Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/g010acaZ8qOOWasS94tDWW1-Mmk.roa
File: g010acaZ8qOOWasS94tDWW1-Mmk.roa (raw, json)
Hash identifier: 1+ryJv0CfOkTZ5v+AuClGbKTwa9r4FiQr/ZDMXiEHs8=
Subject key identifier: 83:4D:74:69:C6:99:F2:A3:8E:59:AB:12:F7:8B:43:59:6D:7E:32:69
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F3651E0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/g010acaZ8qOOWasS94tDWW1-Mmk.roa
Signing time: Thu 23 Jun 2022 16:55:20 +0000
ROA not before: Thu 23 Jun 2022 16:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.175.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 523653600 (0x1f3651e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 23 16:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=834d7469c699f2a38e59ab12f78b43596d7e3269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:82:50:47:94:88:ac:d3:34:a1:9b:24:a2:27:
87:e5:b9:8e:ee:2f:d8:f4:eb:5f:8f:ea:d4:7c:cd:
de:41:54:bc:3d:61:ae:29:a6:0b:5e:80:8b:f9:c8:
93:50:89:64:78:82:a1:c2:bd:db:bb:67:b0:ff:a0:
ab:44:a3:d3:12:7f:1a:9f:11:a1:02:8e:30:53:ae:
de:ae:98:c5:9d:d2:2c:28:d3:60:f8:a0:9c:c9:72:
51:7d:65:40:08:b3:3f:b8:b3:cc:68:fb:b7:af:ff:
89:db:a0:e9:c2:16:09:d1:26:0a:57:04:8b:da:ed:
90:94:a9:a5:74:78:eb:c3:67:e3:ca:24:c7:b5:6f:
4b:0e:b4:ea:cb:db:b3:e0:da:e1:29:12:84:54:f9:
94:cf:22:e7:27:ba:db:1a:d2:05:7f:09:8b:5e:81:
1a:9f:a7:fe:01:4d:e0:8a:79:fb:75:ca:94:fd:65:
49:5d:37:01:83:f2:29:90:dc:8c:e1:3d:35:00:85:
05:4d:40:79:15:f1:66:a0:01:60:7e:4b:60:56:87:
b5:bd:92:b8:25:25:dc:16:4f:39:06:82:a2:b0:e0:
7f:e4:07:b9:a5:f2:5a:71:e2:41:30:c8:03:2f:40:
09:25:ae:d8:26:21:b6:c7:10:5f:e4:0f:5f:82:37:
e4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4D:74:69:C6:99:F2:A3:8E:59:AB:12:F7:8B:43:59:6D:7E:32:69
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/g010acaZ8qOOWasS94tDWW1-Mmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
79.110.63.0/24
80.76.48.0/23
83.219.97.0-83.219.98.255
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
94.154.174.0/23
109.206.239.0/24
178.215.224.0/22
178.215.236.0/22
185.216.69.0/24
185.218.136.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.37.42.0/24
193.37.44.0/24
193.37.47.0/24
193.47.62.0/23
193.222.96.0-193.222.98.255
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
29:a3:af:0d:b0:a5:b6:79:54:a6:74:c0:a4:d7:3f:95:bf:5d:
be:ae:ea:ff:96:78:fb:68:32:70:eb:03:90:c0:4d:3b:9a:52:
4b:70:2f:8d:1d:f3:36:f5:10:5e:7b:ce:b3:39:a4:45:51:3e:
8d:5a:be:12:2d:40:57:75:0c:ab:8f:cc:1b:72:21:1a:fa:10:
51:9b:c0:a7:a6:c0:a7:38:29:26:89:e6:00:21:f7:cf:43:7c:
82:9d:c7:df:fb:62:47:52:a7:5f:33:d2:3c:ce:a5:59:25:25:
fc:c6:34:e5:db:9b:3a:b3:c6:98:1d:f8:f1:8b:2d:8d:ac:67:
3d:82:7a:b4:69:5f:45:54:0f:3a:e4:a5:d9:84:69:9c:c0:fe:
69:43:c1:81:e6:21:bc:b8:4d:be:df:bd:9a:51:17:09:15:3f:
ec:8f:87:55:a6:d1:36:66:7d:99:a8:f5:bc:1a:36:96:b1:b8:
7c:0e:18:8a:04:ce:5e:82:5d:b2:90:af:04:e6:db:58:19:38:
ac:e0:f4:f9:eb:f2:cb:a2:89:c5:19:ee:05:68:a0:36:24:a8:
8e:c6:fb:f3:ab:58:d2:eb:02:85:43:bc:c6:22:04:07:57:54:
71:ff:3c:58:fe:d7:b2:49:30:9d:b9:0a:d0:f7:b4:8d:23:5b:
a4:05:7c:64
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIEHzZR4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
MzE2NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM0ZDc0NjljNjk5
ZjJhMzhlNTlhYjEyZjc4YjQzNTk2ZDdlMzI2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaCUEeUiKzTNKGbJKInh+W5ju4v2PTrX4/q1HzN3kFUvD1h
rimmC16Ai/nIk1CJZHiCocK927tnsP+gq0Sj0xJ/Gp8RoQKOMFOu3q6YxZ3SLCjT
YPignMlyUX1lQAizP7izzGj7t6//idug6cIWCdEmClcEi9rtkJSppXR468Nn48ok
x7VvSw606svbs+Da4SkShFT5lM8i5ye62xrSBX8Ji16BGp+n/gFN4Ip5+3XKlP1l
SV03AYPyKZDcjOE9NQCFBU1AeRXxZqABYH5LYFaHtb2SuCUl3BZPOQaCorDgf+QH
uaXyWnHiQTDIAy9ACSWu2CYhtscQX+QPX4I35FsCAwEAAaOCArowggK2MB0GA1Ud
DgQWBBSDTXRpxpnyo45ZqxL3i0NZbX4yaTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2cwMTBhY2FaOHFPT1dhc1M5NHREV1cxLU1tay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zwYIKwYBBQUHAQcBAf8Egb8wgbwwgbkEAgABMIGyAwQBJYuCAwQAT24wAwQAT24y
AwQAT24/AwQBUEwwMAwDBABT22EDBABT22IDBABXeFQDBABXeFcDBABbXHMDBABe
mqwDBAFemq4DBABtzu8DBAKy1+ADBAKy1+wDBAC52EUDBAC52ogDBAC52osDBAC5
/LADBADBIxIDBADBJSoDBADBJSwDBADBJS8DBAHBLz4wDAMEBcHeYAMEAMHeYgME
AMKprwMEAMK0MgMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEAKaOvDbCltnlUpnTA
pNc/lb9dvq7q/5Z4+2gycOsDkMBNO5pSS3AvjR3zNvUQXnvOszmkRVE+jVq+Ei1A
V3UMq4/MG3IhGvoQUZvAp6bApzgpJonmACH3z0N8gp3H3/tiR1KnXzPSPM6lWSUl
/MY05dubOrPGmB348YstjaxnPYJ6tGlfRVQPOuSl2YRpnMD+aUPBgeYhvLhNvt+9
mlEXCRU/7I+HVabRNmZ9maj1vBo2lrG4fA4YigTOXoJdspCvBObbWBk4rOD0+evy
y6KJxRnuBWigNiSojsb786tY0usChUO8xiIEB1dUcf88WP7XskkwnbkK0Pe0jSNb
pAV8ZA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-ams.rpki-client.org