Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ni2xN1uYZWw0v81PjM7Ovmmglgc.roa
File: ni2xN1uYZWw0v81PjM7Ovmmglgc.roa (raw, json)
Hash identifier: qZ6NQ+trZkdQTJmXaJdW1oUI+vqSzwrg1uDuh0dOhJg=
Subject key identifier: 9E:2D:B1:37:5B:98:65:6C:34:BF:CD:4F:8C:CE:CE:BE:69:A0:96:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018838BA7C4AA8702BEF9ABCAB95830AA76C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ni2xN1uYZWw0v81PjM7Ovmmglgc.roa
Signing time: Sat 20 May 2023 10:35:25 +0000
ROA not before: Sat 20 May 2023 10:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 45.81.243.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
45.139.105.0/24 maxlen: 24
185.225.74.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
212.87.204.0/24 maxlen: 24
95.214.27.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
94.156.161.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:38:ba:7c:4a:a8:70:2b:ef:9a:bc:ab:95:83:0a:a7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 20 10:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2db1375b98656c34bfcd4f8ccecebe69a09607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:65:7a:4f:1b:da:35:5d:6c:f0:f1:42:da:05:
85:10:5b:5c:f0:e0:25:cd:c5:e0:5f:e9:4e:55:c0:
6c:cb:58:13:96:26:72:e0:e0:a3:50:85:d3:ba:36:
56:f1:aa:7a:1e:4f:23:61:22:7f:3d:90:2a:3b:ba:
20:e2:69:f3:b3:af:93:7c:17:6f:c3:ed:b4:4d:7d:
8d:46:9c:5d:8d:64:85:ed:23:8c:f3:e1:48:18:6a:
24:67:81:b6:12:a0:31:a5:45:8e:85:87:b9:5f:f7:
ab:23:24:5f:da:ab:5c:38:24:f7:03:3b:f7:8e:f6:
11:43:65:3e:8a:9c:0e:b4:3d:02:63:b5:5a:c6:93:
06:88:43:4b:8a:94:40:f1:fe:a1:71:3b:bd:7a:d3:
cb:d0:8f:e5:06:78:1e:1e:c0:9b:a9:8a:8d:f9:2a:
71:ff:25:f9:cf:a5:6d:ac:b0:78:b0:ae:26:3d:1f:
96:01:7b:13:12:aa:04:e2:e9:ed:fd:f0:22:81:f8:
a9:a6:16:71:cb:4a:e3:ad:4b:ef:22:0a:47:e7:24:
3b:7c:6e:69:c9:5d:3a:e1:35:7a:13:e4:29:8c:15:
f9:96:7d:ea:b1:f5:63:5a:97:29:ef:fa:8b:85:93:
70:57:9d:fc:f6:8b:ae:be:27:1f:72:06:f5:e8:11:
90:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2D:B1:37:5B:98:65:6C:34:BF:CD:4F:8C:CE:CE:BE:69:A0:96:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ni2xN1uYZWw0v81PjM7Ovmmglgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
45.12.253.0/24
45.66.230.0/24
45.81.39.0/24
45.81.243.0/24
45.88.67.0/24
45.139.105.0/24
45.149.235.0/24
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
84.54.50.0/24
85.31.44.0-85.31.46.255
85.217.144.0/24
87.121.221.0/24
94.156.161.0/24
95.214.27.0/24
109.206.240.0/23
109.206.243.0/24
185.216.68.0/24
185.216.71.0/24
185.225.73.0-185.225.74.255
