Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hv-DTZ2Sm_z02fdPjaQkHAKLqro.roa
File: hv-DTZ2Sm_z02fdPjaQkHAKLqro.roa (raw, json)
Hash identifier: WRqRi1sN5wUI4FB1vsSAlLc7M6T8zPwghz4Cf8UVWoQ=
Subject key identifier: 86:FF:83:4D:9D:92:9B:FC:F4:D9:F7:4F:8D:A4:24:1C:02:8B:AA:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E16900D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hv-DTZ2Sm_z02fdPjaQkHAKLqro.roa
Signing time: Thu 21 Apr 2022 05:25:39 +0000
ROA not before: Thu 21 Apr 2022 05:25:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.180.50.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 504795149 (0x1e16900d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 05:25:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86ff834d9d929bfcf4d9f74f8da4241c028baaba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f6:e1:bb:61:2b:76:cc:fe:c5:69:7c:11:7d:
d1:81:b2:b8:c6:78:45:1e:98:58:3d:e8:b7:c2:2b:
95:63:42:15:c6:2e:82:d6:c1:15:b6:4e:da:1d:e9:
ef:67:80:ee:fd:e6:2f:4c:8b:d7:2d:70:98:0c:7b:
2e:66:3d:af:26:ba:c0:4f:75:75:5a:2c:aa:f3:6f:
04:75:9b:8d:13:08:c3:b3:ee:3f:f0:f9:28:fe:ae:
85:b3:84:dd:35:50:27:f1:bf:13:c0:c1:ad:23:82:
67:31:ee:28:2b:b8:72:8e:b3:fb:c9:0b:64:74:77:
f4:2e:36:e8:3f:66:5a:1a:59:19:46:02:91:dc:4d:
c0:96:06:ee:7e:4d:91:bd:db:cf:b8:af:0d:0c:56:
0b:53:a6:2b:8d:59:77:87:91:c7:67:c8:9c:b4:3c:
a6:e6:b5:b1:91:21:ba:cf:2e:30:3b:0d:14:f6:9a:
41:7f:96:18:03:30:8f:07:e4:32:05:c9:b9:37:fd:
68:5e:b9:ee:41:31:0d:97:81:56:0b:d6:a9:b0:9a:
46:ee:f8:eb:b7:6b:af:c5:7b:b8:58:bf:21:eb:ab:
5e:90:ab:d9:d3:f0:41:c0:cd:6d:89:3c:ea:a7:f0:
fb:9c:92:ab:6c:fd:a3:b9:bd:6a:1a:4b:37:f5:78:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FF:83:4D:9D:92:9B:FC:F4:D9:F7:4F:8D:A4:24:1C:02:8B:AA:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hv-DTZ2Sm_z02fdPjaQkHAKLqro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/22
83.219.96.0/22
178.215.224.0/22
185.252.176.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/23
194.48.251.0/24
194.55.184.0/23
194.55.187.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
42:5c:aa:82:ff:e6:96:f9:99:25:3c:9d:2c:d3:2d:ce:60:d4:
24:9a:1c:c7:95:00:00:6c:cd:14:45:b4:ce:6f:b3:5b:a6:67:
12:51:57:0c:c1:cb:cf:ae:c5:54:df:1d:a9:0a:d6:d6:4d:40:
84:62:a5:37:6a:1c:43:c5:5c:aa:a3:b0:b1:10:b0:35:14:0e:
99:06:3d:88:29:f6:24:c4:71:4d:85:2f:09:ad:a6:92:1d:4f:
df:ad:63:c7:02:61:85:c2:87:9a:49:7a:a1:be:d1:e9:d1:01:
e9:40:3e:1b:4d:79:bf:d4:4e:ea:b9:8d:6c:dd:52:10:a8:ff:
9d:21:fe:5f:32:66:a9:44:60:b7:a5:cb:47:7f:d5:2d:d4:11:
a7:51:4b:45:5b:18:67:18:02:37:61:a3:99:d3:cf:27:38:3c:
e6:d7:ec:0f:5f:94:ec:d5:14:15:e1:a1:be:c1:8a:77:e2:b2:
14:63:e6:9d:b2:05:ef:24:79:b8:db:28:14:28:8d:a2:a9:d2:
2a:ad:ba:5d:30:f4:61:9d:37:2b:89:18:97:ea:90:29:d2:eb:
27:dc:18:3b:94:09:2d:56:2a:bd:12:4f:c1:68:b4:77:49:8d:
f2:5c:ab:d1:b2:89:30:9b:44:69:5b:34:3e:46:9c:41:ca:b6:
1e:16:df:de
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEHhaQDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQy
MTA1MjUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZmZjgzNGQ5ZDky
OWJmY2Y0ZDlmNzRmOGRhNDI0MWMwMjhiYWFiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMH24bthK3bM/sVpfBF90YGyuMZ4RR6YWD3ot8IrlWNCFcYu
gtbBFbZO2h3p72eA7v3mL0yL1y1wmAx7LmY9rya6wE91dVosqvNvBHWbjRMIw7Pu
P/D5KP6uhbOE3TVQJ/G/E8DBrSOCZzHuKCu4co6z+8kLZHR39C426D9mWhpZGUYC
kdxNwJYG7n5Nkb3bz7ivDQxWC1OmK41Zd4eRx2fInLQ8pua1sZEhus8uMDsNFPaa
QX+WGAMwjwfkMgXJuTf9aF657kExDZeBVgvWqbCaRu7467drr8V7uFi/IeurXpCr
2dPwQcDNbYk86qfw+5ySq2z9o7m9ahpLN/V4df8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBSG/4NNnZKb/PTZ90+NpCQcAouqujAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2h2LURUWjJTbV96MDJmZFBqYVFrSEFLTHFyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEASWLggMEAk9uMAMEAlPbYAMEArLX
4AMEALn8sAMEAMEvPAMEAcEvPgMEAcIw+AMEAMIw+wMEAcI3uAMEAMI3uwMEAMK0
MjANBgkqhkiG9w0BAQsFAAOCAQEAQlyqgv/mlvmZJTydLNMtzmDUJJocx5UAAGzN
FEW0zm+zW6ZnElFXDMHLz67FVN8dqQrW1k1AhGKlN2ocQ8VcqqOwsRCwNRQOmQY9
iCn2JMRxTYUvCa2mkh1P361jxwJhhcKHmkl6ob7R6dEB6UA+G015v9RO6rmNbN1S
EKj/nSH+XzJmqURgt6XLR3/VLdQRp1FLRVsYZxgCN2GjmdPPJzg85tfsD1+U7NUU
FeGhvsGKd+KyFGPmnbIF7yR5uNsoFCiNoqnSKq26XTD0YZ03K4kYl+qQKdLrJ9wY
O5QJLVYqvRJPwWi0d0mN8lyr0bKJMJtEaVs0PkacQcq2Hhbf3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org