Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/niRMgzscORw4y8IydX3o-0P7c_s.roa
File: niRMgzscORw4y8IydX3o-0P7c_s.roa (raw, json)
Hash identifier: sdlDKv/UtTmES2jWmJqtLpJoUFJxM7ZpBTKLzV9nddo=
Subject key identifier: 9E:24:4C:83:3B:1C:39:1C:38:CB:C2:32:75:7D:E8:FB:43:FB:73:FB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A5097DEB7FDE1EC5D5415546BF8F26E65
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/niRMgzscORw4y8IydX3o-0P7c_s.roa
Signing time: Fri 01 Sep 2023 11:54:04 +0000
ROA not before: Fri 01 Sep 2023 11:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.217.145.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:97:de:b7:fd:e1:ec:5d:54:15:54:6b:f8:f2:6e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 1 11:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e244c833b1c391c38cbc232757de8fb43fb73fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9b:b4:83:50:97:66:4f:68:38:1e:df:ba:34:
c9:4a:27:2c:ab:79:93:1c:57:3c:f9:a7:be:54:5e:
ac:4b:72:fa:6e:50:43:d3:48:6a:ac:8e:4a:16:64:
e1:99:2b:59:74:40:61:14:2b:d8:fb:9a:cc:04:1b:
e5:fa:97:46:6a:35:e5:ac:fb:b9:c5:6f:c8:c0:b8:
62:22:1e:4c:60:8b:9d:de:ed:17:3b:6e:a5:db:d2:
c2:3d:72:12:7f:1a:d5:c2:86:f4:f0:fd:a6:38:a9:
09:a6:a0:64:2d:34:28:2c:37:61:40:33:22:73:01:
3b:b2:1c:cb:5d:63:f5:45:be:5b:11:fe:f0:b3:05:
ce:35:f7:4d:e9:a5:d0:33:82:0c:0e:5d:a4:0a:45:
29:f3:4f:40:cb:67:cf:b1:dc:3e:b6:3e:19:dc:7a:
17:2f:3f:d5:9d:05:25:31:11:1e:50:1a:5d:4a:57:
9f:a8:6e:7e:94:62:ee:2c:59:5b:c5:0a:4a:7e:83:
83:48:a7:e6:71:79:d8:a0:a9:40:27:4a:4a:73:2b:
1f:50:6e:41:eb:9e:d5:cf:c4:50:72:2f:53:73:d2:
3b:fa:70:fd:45:62:a4:a1:f6:0c:7f:b3:52:a4:3f:
ee:8e:99:3a:b9:53:e7:8d:6b:e4:50:ef:61:80:99:
52:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:24:4C:83:3B:1C:39:1C:38:CB:C2:32:75:7D:E8:FB:43:FB:73:FB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/niRMgzscORw4y8IydX3o-0P7c_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.131.0/24
45.84.90.0/24
79.110.50.0/24
80.76.50.0/24
85.209.132.0/24
85.217.145.0/24
93.123.85.0/24
94.156.176.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a2:df:2b:4a:66:89:a5:fe:3a:25:2d:0c:e3:c9:44:27:5e:
7e:53:72:84:3c:e9:a0:54:7c:a8:45:3e:61:8b:82:55:75:2c:
02:2c:6b:34:29:37:84:d9:9a:b9:48:3f:bc:e1:d6:d7:c7:21:
c2:1f:b5:9d:90:0f:75:4e:60:99:4a:fa:10:f2:51:d6:91:d5:
aa:3f:47:97:eb:18:29:4d:40:6f:80:15:e6:aa:15:d9:2e:6f:
33:30:1e:f2:29:69:97:df:8a:c5:64:aa:66:84:1f:25:0a:a9:
93:6d:15:55:ff:27:fc:65:8f:df:ad:12:0d:c6:b0:99:cb:e4:
6b:a9:39:80:f9:ef:25:1d:b8:a7:37:e7:8b:ab:76:7b:5b:35:
1d:d8:c1:4b:8a:04:15:fa:81:53:d3:48:e2:d2:ed:9b:26:75:
9b:90:68:da:cb:d8:81:00:1f:f1:18:53:95:43:0d:5b:7b:48:
d7:52:2d:09:16:eb:65:4b:21:22:4a:25:a9:3c:19:0f:85:a9:
9e:b2:17:1a:59:20:fd:9b:0d:2b:99:4c:d9:86:ed:ee:35:6c:
41:1b:d1:39:3a:be:2a:fc:86:18:36:0d:f0:45:7c:0f:3d:89:
09:f7:aa:8f:4d:ad:fd:86:a2:e1:ef:55:ed:f9:13:b8:12:75:
de:c7:a6:37
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYpQl963/eHsXVQVVGv48m5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTAxMTE1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI0NGM4MzNiMWMzOTFjMzhjYmMyMzI3NTdkZThmYjQzZmI3M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpu0g1CXZk9oOB7fujTJSicsq3mT
HFc8+ae+VF6sS3L6blBD00hqrI5KFmThmStZdEBhFCvY+5rMBBvl+pdGajXlrPu5
xW/IwLhiIh5MYIud3u0XO26l29LCPXISfxrVwob08P2mOKkJpqBkLTQoLDdhQDMi
cwE7shzLXWP1Rb5bEf7wswXONfdN6aXQM4IMDl2kCkUp809Ay2fPsdw+tj4Z3HoX
Lz/VnQUlMREeUBpdSlefqG5+lGLuLFlbxQpKfoODSKfmcXnYoKlAJ0pKcysfUG5B
657Vz8RQci9Tc9I7+nD9RWKkofYMf7NSpD/ujpk6uVPnjWvkUO9hgJlSUwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFJ4kTIM7HDkcOMvCMnV96PtD+3P7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbmlSTWd6c2NPUnc0eThJeWRYM28tMFA3Y19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJYuDAwQA
LVRaAwQAT24yAwQAUEwyAwQAVdGEAwQAVdmRAwQAXXtVAwQAXpywAwQAstftAwQA
ud6jAwQAwSoiAwQAwS88AwQAwS8/AwQAwjD5AwQAwjD7MA0GCSqGSIb3DQEBCwUA
A4IBAQAjot8rSmaJpf46JS0M48lEJ15+U3KEPOmgVHyoRT5hi4JVdSwCLGs0KTeE
2Zq5SD+84dbXxyHCH7WdkA91TmCZSvoQ8lHWkdWqP0eX6xgpTUBvgBXmqhXZLm8z
MB7yKWmX34rFZKpmhB8lCqmTbRVV/yf8ZY/frRINxrCZy+RrqTmA+e8lHbinN+eL
q3Z7WzUd2MFLigQV+oFT00ji0u2bJnWbkGjay9iBAB/xGFOVQw1be0jXUi0JFutl
SyEiSiWpPBkPhameshcaWSD9mw0rmUzZhu3uNWxBG9E5Or4q/IYYNg3wRXwPPYkJ
96qPTa39hqLh71Xt+RO4EnXex6Y3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org