Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iG6AOh-iSnvIi2YPeeVDwSHxY-Y.roa
File: iG6AOh-iSnvIi2YPeeVDwSHxY-Y.roa (raw, json)
Hash identifier: 94qWbyiLbOITXxEIBmzY9+3xs+PvBffbnITa42UlwaE=
Subject key identifier: 88:6E:80:3A:1F:A2:4A:7B:C8:8B:66:0F:79:E5:43:C1:21:F1:63:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82137624779381D83C4F0A456BE065
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iG6AOh-iSnvIi2YPeeVDwSHxY-Y.roa
Signing time: Sun 01 Jan 2023 13:25:19 +0000
ROA not before: Sun 01 Jan 2023 13:25:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 85.217.145.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:13:76:24:77:93:81:d8:3c:4f:0a:45:6b:e0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886e803a1fa24a7bc88b660f79e543c121f163e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d3:6d:de:fd:6b:d2:06:ef:73:17:84:95:5f:
ca:af:20:de:53:d3:5d:e7:c2:cf:ea:1f:02:ed:64:
46:13:73:09:40:ca:e4:b6:11:16:38:2c:0a:d8:62:
58:84:65:11:84:29:7f:dc:68:04:b6:47:23:63:4d:
05:cd:bf:79:f9:49:f1:30:b7:26:96:62:4f:c3:3a:
e5:84:a0:0d:cc:8a:76:47:05:2c:25:a6:fa:49:bc:
8b:e7:27:62:a9:f5:cd:8d:e8:2a:51:12:1d:75:67:
60:2f:d5:c9:fb:de:0b:cb:62:21:b3:ca:c3:df:fd:
03:da:0a:29:92:9a:23:52:69:6f:6d:80:5e:ff:bd:
4e:f4:16:02:b8:4a:6b:0e:e9:e6:cf:c1:56:eb:e9:
69:ef:b8:13:be:47:d9:27:f2:b2:b0:b0:cd:64:9f:
ca:8d:2b:9d:33:63:38:61:9f:ac:17:e3:8a:c6:51:
82:65:2a:23:3c:60:68:68:e8:7e:b3:1f:28:fd:88:
0f:69:6e:1b:f7:04:cd:e4:92:82:8b:76:e1:7e:fb:
60:fd:62:55:e9:0b:df:74:de:ae:ea:92:60:84:3c:
c3:96:cf:c1:50:39:a7:94:ac:0d:c5:c1:59:31:32:
1e:da:53:81:60:a2:c9:83:34:fc:35:a9:9f:71:48:
ce:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6E:80:3A:1F:A2:4A:7B:C8:8B:66:0F:79:E5:43:C1:21:F1:63:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iG6AOh-iSnvIi2YPeeVDwSHxY-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
45.66.230.0/24
45.81.39.0/24
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
85.31.44.0/24
85.31.46.0/24
85.217.145.0/24
109.206.240.0/23
109.206.243.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.47.61.0/24
194.55.186.0/24
194.180.48.0/24
Signature Algorithm: sha256WithRSAEncryption
76:4c:a5:9e:51:d6:a9:a5:e5:76:9a:d3:4c:67:9e:58:33:e0:
e7:9c:a6:c1:af:2b:16:7c:07:cc:31:c6:f7:9f:56:dd:c0:fa:
88:e7:ca:e3:8c:39:ae:f6:dc:60:5f:ac:de:a6:4d:fb:9b:05:
7a:2a:35:16:eb:78:9a:20:97:75:dd:d6:9c:e6:e9:e5:22:8b:
c6:05:9a:27:a6:e8:94:52:ed:28:84:b4:4a:cb:77:9d:7a:27:
cc:2c:8f:00:99:b9:46:2e:41:40:b8:7e:55:90:26:40:6e:79:
fd:97:b3:b6:d6:68:76:a2:eb:84:97:aa:d1:74:e8:9a:a3:17:
bc:55:81:56:0b:72:e0:cc:14:b6:59:c4:45:da:3d:a0:06:b6:
21:4f:55:c4:0e:68:79:8a:6b:ad:aa:c4:2b:be:f6:e1:18:e4:
19:e8:ac:7d:48:01:29:7e:77:a0:b7:58:e1:84:f9:7e:22:67:
3d:c7:cb:e9:4d:b9:4f:fc:fa:f3:bc:6b:85:5f:09:d1:be:a9:
69:cd:5f:ed:54:3e:15:e1:73:6c:6f:40:c4:fe:bd:e4:f8:7d:
df:4c:fd:91:82:40:d6:08:ef:c3:44:2c:f8:be:4a:e0:1b:c0:
80:fc:c2:c7:a2:6c:90:f7:da:0c:dc:d3:2a:97:47:0c:bd:59:
92:12:3e:ec
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYVtghN2JHeTgdg8TwpFa+BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZlODAzYTFmYTI0YTdiYzg4YjY2MGY3OWU1NDNjMTIxZjE2M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNNt3v1r0gbvcxeElV/KryDeU9Nd
58LP6h8C7WRGE3MJQMrkthEWOCwK2GJYhGURhCl/3GgEtkcjY00Fzb95+UnxMLcm
lmJPwzrlhKANzIp2RwUsJab6SbyL5ydiqfXNjegqURIddWdgL9XJ+94Ly2Ihs8rD
3/0D2gopkpojUmlvbYBe/71O9BYCuEprDunmz8FW6+lp77gTvkfZJ/KysLDNZJ/K
jSudM2M4YZ+sF+OKxlGCZSojPGBoaOh+sx8o/YgPaW4b9wTN5JKCi3bhfvtg/WJV
6QvfdN6u6pJghDzDls/BUDmnlKwNxcFZMTIe2lOBYKLJgzT8NamfcUjOvwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFIhugDofokp7yItmD3nlQ8Eh8WPmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaUc2QU9oLWlTbnZJaTJZUGVlVkR3U0h4WS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEASWLgAME
AC1C5gMEAC1RJwMEAU9uPgMEAFBMMwMEAFQVrAMEAFUfLAMEAFUfLgMEAFXZkQME
AW3O8AMEAG3O8wMEALnYRwMEALnhSQMEAbn23AMEALn8sgMEALn+JQMEAMEvPQME
AMI3ugMEAMK0MDANBgkqhkiG9w0BAQsFAAOCAQEAdkylnlHWqaXldprTTGeeWDPg
55ymwa8rFnwHzDHG959W3cD6iOfK44w5rvbcYF+s3qZN+5sFeio1Fut4miCXdd3W
nObp5SKLxgWaJ6bolFLtKIS0Sst3nXonzCyPAJm5Ri5BQLh+VZAmQG55/ZezttZo
dqLrhJeq0XTomqMXvFWBVgty4MwUtlnERdo9oAa2IU9VxA5oeYprrarEK7724Rjk
GeisfUgBKX53oLdY4YT5fiJnPcfL6U25T/z687xrhV8J0b6pac1f7VQ+FeFzbG9A
xP695Ph930z9kYJA1gjvw0Qs+L5K4BvAgPzCx6JskPfaDNzTKpdHDL1ZkhI+7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org