Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hLk02Df6CZC-VsF_Gg_vJLYUVxs.roa
File: hLk02Df6CZC-VsF_Gg_vJLYUVxs.roa (raw, json)
Hash identifier: BdXnTR8sjkO5Ia/qfMjvt9kSneLjZNnCQzt5gULe7NI=
Subject key identifier: 84:B9:34:D8:37:FA:09:90:BE:56:C1:7F:1A:0F:EF:24:B6:14:57:1B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1D00A56A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hLk02Df6CZC-VsF_Gg_vJLYUVxs.roa
Signing time: Thu 03 Feb 2022 16:22:31 +0000
ROA not before: Thu 03 Feb 2022 16:22:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 212.87.223.0/24 maxlen: 24
212.87.221.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
37.139.128.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 486581610 (0x1d00a56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 3 16:22:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84b934d837fa0990be56c17f1a0fef24b614571b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ec:ed:30:05:a4:0f:dd:2a:ff:3c:6e:58:cd:
3d:d4:cf:9d:6d:4c:60:89:16:0d:80:37:18:30:38:
92:56:72:f8:33:b4:a5:65:80:33:0c:04:b1:9c:59:
ae:43:4d:f6:0c:81:d7:3b:03:1b:d6:a7:ba:b2:ee:
01:16:d0:27:58:f9:67:27:d3:4d:71:56:b0:1a:a8:
ca:25:37:3d:84:41:f8:16:04:75:81:d7:d0:00:10:
59:fb:bf:de:e7:87:4b:fc:a1:8f:e2:72:24:ae:85:
69:4d:c0:62:35:c1:19:88:02:b7:c5:b0:71:bf:87:
27:05:1b:26:1f:10:bf:62:13:4d:db:ce:d4:eb:db:
c5:41:65:4e:97:5f:64:c0:54:66:7b:16:5f:7c:4e:
84:fd:5a:5a:37:8d:fe:d5:32:14:e4:68:33:76:3a:
7c:03:43:9e:b1:5b:7a:d0:15:61:86:16:1a:3f:26:
cc:5f:6a:1f:4a:41:8c:96:71:04:2e:5e:29:5b:08:
b2:b4:fe:b9:e9:88:bc:6a:26:06:53:e4:e0:38:22:
71:9b:2d:5e:11:a4:3d:37:c6:27:fd:68:a0:61:a5:
a2:39:e3:16:fa:b4:18:3a:6c:8b:8a:7a:07:f5:b1:
49:58:62:63:85:42:d7:1b:5b:36:41:1e:a7:4e:93:
d8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B9:34:D8:37:FA:09:90:BE:56:C1:7F:1A:0F:EF:24:B6:14:57:1B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hLk02Df6CZC-VsF_Gg_vJLYUVxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/22
94.103.124.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:f4:8d:c1:15:55:f6:8f:78:4f:ae:2d:e0:08:41:ce:07:84:
a5:c2:7e:3c:f4:5c:d5:0e:6f:bc:fe:a9:cf:d7:fa:34:fb:e3:
0d:1b:62:7f:a8:31:89:39:26:45:6f:71:84:c9:41:16:6b:b6:
b3:00:dd:82:f9:13:e8:9e:ad:30:46:62:f2:2a:59:d4:a5:46:
2f:4c:e4:b2:81:9f:b5:71:85:09:0c:76:e9:ab:7d:d4:54:65:
c2:a5:ad:eb:30:df:79:ea:26:85:bb:25:60:0b:f0:ac:d3:2e:
7f:14:1c:02:98:d8:b3:18:e5:19:d8:55:93:0c:e3:50:44:37:
7a:29:a5:0f:18:cf:3c:09:e2:e5:09:0a:78:87:b1:2d:b8:69:
ae:dc:39:0f:ae:43:c7:bc:33:e6:95:ec:39:5c:35:00:bd:3f:
55:a5:0b:e6:21:36:d3:78:1d:cf:27:02:75:25:c1:f1:86:1b:
d2:cf:27:b0:90:bc:63:a4:0d:ef:3c:ca:9f:ac:e0:d1:7a:4a:
5e:88:1c:d9:23:cd:3e:bd:c1:4d:74:a4:9b:ba:be:dd:f2:cb:
6f:43:8e:f6:08:ef:fa:16:d3:13:54:5b:15:62:9d:d1:dc:41:
a4:37:95:32:48:c1:ac:5e:82:eb:93:b5:74:19:6a:fb:78:fd:
b6:ac:ee:54
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHQClajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDIw
MzE2MjIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRiOTM0ZDgzN2Zh
MDk5MGJlNTZjMTdmMWEwZmVmMjRiNjE0NTcxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfs7TAFpA/dKv88bljNPdTPnW1MYIkWDYA3GDA4klZy+DO0
pWWAMwwEsZxZrkNN9gyB1zsDG9anurLuARbQJ1j5ZyfTTXFWsBqoyiU3PYRB+BYE
dYHX0AAQWfu/3ueHS/yhj+JyJK6FaU3AYjXBGYgCt8Wwcb+HJwUbJh8Qv2ITTdvO
1OvbxUFlTpdfZMBUZnsWX3xOhP1aWjeN/tUyFORoM3Y6fANDnrFbetAVYYYWGj8m
zF9qH0pBjJZxBC5eKVsIsrT+uemIvGomBlPk4DgicZstXhGkPTfGJ/1ooGGlojnj
Fvq0GDpsi4p6B/WxSVhiY4VC1xtbNkEep06T2PsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSEuTTYN/oJkL5WwX8aD+8kthRXGzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2hMazAyRGY2Q1pDLVZzRl9HZ192SkxZVVZ4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAiWLgAMEAl5nfAMEAtRX3DANBgkq
hkiG9w0BAQsFAAOCAQEAOvSNwRVV9o94T64t4AhBzgeEpcJ+PPRc1Q5vvP6pz9f6
NPvjDRtif6gxiTkmRW9xhMlBFmu2swDdgvkT6J6tMEZi8ipZ1KVGL0zksoGftXGF
CQx26at91FRlwqWt6zDfeeomhbslYAvwrNMufxQcApjYsxjlGdhVkwzjUEQ3eiml
DxjPPAni5QkKeIexLbhprtw5D65Dx7wz5pXsOVw1AL0/VaUL5iE203gdzycCdSXB
8YYb0s8nsJC8Y6QN7zzKn6zg0XpKXogc2SPNPr3BTXSkm7q+3fLLb0OO9gjv+hbT
E1RbFWKd0dxBpDeVMkjBrF6C65O1dBlq+3j9tqzuVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org