Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/om6aL40-9rJzsYyKguyUNcR57zk.roa
File: om6aL40-9rJzsYyKguyUNcR57zk.roa (raw, json)
Hash identifier: IMPBoq6WMZPOWBDGemJ9TAxz5UXU7uvBGMVXJJ/4l8o=
Subject key identifier: A2:6E:9A:2F:8D:3E:F6:B2:73:B1:8C:8A:82:EC:94:35:C4:79:EF:39
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D820F76BE4B077C5D24A1E8E76A214C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/om6aL40-9rJzsYyKguyUNcR57zk.roa
Signing time: Sun 01 Jan 2023 13:25:18 +0000
ROA not before: Sun 01 Jan 2023 13:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
45.128.96.0/22 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
45.139.107.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:0f:76:be:4b:07:7c:5d:24:a1:e8:e7:6a:21:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a26e9a2f8d3ef6b273b18c8a82ec9435c479ef39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:d2:6f:f1:e0:d0:fe:8b:c7:29:61:44:fe:
77:12:58:18:09:ca:c1:65:90:bf:d0:4d:a1:23:c3:
fe:6a:4e:47:98:52:b0:e5:28:46:8f:d7:d6:99:1c:
3d:0f:b4:1e:85:2b:23:3d:df:fa:61:66:8e:32:22:
87:9d:bc:24:aa:1a:bf:53:b8:e0:28:55:44:90:03:
57:35:05:73:16:5e:20:e1:17:8f:2e:8f:c3:0d:93:
40:79:91:05:aa:4e:03:fe:c5:ae:03:e0:ba:8e:77:
b3:fb:dc:8f:ad:17:d4:4a:79:7d:fb:fb:cc:ec:09:
e5:3e:58:7f:6d:88:1b:49:f1:82:16:75:61:fb:15:
5a:c4:3b:b0:fe:b2:c9:aa:37:eb:90:4f:de:c5:ed:
c9:2e:b3:c0:9d:55:b4:58:a7:f7:19:49:87:b8:ec:
f0:e9:26:9b:50:62:81:c5:7d:93:af:0a:d0:9a:61:
ff:18:0d:ca:98:92:ea:cc:b3:58:ac:7a:5e:98:f5:
3d:bd:ff:b5:59:a6:40:90:de:7b:26:77:4a:94:f8:
9f:f5:6f:4e:00:de:21:79:0f:63:b1:83:e6:80:8e:
ec:10:aa:49:36:f7:e3:93:95:8e:11:d4:46:dd:e4:
cb:82:ae:b0:39:0a:1a:cd:c1:48:52:77:4c:3e:6d:
9d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6E:9A:2F:8D:3E:F6:B2:73:B1:8C:8A:82:EC:94:35:C4:79:EF:39
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/om6aL40-9rJzsYyKguyUNcR57zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.128.96.0/22
45.139.107.0/24
80.76.48.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0/24
178.215.227.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
193.35.19.0/24
194.55.224.0/23
Signature Algorithm: sha256WithRSAEncryption
38:14:30:46:35:dd:93:b6:a6:f4:5a:08:29:9a:40:b1:6c:cb:
90:40:d2:ab:9d:45:42:34:db:e7:f7:d8:e0:ee:ff:0a:47:fd:
40:0d:e5:f9:53:bc:07:47:f0:0d:17:b0:85:c9:b8:79:87:f2:
bb:eb:b4:51:65:30:1e:4c:0e:30:b9:df:33:49:49:1b:7c:4f:
7a:96:b1:6a:db:1e:58:ce:ac:2b:f8:be:50:d1:61:2e:2e:a4:
92:cc:1f:4b:6e:f2:84:27:9b:88:31:7b:c9:87:16:cd:4f:8b:
b3:03:96:d3:df:3d:c3:95:4a:6a:b1:e7:71:5c:de:76:00:3e:
c2:3f:53:10:46:e7:8d:91:38:e6:52:73:25:26:19:42:ae:06:
0b:4e:35:13:20:55:9d:4f:a9:63:12:b3:f8:31:5c:78:55:e7:
54:bf:3e:70:59:0e:9f:1d:43:08:2c:01:b9:76:67:69:a9:19:
23:d5:c5:6a:b8:5c:d7:98:c6:fa:a4:cd:f3:db:5b:dc:56:58:
3d:1c:7f:74:f5:15:a8:b1:23:5e:bd:03:94:e9:b4:e1:32:75:
15:e2:e8:5a:ae:2a:2a:92:6b:2f:60:23:ec:ed:4a:7f:55:11:
1d:a5:72:ca:e4:3a:18:17:25:36:30:2f:bc:95:01:83:d8:69:
e3:e9:fc:b7
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVtgg92vksHfF0koejnaiFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZlOWEyZjhkM2VmNmIyNzNiMThjOGE4MmVjOTQzNWM0NzllZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvPSb/Hg0P6LxylhRP53ElgYCcrB
ZZC/0E2hI8P+ak5HmFKw5ShGj9fWmRw9D7QehSsjPd/6YWaOMiKHnbwkqhq/U7jg
KFVEkANXNQVzFl4g4RePLo/DDZNAeZEFqk4D/sWuA+C6jnez+9yPrRfUSnl9+/vM
7AnlPlh/bYgbSfGCFnVh+xVaxDuw/rLJqjfrkE/exe3JLrPAnVW0WKf3GUmHuOzw
6SabUGKBxX2TrwrQmmH/GA3KmJLqzLNYrHpemPU9vf+1WaZAkN57JndKlPif9W9O
AN4heQ9jsYPmgI7sEKpJNvfjk5WOEdRG3eTLgq6wOQoazcFIUndMPm2dsQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKJumi+NPvayc7GMioLslDXEee85MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb202YUw0MC05ckp6c1l5S2d1eVVOY1I1N3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALVRZAwQC
LYBgAwQALYtrAwQAUEwwAwQAVR8vAwQAV3hXAwQAXpqsAwQAstfhAwQAstfjAwQA
stfvMAwDBAC52EUDBAC52EYDBADBIxMDBAHCN+AwDQYJKoZIhvcNAQELBQADggEB
ADgUMEY13ZO2pvRaCCmaQLFsy5BA0qudRUI02+f32ODu/wpH/UAN5flTvAdH8A0X
sIXJuHmH8rvrtFFlMB5MDjC53zNJSRt8T3qWsWrbHljOrCv4vlDRYS4upJLMH0tu
8oQnm4gxe8mHFs1Pi7MDltPfPcOVSmqx53Fc3nYAPsI/UxBG542ROOZScyUmGUKu
BgtONRMgVZ1PqWMSs/gxXHhV51S/PnBZDp8dQwgsAbl2Z2mpGSPVxWq4XNeYxvqk
zfPbW9xWWD0cf3T1FaixI169A5TptOEydRXi6FquKiqSay9gI+ztSn9VER2lcsrk
OhgXJTYwL7yVAYPYaePp/Lc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org