Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h0Xu64gZq-LwK5MOTSlNwIQ_fP8.roa
File: h0Xu64gZq-LwK5MOTSlNwIQ_fP8.roa (raw, json)
Hash identifier: XJWW95CcTpQkfMCctsp7dQI0QgFiKyguxQqp8Vq+hE0=
Subject key identifier: 87:45:EE:EB:88:19:AB:E2:F0:2B:93:0E:4D:29:4D:C0:84:3F:7C:FF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01820DA35F9173FD1AF4281DB6F07628CA77
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h0Xu64gZq-LwK5MOTSlNwIQ_fP8.roa
Signing time: Sun 17 Jul 2022 19:29:46 +0000
ROA not before: Sun 17 Jul 2022 19:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0d:a3:5f:91:73:fd:1a:f4:28:1d:b6:f0:76:28:ca:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 17 19:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8745eeeb8819abe2f02b930e4d294dc0843f7cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:69:95:67:21:d1:bc:32:35:76:14:70:b2:a5:
ce:3f:0f:08:af:67:86:a4:b1:14:a4:d5:a5:17:dd:
22:51:64:bf:97:cc:8e:56:a6:9e:b8:1d:a1:1c:95:
4a:d4:e5:68:87:3c:ff:b8:9d:95:50:9b:53:40:27:
27:d9:d0:65:f9:3a:43:ab:05:70:23:25:ff:a3:f6:
93:9d:45:cf:77:d8:79:f2:6e:a7:21:40:43:06:cc:
03:21:61:15:ca:f8:10:b7:2f:42:17:5f:e4:31:5c:
1d:f1:3f:74:c3:87:97:c0:fa:89:27:52:93:24:ec:
c0:41:36:4a:f0:d5:05:68:ab:b7:0d:6a:21:26:bc:
19:a3:95:f2:af:14:e4:b3:6a:99:2a:d7:38:94:2a:
c2:fb:63:7e:8e:9b:42:61:c3:df:5d:d6:7d:17:e9:
fa:68:68:2a:42:a7:eb:6e:50:e9:25:62:6f:09:62:
a4:05:2b:1e:e8:0d:85:31:ff:85:2b:73:71:d7:60:
a6:2e:4b:fc:84:04:e3:a4:4d:80:42:a8:9a:cd:3d:
9f:27:37:d1:42:a7:3b:be:40:25:de:e5:d0:d9:1f:
8c:6f:93:5f:5a:19:35:83:70:ce:1c:3e:63:26:55:
ee:c8:47:aa:18:1f:03:ad:44:91:84:4a:a8:b0:04:
a5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:45:EE:EB:88:19:AB:E2:F0:2B:93:0E:4D:29:4D:C0:84:3F:7C:FF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h0Xu64gZq-LwK5MOTSlNwIQ_fP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
80.76.51.0/24
85.217.145.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/24
185.252.178.0/23
185.254.37.0/24
193.47.61.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:4f:5f:e1:d5:d7:67:83:e3:2a:6e:11:01:f5:c5:29:67:56:
0b:eb:2d:19:52:ad:85:1c:37:61:d9:8f:f9:46:5f:32:55:79:
2d:0a:3f:77:ad:e4:ac:ae:23:c6:18:62:86:66:c1:62:e2:0b:
75:25:c7:72:ca:50:0d:31:8e:d5:bc:8c:b5:6f:bf:16:44:0c:
06:69:da:14:9b:90:12:1f:e2:8b:cf:b6:3d:9e:53:c8:c8:22:
04:f6:f5:c4:3b:72:f2:8a:84:47:32:a3:62:33:94:7f:40:55:
20:f2:60:ec:60:f2:d7:34:98:ec:ee:c4:f3:ba:b7:25:2d:14:
da:f7:5a:57:2e:15:a5:87:81:58:7e:5e:a9:e7:a0:bc:fa:32:
03:a4:20:ee:46:8c:d5:5d:47:79:c8:dd:f7:67:8e:ed:ca:23:
a9:27:56:ad:12:f0:d0:4f:24:c2:2d:c8:9a:32:ca:09:a5:51:
12:07:34:7a:38:d5:48:39:4a:bb:ef:d2:17:7d:f1:30:1d:52:
7b:7f:d7:9c:da:df:e3:92:37:ae:09:1c:f2:5b:08:2c:cf:e5:
79:d2:c8:6a:fc:06:af:05:62:26:74:48:ec:52:d5:13:4f:d9:
33:0b:09:60:07:ff:d0:7d:d6:a5:d7:c0:aa:92:7e:91:7a:ff:
5f:3b:eb:ac
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYINo1+Rc/0a9CgdtvB2KMp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzE3MTkyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ1ZWVlYjg4MTlhYmUyZjAyYjkzMGU0ZDI5NGRjMDg0M2Y3Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWmVZyHRvDI1dhRwsqXOPw8Ir2eG
pLEUpNWlF90iUWS/l8yOVqaeuB2hHJVK1OVohzz/uJ2VUJtTQCcn2dBl+TpDqwVw
IyX/o/aTnUXPd9h58m6nIUBDBswDIWEVyvgQty9CF1/kMVwd8T90w4eXwPqJJ1KT
JOzAQTZK8NUFaKu3DWohJrwZo5XyrxTks2qZKtc4lCrC+2N+jptCYcPfXdZ9F+n6
aGgqQqfrblDpJWJvCWKkBSse6A2FMf+FK3Nx12CmLkv8hATjpE2AQqiazT2fJzfR
Qqc7vkAl3uXQ2R+Mb5NfWhk1g3DOHD5jJlXuyEeqGB8DrUSRhEqosASl8wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIdF7uuIGavi8CuTDk0pTcCEP3z/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDBYdTY0Z1pxLUx3SzVNT1RTbE53SVFfZlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBJYuAAwQA
UEwzAwQAVdmRAwQAudhHAwQAueFJAwQAufbcAwQBufyyAwQAuf4lAwQAwS89MA0G
CSqGSIb3DQEBCwUAA4IBAQCiT1/h1ddng+MqbhEB9cUpZ1YL6y0ZUq2FHDdh2Y/5
Rl8yVXktCj93reSsriPGGGKGZsFi4gt1JcdyylANMY7VvIy1b78WRAwGadoUm5AS
H+KLz7Y9nlPIyCIE9vXEO3LyioRHMqNiM5R/QFUg8mDsYPLXNJjs7sTzurclLRTa
91pXLhWlh4FYfl6p56C8+jIDpCDuRozVXUd5yN33Z47tyiOpJ1atEvDQTyTCLcia
MsoJpVESBzR6ONVIOUq779IXffEwHVJ7f9ec2t/jkjeuCRzyWwgsz+V50shq/Aav
BWImdEjsUtUTT9kzCwlgB//Qfdal18Cqkn6Rev9fO+us
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org