Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jZqsmpcA8iXlBa9i_5Un9vSVIwg.roa
File: jZqsmpcA8iXlBa9i_5Un9vSVIwg.roa (raw, json)
Hash identifier: J2S6Z5NoLlu7Zq8j15jAQuOr4UPG4h3wlpwdjOkw4aw=
Subject key identifier: 8D:9A:AC:9A:97:00:F2:25:E5:05:AF:62:FF:95:27:F6:F4:95:23:08
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01850A7F03440B88BFFDB28C814FCDA3F92C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jZqsmpcA8iXlBa9i_5Un9vSVIwg.roa
Signing time: Tue 13 Dec 2022 07:59:34 +0000
ROA not before: Tue 13 Dec 2022 07:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
45.12.252.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.65.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
194.180.51.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:7f:03:44:0b:88:bf:fd:b2:8c:81:4f:cd:a3:f9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 13 07:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d9aac9a9700f225e505af62ff9527f6f4952308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:15:3a:b1:a3:55:2e:cf:01:91:f9:cf:d8:
ea:d8:fb:c0:2e:1d:75:ed:c8:bb:5b:28:3e:97:45:
bd:1d:cb:fd:13:1b:25:21:8e:e0:b2:59:5c:c9:ff:
d8:8e:cd:8f:4d:39:b1:2d:d0:b1:03:c8:95:d8:e5:
c1:9b:c0:fa:22:d0:5d:8f:b4:5a:8d:cd:bf:8a:78:
7c:07:8a:51:bc:c9:a1:b5:ee:ca:38:a9:3c:1e:cf:
8c:25:cd:aa:1f:af:b3:a9:f3:50:66:df:2d:9d:d3:
5e:c3:10:34:c3:2f:b8:9e:40:15:40:ca:a1:0e:ca:
bd:65:5a:d6:28:cc:08:9b:95:2d:51:4e:54:ac:7f:
8b:cf:14:a3:30:8a:c0:54:bc:76:79:03:de:59:59:
8b:f8:55:4a:5e:f1:70:fc:5f:a6:27:85:f3:1d:ec:
41:4b:be:64:a1:66:02:7a:cc:88:b1:84:a5:b1:f6:
81:e0:41:77:3a:13:aa:a7:49:d7:5c:58:ae:5d:4b:
8e:14:13:ba:b2:39:de:82:a7:e6:03:a6:69:8a:ee:
42:81:10:aa:5a:19:c7:ee:54:a4:37:c9:cf:32:df:
c6:6b:7b:07:f8:8e:e5:84:0b:20:81:7f:c4:4b:7b:
87:ba:3d:ee:62:35:90:c3:bb:60:4a:24:c4:2f:3c:
cf:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9A:AC:9A:97:00:F2:25:E5:05:AF:62:FF:95:27:F6:F4:95:23:08
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jZqsmpcA8iXlBa9i_5Un9vSVIwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.252.0/24
45.88.64.0/23
83.219.96.0/24
84.21.173.0/24
84.54.50.0/24
94.154.162.0/24
178.215.226.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.55.227.0/24
194.180.38.0/23
194.180.51.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:5e:94:56:49:c4:da:0b:84:df:a0:8c:e1:72:20:2c:48:35:
18:b6:f3:fb:42:cf:7f:02:00:bf:91:d1:f4:68:a2:20:cd:a3:
83:ef:8d:da:f8:79:77:cb:8c:7c:a7:08:6a:49:72:ab:f3:14:
81:a6:cd:f2:91:b1:a9:f9:6b:15:57:65:58:76:e2:50:8b:ba:
27:62:9b:2d:74:a9:aa:41:b6:c0:65:ec:ac:a8:71:f9:80:44:
ee:c4:be:dc:67:27:a2:e0:16:fd:c6:ff:fc:d4:07:a0:44:1d:
5e:c0:a8:ab:17:35:f2:5d:68:80:2b:c6:1e:78:be:51:29:59:
79:98:b7:e7:e5:26:fe:fe:fd:3f:d3:36:89:ee:72:25:36:1e:
7e:ff:aa:be:32:73:29:dc:da:1a:be:77:fa:f5:c0:f3:b5:c7:
3d:8c:b6:69:f4:12:d2:8b:8b:fc:35:29:39:7e:ea:59:06:2a:
47:1e:ee:a0:f6:d4:52:ff:58:19:20:3f:9f:fb:f6:20:d9:dc:
b8:b7:99:33:68:47:88:94:5b:e7:00:0f:4a:ba:f0:ef:3e:2e:
fd:ce:4c:f7:a7:19:d2:f2:b4:98:92:8b:31:ce:3d:a4:90:c3:
d1:e6:ee:62:a1:6a:bf:d7:5e:34:83:5e:ab:0f:22:7c:a7:b5:
b4:30:d2:87
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYUKfwNEC4i//bKMgU/No/ksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjEzMDc1OTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDlhYWM5YTk3MDBmMjI1ZTUwNWFmNjJmZjk1MjdmNmY0OTUyMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre8VOrGjVS7PAZH5z9jq2PvALh11
7ci7Wyg+l0W9Hcv9ExslIY7gsllcyf/Yjs2PTTmxLdCxA8iV2OXBm8D6ItBdj7Ra
jc2/inh8B4pRvMmhte7KOKk8Hs+MJc2qH6+zqfNQZt8tndNewxA0wy+4nkAVQMqh
Dsq9ZVrWKMwIm5UtUU5UrH+LzxSjMIrAVLx2eQPeWVmL+FVKXvFw/F+mJ4XzHexB
S75koWYCesyIsYSlsfaB4EF3OhOqp0nXXFiuXUuOFBO6sjnegqfmA6Zpiu5CgRCq
WhnH7lSkN8nPMt/Ga3sH+I7lhAsggX/ES3uHuj3uYjWQw7tgSiTELzzPFwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFI2arJqXAPIl5QWvYv+VJ/b0lSMIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvalpxc21wY0E4aVhsQmE5aV81VW45dlNWSXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALQz8AwQB
LVhAAwQAU9tgAwQAVBWtAwQAVDYyAwQAXpqiAwQAstfiAwQAwSoiAwQAwS88AwQA
wS8/AwQBwjfgAwQAwjfjAwQBwrQmAwQAwrQzMA0GCSqGSIb3DQEBCwUAA4IBAQCm
XpRWScTaC4TfoIzhciAsSDUYtvP7Qs9/AgC/kdH0aKIgzaOD743a+Hl3y4x8pwhq
SXKr8xSBps3ykbGp+WsVV2VYduJQi7onYpstdKmqQbbAZeysqHH5gETuxL7cZyei
4Bb9xv/81AegRB1ewKirFzXyXWiAK8YeeL5RKVl5mLfn5Sb+/v0/0zaJ7nIlNh5+
/6q+MnMp3Noavnf69cDztcc9jLZp9BLSi4v8NSk5fupZBipHHu6g9tRS/1gZID+f
+/Yg2dy4t5kzaEeIlFvnAA9KuvDvPi79zkz3pxnS8rSYkosxzj2kkMPR5u5ioWq/
1140g16rDyJ8p7W0MNKH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org