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.42.32.0/23
193.47.61.0/24
194.55.186.0/24
194.55.224.0/24
194.180.48.0/23
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0f:c6:28:a4:46:6f:94:bc:e4:df:3e:3b:e4:71:52:b7:c9:
41:64:3e:fc:8b:97:81:52:a3:d0:f2:a8:b8:91:f0:90:05:fb:
15:9d:7b:30:9e:2f:6d:d1:be:06:37:45:8a:b9:41:a1:4e:f6:
9d:5c:b2:da:8c:4c:bb:f4:02:59:19:ee:f1:36:3d:c4:dd:c1:
40:a8:54:59:56:48:63:65:1e:73:cb:32:88:6f:a4:03:15:22:
4a:04:c8:43:f4:ec:a6:81:32:51:69:18:f2:c3:77:2e:de:d4:
fb:7f:47:70:9b:15:92:40:16:ba:af:3e:b4:44:1e:90:e8:61:
22:a4:fb:66:e7:43:00:3f:28:9f:b3:ff:41:a3:28:d8:b1:8b:
b9:9d:55:45:de:8f:68:33:40:84:5e:a3:2c:8c:ab:2a:6d:4d:
75:5f:1b:f1:5f:ff:9a:a2:b3:b1:5d:35:f0:c3:47:ff:44:3c:
11:31:e3:41:2a:c5:69:f6:78:73:a6:94:da:3d:b5:18:3c:03:
68:4e:0c:65:31:ed:3e:b0:4d:27:0a:2b:56:90:81:ea:e9:cf:
cc:e0:e5:c2:d7:e1:f7:9e:a0:da:24:fc:d4:1c:78:4e:92:ac:
05:ca:db:a2:38:9a:1f:0c:84:f2:41:21:26:17:71:ee:75:73:
99:37:07:9a
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYg4unxKqHAr75q8q5WDCqdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIwMTAzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTJkYjEzNzViOTg2NTZjMzRiZmNkNGY4Y2NlY2ViZTY5YTA5NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWV6TxvaNV1s8PFC2gWFEFtc8OAl
zcXgX+lOVcBsy1gTliZy4OCjUIXTujZW8ap6Hk8jYSJ/PZAqO7og4mnzs6+TfBdv
w+20TX2NRpxdjWSF7SOM8+FIGGokZ4G2EqAxpUWOhYe5X/erIyRf2qtcOCT3Azv3
jvYRQ2U+ipwOtD0CY7VaxpMGiENLipRA8f6hcTu9etPL0I/lBngeHsCbqYqN+Spx
/yX5z6VtrLB4sK4mPR+WAXsTEqoE4unt/fAigfipphZxy0rjrUvvIgpH5yQ7fG5p
yV064TV6E+QpjBX5ln3qsfVjWpcp7/qLhZNwV5389ouuvicfcgb16BGQiwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFJ4tsTdbmGVsNL/NT4zOzr5poJYHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbmkyeE4xdVlaV3cwdjgxUGpNN092bW1nbGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAEl
i4ADBAAtDP0DBAAtQuYDBAAtUScDBAAtUfMDBAAtWEMDBAAti2kDBAAtlesDBAFP
bj4DBABQTDMDBABUFawDBABUNjIwDAMEAlUfLAMEAFUfLgMEAFXZkAMEAFd53QME
AF6coQMEAF/WGwMEAW3O8AMEAG3O8wMEALnYRAMEALnYRzAMAwQAueFJAwQAueFK
AwQBufbcAwQAufyyAwQAuf4lAwQBwSogAwQAwS89AwQAwje6AwQAwjfgAwQBwrQw
AwQA1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQCPD8YopEZvlLzk3z475HFSt8lBZD78
i5eBUqPQ8qi4kfCQBfsVnXswni9t0b4GN0WKuUGhTvadXLLajEy79AJZGe7xNj3E
3cFAqFRZVkhjZR5zyzKIb6QDFSJKBMhD9OymgTJRaRjyw3cu3tT7f0dwmxWSQBa6
rz60RB6Q6GEipPtm50MAPyifs/9BoyjYsYu5nVVF3o9oM0CEXqMsjKsqbU11Xxvx
X/+aorOxXTXww0f/RDwRMeNBKsVp9nhzppTaPbUYPANoTgxlMe0+sE0nCitWkIHq
6c/M4OXC1+H3nqDaJPzUHHhOkqwFytuiOJofDITyQSEmF3HudXOZNwea
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org