Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ehRzxJFCf7K2nZcuHrUW5dC8gR4.roa
File: ehRzxJFCf7K2nZcuHrUW5dC8gR4.roa (raw, json)
Hash identifier: O4QnhE70nwT965O0oNXoglbu/QeVyKPUotCQTLNkEWs=
Subject key identifier: 7A:14:73:C4:91:42:7F:B2:B6:9D:97:2E:1E:B5:16:E5:D0:BC:81:1E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01844202CEDC1E92E505CB61069DA8FD7C0D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ehRzxJFCf7K2nZcuHrUW5dC8gR4.roa
Signing time: Fri 04 Nov 2022 09:39:51 +0000
ROA not before: Fri 04 Nov 2022 09:39:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:02:ce:dc:1e:92:e5:05:cb:61:06:9d:a8:fd:7c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 4 09:39:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a1473c491427fb2b69d972e1eb516e5d0bc811e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b6:ad:0c:99:fd:a3:86:ed:ad:5b:06:fa:22:
fe:55:bd:fa:d5:d6:65:2f:14:15:59:28:e1:39:b5:
67:c4:31:d4:11:5e:2f:3b:f0:be:58:b4:d7:c1:2a:
67:ba:8c:9d:b7:9a:8b:5f:69:35:5c:c8:cd:60:24:
8f:c7:f5:7e:8f:86:9b:e8:82:29:fa:87:51:87:14:
14:4a:c9:6a:c3:fe:44:46:13:30:8c:3f:a2:51:ad:
f9:f3:f4:f1:e5:c2:e6:d7:dc:4b:eb:f0:36:61:19:
b1:fe:db:ae:1d:d0:51:5b:b3:72:43:43:af:82:0f:
8b:67:52:88:a2:d3:5d:8c:98:e9:ef:2f:9a:a1:14:
d5:3c:82:20:60:d0:a3:bd:9e:73:2d:0d:6e:d8:72:
74:71:a9:81:ac:ea:14:6e:13:0c:0f:79:7d:22:09:
86:45:f8:3d:42:4b:b4:68:b2:ab:a5:79:c4:dc:7a:
8b:7d:ce:38:fc:9b:ab:6e:d1:b9:7f:8d:b7:61:a7:
f4:f6:7a:ca:8f:cf:d7:df:89:29:e2:0a:c1:6d:52:
b8:c6:a1:ef:27:0c:d1:2a:ca:65:46:f1:85:67:98:
97:5d:ee:f4:7e:94:95:43:c0:ec:58:09:39:52:d8:
9d:e9:97:54:11:25:e5:c7:fb:81:b0:37:eb:10:09:
41:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:14:73:C4:91:42:7F:B2:B6:9D:97:2E:1E:B5:16:E5:D0:BC:81:1E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ehRzxJFCf7K2nZcuHrUW5dC8gR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
84.21.173.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.239.0/24
185.216.69.0-185.216.70.255
193.25.217.0/24
193.35.19.0/24
193.47.63.0/24
194.55.224.0/23
194.55.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:17:e0:3e:d1:4f:43:38:f1:bf:50:1d:5f:30:14:09:cd:14:
61:bf:a4:b6:7f:70:92:b6:e0:b5:eb:c6:76:a5:52:a5:ea:45:
70:ae:9f:ca:b7:e1:f9:9f:a5:5b:14:96:61:c0:fe:0a:a1:db:
4a:d6:6f:2b:7c:e3:cf:e0:aa:37:05:9e:53:c3:17:a4:b5:1f:
c8:6d:8f:4e:30:33:26:56:52:f0:ad:cd:7f:29:27:8b:18:59:
61:4d:4d:b2:c4:fd:57:63:29:98:eb:c7:da:a9:b4:b4:e8:68:
09:16:3e:8a:4e:e0:11:49:be:9f:ee:aa:df:5c:20:74:66:4e:
fc:4e:20:58:b1:12:c0:ad:05:da:b9:e0:0e:1e:df:ef:99:a8:
42:54:29:1e:35:3f:e2:c4:fa:6b:64:08:3c:fa:64:df:db:e4:
c7:84:83:2a:b7:72:21:80:50:54:2c:a4:e6:ea:03:68:7e:77:
0a:1c:4e:61:6a:08:0e:17:b7:40:05:1a:89:43:b1:fc:af:6f:
bd:14:12:dc:62:98:66:4a:64:f6:67:c5:c6:95:96:fc:e6:ab:
32:b9:bd:26:23:8f:83:20:c5:9c:0d:30:97:cb:4a:1e:d8:1e:
b8:d9:eb:15:13:54:39:ba:e3:a5:dd:16:30:56:04:e1:5b:e6:
6e:5a:d6:47
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYRCAs7cHpLlBcthBp2o/XwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTA0MDkzOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE0NzNjNDkxNDI3ZmIyYjY5ZDk3MmUxZWI1MTZlNWQwYmM4MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjratDJn9o4btrVsG+iL+Vb361dZl
LxQVWSjhObVnxDHUEV4vO/C+WLTXwSpnuoydt5qLX2k1XMjNYCSPx/V+j4ab6IIp
+odRhxQUSslqw/5ERhMwjD+iUa358/Tx5cLm19xL6/A2YRmx/tuuHdBRW7NyQ0Ov
gg+LZ1KIotNdjJjp7y+aoRTVPIIgYNCjvZ5zLQ1u2HJ0camBrOoUbhMMD3l9IgmG
Rfg9Qku0aLKrpXnE3HqLfc44/JurbtG5f423Yaf09nrKj8/X34kp4grBbVK4xqHv
JwzRKsplRvGFZ5iXXe70fpSVQ8DsWAk5Utid6ZdUESXlx/uBsDfrEAlBlQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHoUc8SRQn+ytp2XLh61FuXQvIEeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZWhSenhKRkNmN0syblpjdUhyVVc1ZEM4Z1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAFBMMAME
AFQVrQMEAFQ2MQMEAFUfLQMEAFUfLwMEAFd4VwMEAF6arDAMAwQAstfhAwQCstfg
AwQAstfvMAwDBAC52EUDBAC52EYDBADBGdkDBADBIxMDBADBLz8DBAHCN+ADBADC
N+MwDQYJKoZIhvcNAQELBQADggEBAB0X4D7RT0M48b9QHV8wFAnNFGG/pLZ/cJK2
4LXrxnalUqXqRXCun8q34fmfpVsUlmHA/gqh20rWbyt848/gqjcFnlPDF6S1H8ht
j04wMyZWUvCtzX8pJ4sYWWFNTbLE/VdjKZjrx9qptLToaAkWPopO4BFJvp/uqt9c
IHRmTvxOIFixEsCtBdq54A4e3++ZqEJUKR41P+LE+mtkCDz6ZN/b5MeEgyq3ciGA
UFQspObqA2h+dwocTmFqCA4Xt0AFGolDsfyvb70UEtximGZKZPZnxcaVlvzmqzK5
vSYjj4MgxZwNMJfLSh7YHrjZ6xUTVDm646XdFjBWBOFb5m5a1kc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org