb:3a:bd:c6:6d:34:d5:0a:fe:08:5f:a1:35:78:6f:d8:
e1:ca:dd:58:8e:fa:0b:1c:74:8c:d9:2e:89:44:23:80:ec:44:
06:e6:2d:ea:9c:1a:da:5e:e3:4e:db:55:f2:75:8b:d6:e8:5f:
a6:8f:8e:ea:2d:ea:4c:86:f4:b7:f7:46:b1:d8:c7:a0:75:21:
05:29:26:8c:8d:df:29:a4:19:70:7e:72:ac:e0:3e:17:04:87:
3e:83:07:19:d0:3a:be:e9:f8:81:cc:6d:ca:55:6e:11:36:50:
fe:16:f7:83:19:98:6b:71:79:c6:1d:3e:9f:b6:29:f2:11:b8:
39:a3:53:7a:17:3b:08:7f:43:07:10:ed:cf:29:08:68:19:84:
b0:53:b9:c5:1d:bc:5d:01:50:cb:df:d6:21:63:ac:b6:3d:ef:
2e:29:dc:e4:c8:fb:80:43:6b:70:87:10:c2:43:69:ac:b5:af:
c4:2b:e9:8a:ec:e8:e8:8c:7a:a6:89:6f:e2:9a:31:10:35:03:
67:2f:13:5f:57:be:68:80:ca:05:d0:45:e6:d0:ac:e9:2b:59:
8b:a8:58:72:bc:86:11:71:d2:99:cd:95:17:b3:26:5a:35:6b:
2d:24:e9:9e:c8:3a:0e:cf:19:24:0b:09:e0:28:d7:37:d9:35:
fb:97:c9:d9
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEHjXu8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQy
OTEzMzg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA1N2I0ODRkODU2
Zjc1ZTYxM2YyM2QwYjQ0ZDBkMzg5MTQ0ZWU3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZfOYpjvhxwvIGyo5v2jgdEUW5NiNOHOQ7zSyqvqFul2xsE
yfmS2OD/iG6+mgHM94KZpSg70h3CxhODF0zAHTpMZj17iawkpgH2Nd84mzQi4+5y
8rJ8WY63XqPvRPWEPUlr7AsDWo+edo4R2Nkt1a9vBTDfFh7F1dJfBDLUGPhMaQjF
O6XKPh3wHDLdaaxPr4THaxy6NU1e+LiRdpGfvLJXkv9Zs1BbrcTnVwHpBCp9dDtn
H9QbutBFDB1qFKWgGsmlzXvK2hAnDXDFyKApqwU1tYuH3Qdg97t+2dVCqCoyj2lr
IW15G0gGahrV7pRbAdvPh4sd9I/KPRAvy/Lo//cCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRwV7SE2Fb3XmE/I9C0TQ04kUTufTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2NGZTBoTmhXOTE1aFB5UFF0RTBOT0pGRTduMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEASWLggMEAk9uMAMEAlPbYAMEArLX
4AMEALn8sAMEAMEvPAMEAcEvPgMEAsIw+AMEAcI3uAMEAMI3uwMEAMK0MjANBgkq
hkiG9w0BAQsFAAOCAQEAPz3LOr3GbTTVCv4IX6E1eG/Y4crdWI76Cxx0jNkuiUQj
gOxEBuYt6pwa2l7jTttV8nWL1uhfpo+O6i3qTIb0t/dGsdjHoHUhBSkmjI3fKaQZ
cH5yrOA+FwSHPoMHGdA6vun4gcxtylVuETZQ/hb3gxmYa3F5xh0+n7Yp8hG4OaNT
ehc7CH9DBxDtzykIaBmEsFO5xR28XQFQy9/WIWOstj3vLinc5Mj7gENrcIcQwkNp
rLWvxCvpiuzo6Ix6polv4poxEDUDZy8TX1e+aIDKBdBF5tCs6StZi6hYcryGEXHS
mc2VF7MmWjVrLSTpnsg6Ds8ZJAsJ4CjXN9k1+5fJ2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org