Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cfGLi637ERRqKgKviHJzLgREv04.roa
File: cfGLi637ERRqKgKviHJzLgREv04.roa (raw, json)
Hash identifier: S17umYwg9at1MQ3wefUEKEE28iJx0Ei9UkZOHuqsXYc=
Subject key identifier: 71:F1:8B:8B:AD:FB:11:14:6A:2A:02:AF:88:72:73:2E:04:44:BF:4E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01863B7290E9D558CBDBBF3C35B475C96A18
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cfGLi637ERRqKgKviHJzLgREv04.roa
Signing time: Fri 10 Feb 2023 13:10:08 +0000
ROA not before: Fri 10 Feb 2023 13:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 81.161.230.0/24 maxlen: 24
94.156.234.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
94.156.160.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:72:90:e9:d5:58:cb:db:bf:3c:35:b4:75:c9:6a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 10 13:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f18b8badfb11146a2a02af8872732e0444bf4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6d:e7:df:e3:89:50:cb:35:c8:fe:2f:6f:f0:
94:1b:70:20:20:79:78:35:5c:47:f2:5c:1b:8b:78:
39:af:3f:c2:53:2b:5c:cd:3e:49:11:59:d9:04:77:
cc:a1:6b:53:ac:d9:66:c3:55:68:e5:e9:37:1f:52:
53:d4:56:e7:d6:0d:80:4e:1f:57:d0:34:e1:cd:fa:
54:66:a0:f6:8e:b1:50:4f:54:bf:5f:80:6c:b4:d2:
33:1e:be:a8:d0:24:bd:a0:b1:12:4f:fb:cc:f6:22:
ce:4b:3f:7b:1f:7a:f1:6e:e4:80:6c:2c:c2:96:d4:
1e:05:8a:0a:e1:c5:43:de:1b:6e:a2:97:c5:7e:29:
60:77:d3:24:fd:f9:e4:cb:b0:bc:37:0e:d2:26:2d:
f6:e0:c3:89:42:6d:19:84:c3:47:1e:16:a8:d6:18:
fd:c5:da:94:dc:b7:fb:63:55:eb:4d:b4:c3:61:97:
01:0b:19:95:5a:a1:7d:1e:cd:cd:d0:5a:bc:58:e9:
f1:2b:b5:f5:b8:df:fd:ec:20:42:bd:b1:72:18:cf:
6d:b3:22:77:89:70:cf:bc:0a:e3:b4:ea:96:71:1f:
1c:92:78:ef:96:1b:6e:9a:3e:4c:e4:1f:82:c5:61:
b1:15:35:cc:b8:8a:90:60:2b:94:82:ea:f6:18:be:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F1:8B:8B:AD:FB:11:14:6A:2A:02:AF:88:72:73:2E:04:44:BF:4E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cfGLi637ERRqKgKviHJzLgREv04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.12.255.0/24
45.66.228.0/24
45.84.91.0/24
45.88.64.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
81.161.230.0/24
94.154.162.0/24
94.156.160.0/24
94.156.234.0/24
176.125.252.0/24
178.215.226.0/24
185.222.160.0/24
185.222.162.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/24
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ed:e1:b4:b4:d7:52:de:1a:d3:3b:b1:ee:82:4b:7b:e1:76:
c3:44:47:6d:06:47:be:68:a7:99:74:02:cd:4a:ba:71:f8:82:
69:5d:fe:0f:5d:0b:3a:2f:51:f6:bb:09:e3:78:aa:29:b1:1a:
74:11:5d:23:9f:e5:a6:87:94:a0:8a:13:08:b4:31:e7:15:4e:
2a:c6:82:76:41:c9:11:25:a7:df:98:1d:b8:5d:fc:87:26:69:
0b:33:41:54:f9:fa:01:9c:35:03:99:77:dc:2f:ad:78:74:d7:
24:05:6c:9f:2c:09:f2:49:f6:5d:87:a9:49:6c:3b:d4:45:2b:
a5:8f:8b:d3:1a:af:69:72:18:31:97:03:c3:9f:73:f5:6b:04:
17:56:1b:b0:91:f9:bf:0b:93:15:75:c4:15:ed:77:0e:1a:2d:
51:b5:61:27:47:83:41:07:a4:f6:98:87:43:33:c7:d4:ac:9c:
1d:fb:d0:f3:00:46:35:9f:21:09:0f:e7:20:48:86:73:58:b5:
60:9a:0b:de:cb:44:e8:04:34:14:00:16:3f:27:df:b2:c9:4a:
de:20:e9:0d:d0:fa:c5:88:f6:f7:5a:68:c2:ed:69:6c:f2:1e:
16:44:32:d7:f7:b9:0c:c1:64:a5:99:e4:05:f1:1a:df:e6:27:
ae:ba:1d:f8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYY7cpDp1VjL2788NbR1yWoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjEwMTMxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYxOGI4YmFkZmIxMTE0NmEyYTAyYWY4ODcyNzMyZTA0NDRiZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg23n3+OJUMs1yP4vb/CUG3AgIHl4
NVxH8lwbi3g5rz/CUytczT5JEVnZBHfMoWtTrNlmw1Vo5ek3H1JT1Fbn1g2ATh9X
0DThzfpUZqD2jrFQT1S/X4BstNIzHr6o0CS9oLEST/vM9iLOSz97H3rxbuSAbCzC
ltQeBYoK4cVD3htuopfFfilgd9Mk/fnky7C8Nw7SJi324MOJQm0ZhMNHHhao1hj9
xdqU3Lf7Y1XrTbTDYZcBCxmVWqF9Hs3N0Fq8WOnxK7X1uN/97CBCvbFyGM9tsyJ3
iXDPvArjtOqWcR8cknjvlhtumj5M5B+CxWGxFTXMuIqQYCuUgur2GL6rnQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHHxi4ut+xEUaioCr4hycy4ERL9OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY2ZHTGk2MzdFUlJxS2dLdmlISnpMZ1JFdjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC0J
nAMEAC0M/wMEAC1C5AMEAC1UWwMEAC1YQAMEAC2BVAMEAC2BVgMEAC2LaAMEAFGh
5gMEAF6aogMEAF6coAMEAF6c6gMEALB9/AMEALLX4gMEALneoAMEALneogMEAMEq
IgMEAMEvPAMEAMEvPwMEAMI34AMEAMK0JzANBgkqhkiG9w0BAQsFAAOCAQEAWO3h
tLTXUt4a0zux7oJLe+F2w0RHbQZHvminmXQCzUq6cfiCaV3+D10LOi9R9rsJ43iq
KbEadBFdI5/lpoeUoIoTCLQx5xVOKsaCdkHJESWn35gduF38hyZpCzNBVPn6AZw1
A5l33C+teHTXJAVsnywJ8kn2XYepSWw71EUrpY+L0xqvaXIYMZcDw59z9WsEF1Yb
sJH5vwuTFXXEFe13DhotUbVhJ0eDQQek9piHQzPH1KycHfvQ8wBGNZ8hCQ/nIEiG
c1i1YJoL3stE6AQ0FAAWPyffsslK3iDpDdD6xYj291powu1pbPIeFkQy1/e5DMFk
pZnkBfEa3+Ynrrod+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org