Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCCbe_0gLTn_2FDiBrDJiwKYeWI.roa
File: dCCbe_0gLTn_2FDiBrDJiwKYeWI.roa (raw, json)
Hash identifier: 1ou7o2eOcgn5S+7wCZaxQlRPBLdB8woyw19aRJHc9qU=
Subject key identifier: 74:20:9B:7B:FD:20:2D:39:FF:D8:50:E2:06:B0:C9:8B:02:98:79:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0181D24D957F1AA26A1B390C064B95A27428
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCCbe_0gLTn_2FDiBrDJiwKYeWI.roa
Signing time: Wed 06 Jul 2022 06:58:28 +0000
ROA not before: Wed 06 Jul 2022 06:58:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22653
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
84.54.50.0/23 maxlen: 24
194.55.227.0/24 maxlen: 24
193.37.43.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
194.169.173.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d2:4d:95:7f:1a:a2:6a:1b:39:0c:06:4b:95:a2:74:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 6 06:58:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74209b7bfd202d39ffd850e206b0c98b02987962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d1:2c:a9:5a:94:9b:99:02:9c:fc:35:85:12:
d6:f2:02:5c:4a:ca:39:05:67:a5:c0:a4:94:a7:6a:
1a:db:c7:fb:6a:34:7f:ba:6d:28:8e:47:00:21:91:
f5:3d:9a:8e:22:28:a1:f6:5d:91:b1:47:41:84:eb:
0f:97:8a:fd:af:5c:89:a8:ad:cc:80:b1:d2:e4:29:
cf:2c:a3:47:7a:bb:d0:21:95:3b:79:01:6e:56:59:
ae:b0:18:6e:0c:3b:a6:e7:dc:bd:e3:1a:1d:87:12:
28:3d:66:89:10:51:a7:42:ae:ba:6a:7c:ae:b5:7c:
70:b0:62:6f:b2:62:6f:28:cc:c4:9e:0e:4f:1f:66:
c5:e8:f7:fe:f8:9b:e5:92:8b:d1:56:28:4c:b8:bf:
c4:7e:41:d2:17:0c:90:3e:10:9c:ac:66:3c:5e:bd:
02:06:ac:ee:12:e8:68:82:ad:e5:c6:8b:b4:ec:a1:
c7:ad:66:d4:80:69:83:c0:dc:16:3e:d3:19:83:38:
77:92:da:ca:d9:8e:72:40:a0:a5:e3:01:9e:c7:09:
2c:3f:2a:76:b3:8b:c6:dc:cd:12:62:88:54:20:7b:
70:66:4b:09:9c:23:b3:b7:b7:72:b4:65:70:b0:b4:
b2:82:76:49:04:3f:a4:70:6b:b3:34:35:e8:4e:d1:
6f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:20:9B:7B:FD:20:2D:39:FF:D8:50:E2:06:B0:C9:8B:02:98:79:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dCCbe_0gLTn_2FDiBrDJiwKYeWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
79.110.49.0/24
84.54.50.0/23
94.154.161.0-94.154.163.255
193.37.43.0/24
194.48.251.0/24
194.55.224.0/22
194.169.173.0-194.169.174.255
194.180.49.0/24
Signature Algorithm: sha256WithRSAEncryption
78:8f:b3:3b:b9:b0:ec:02:9c:e0:04:47:73:3e:73:b6:b1:ec:
dc:c5:79:52:37:70:ae:7e:47:60:4a:36:43:e9:84:27:be:5d:
67:62:8f:36:12:1a:2e:53:20:e7:41:03:9b:33:5e:bc:ec:97:
71:98:6c:1c:f9:6c:ad:1f:ad:a8:06:7a:38:c8:6c:7d:29:e0:
f5:7c:8a:78:d5:9b:7d:61:83:b5:e0:b9:1c:78:cb:93:3a:95:
aa:4f:7c:ca:5b:34:a5:c4:6e:2b:cd:01:f7:d0:73:1b:94:1c:
4b:f6:40:c6:d0:3d:a0:61:4c:94:87:bf:d6:7b:4f:58:16:be:
20:aa:7f:51:e0:63:d6:5c:e8:ef:82:30:08:c3:9c:f9:a7:83:
dc:ec:6f:9d:6c:99:29:35:fb:cb:d1:68:29:5d:46:1b:c3:bd:
75:81:d9:ce:b5:e3:b5:cd:8a:1b:47:66:77:8f:c9:e0:0d:5d:
a5:a6:d6:ac:22:de:af:59:c6:d0:bd:07:9c:0d:d9:03:89:59:
c2:9a:70:99:a8:92:25:b5:42:1e:76:f6:9a:c1:b3:56:b5:ed:
db:f0:60:d0:9b:54:ba:ab:f3:a9:be:38:f9:8a:a7:19:4d:97:
3d:13:8d:d0:e3:92:bf:f8:12:34:87:dd:cf:34:d5:77:6f:6d:
65:c0:da:85
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYHSTZV/GqJqGzkMBkuVonQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzA2MDY1ODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDIwOWI3YmZkMjAyZDM5ZmZkODUwZTIwNmIwYzk4YjAyOTg3OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitEsqVqUm5kCnPw1hRLW8gJcSso5
BWelwKSUp2oa28f7ajR/um0ojkcAIZH1PZqOIiih9l2RsUdBhOsPl4r9r1yJqK3M
gLHS5CnPLKNHervQIZU7eQFuVlmusBhuDDum59y94xodhxIoPWaJEFGnQq66anyu
tXxwsGJvsmJvKMzEng5PH2bF6Pf++JvlkovRVihMuL/EfkHSFwyQPhCcrGY8Xr0C
BqzuEuhogq3lxou07KHHrWbUgGmDwNwWPtMZgzh3ktrK2Y5yQKCl4wGexwksPyp2
s4vG3M0SYohUIHtwZksJnCOzt7dytGVwsLSygnZJBD+kcGuzNDXoTtFvjQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHQgm3v9IC05/9hQ4gawyYsCmHliMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZENDYmVfMGdMVG5fMkZEaUJyREppd0tZZVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCH6l8AwQA
T24xAwQBVDYyMAwDBABemqEDBAJemqADBADBJSsDBADCMPsDBALCN+AwDAMEAMKp
rQMEAMKprgMEAMK0MTANBgkqhkiG9w0BAQsFAAOCAQEAeI+zO7mw7AKc4ARHcz5z
trHs3MV5Ujdwrn5HYEo2Q+mEJ75dZ2KPNhIaLlMg50EDmzNevOyXcZhsHPlsrR+t
qAZ6OMhsfSng9XyKeNWbfWGDteC5HHjLkzqVqk98yls0pcRuK80B99BzG5QcS/ZA
xtA9oGFMlIe/1ntPWBa+IKp/UeBj1lzo74IwCMOc+aeD3OxvnWyZKTX7y9FoKV1G
G8O9dYHZzrXjtc2KG0dmd4/J4A1dpabWrCLer1nG0L0HnA3ZA4lZwppwmaiSJbVC
Hnb2msGzVrXt2/Bg0JtUuqvzqb44+YqnGU2XPRON0OOSv/gSNIfdzzTVd29tZcDa
hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org