Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oxLXlqPhVnu5xuTTIdO1Lt_yLyw.roa
File: oxLXlqPhVnu5xuTTIdO1Lt_yLyw.roa (raw, json)
Hash identifier: VViCBIVv7JteqBiVpGn90w/pCs9yKYEcr317LR3tsls=
Subject key identifier: A3:12:D7:96:A3:E1:56:7B:B9:C6:E4:D3:21:D3:B5:2E:DF:F2:2F:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018529D07B3EDA6A2EDB72790729A7DABFDC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oxLXlqPhVnu5xuTTIdO1Lt_yLyw.roa
Signing time: Mon 19 Dec 2022 09:56:46 +0000
ROA not before: Mon 19 Dec 2022 09:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 194.55.224.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
45.12.252.0/24 maxlen: 24
45.12.255.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.65.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:d0:7b:3e:da:6a:2e:db:72:79:07:29:a7:da:bf:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 19 09:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a312d796a3e1567bb9c6e4d321d3b52edff22f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:b6:91:11:f8:cc:9e:91:b4:be:c9:64:d4:
2f:af:8b:36:21:1f:51:0f:55:28:31:28:76:5c:3f:
f9:f3:e8:30:65:7d:be:2c:40:4e:ac:dd:ab:8d:3c:
96:4a:ca:f9:a0:d9:d2:6e:26:2b:6f:b2:cf:80:3d:
6b:cb:f0:ab:fe:a5:16:f3:c8:72:40:04:97:6f:c9:
d4:aa:bf:51:48:e1:68:79:52:0c:36:d9:51:6e:d6:
9b:bb:06:59:a8:2e:95:ca:fb:5e:25:d3:9d:b1:f8:
0b:da:24:80:25:54:78:81:bf:e1:92:df:39:30:06:
3a:6b:eb:08:f8:23:38:29:38:19:2e:e2:b4:20:20:
36:35:f6:fb:f9:fa:58:7c:72:63:ec:3a:08:e7:d4:
69:68:d7:b9:cd:f9:98:98:7a:51:23:de:eb:49:6b:
42:b7:b0:97:db:1a:ac:64:fc:f1:10:a0:36:9e:9c:
02:36:bd:28:50:f4:88:f5:16:69:51:81:70:de:58:
e8:54:aa:da:18:63:c4:21:42:ae:e2:87:bf:d3:57:
8b:44:ef:38:8f:1f:6e:ff:70:26:8d:cd:71:a2:8b:
2d:59:56:e6:93:8c:3b:4c:35:7e:d4:c9:1b:03:7f:
2b:b9:c8:a6:85:9b:25:8f:4e:a4:8f:1b:6d:eb:b8:
2e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:12:D7:96:A3:E1:56:7B:B9:C6:E4:D3:21:D3:B5:2E:DF:F2:2F:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oxLXlqPhVnu5xuTTIdO1Lt_yLyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.252.0/24
45.12.255.0/24
45.84.91.0/24
45.88.64.0/23
45.141.158.0/24
83.219.96.0/24
84.54.50.0/24
94.154.162.0/24
178.215.226.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.55.224.0/23
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:cf:6c:14:49:b2:ed:95:4f:e5:c7:68:41:fe:e3:3f:98:0c:
a5:0f:3e:33:7e:91:44:1f:28:1c:9f:86:b7:09:c6:63:0c:af:
d6:56:b0:95:92:f1:bd:f4:0c:b3:7b:64:00:9f:d8:9b:b9:cf:
a7:16:9d:5a:d4:d6:c0:f3:87:00:44:fc:55:30:b4:f7:da:11:
7d:58:eb:1e:96:72:4b:d2:a9:97:6d:4f:ab:6b:c1:02:e2:2f:
85:38:48:13:c6:c2:b9:6d:94:0c:80:e9:09:89:7b:92:74:80:
ec:ea:31:30:a1:6c:ca:fd:37:79:68:71:83:3e:41:b0:eb:09:
af:b2:38:f9:d1:17:14:d3:7d:7e:7b:b6:cc:d4:b0:11:45:a0:
8b:ae:76:5c:ce:4d:f3:f5:50:fa:22:34:fc:8b:f8:de:c4:bb:
a4:55:6a:a3:ad:2f:39:3f:7b:f1:1c:1e:92:5b:03:a3:57:67:
bc:f8:d1:91:cb:0d:cb:a3:48:95:52:ef:71:d0:be:e6:b8:76:
19:ef:c6:47:d3:b4:9a:2c:7b:3c:72:4e:81:b1:7e:49:2d:26:
23:d4:5d:db:1c:26:b5:08:4c:e4:16:2a:36:78:09:be:8c:46:
f4:99:7a:52:8f:6f:53:c5:a6:12:59:f8:49:d3:5f:e4:43:fb:
c9:30:53:7b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYUp0Hs+2mou23J5Bymn2r/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjE5MDk1NjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzEyZDc5NmEzZTE1NjdiYjljNmU0ZDMyMWQzYjUyZWRmZjIyZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpO2kRH4zJ6RtL7JZNQvr4s2IR9R
D1UoMSh2XD/58+gwZX2+LEBOrN2rjTyWSsr5oNnSbiYrb7LPgD1ry/Cr/qUW88hy
QASXb8nUqr9RSOFoeVIMNtlRbtabuwZZqC6VyvteJdOdsfgL2iSAJVR4gb/hkt85
MAY6a+sI+CM4KTgZLuK0ICA2Nfb7+fpYfHJj7DoI59RpaNe5zfmYmHpRI97rSWtC
t7CX2xqsZPzxEKA2npwCNr0oUPSI9RZpUYFw3ljoVKraGGPEIUKu4oe/01eLRO84
jx9u/3Amjc1xoostWVbmk4w7TDV+1MkbA38rucimhZslj06kjxtt67guyQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKMS15aj4VZ7ucbk0yHTtS7f8i8sMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb3hMWGxxUGhWbnU1eHVUVElkTzFMdF95THl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALQz8AwQA
LQz/AwQALVRbAwQBLVhAAwQALY2eAwQAU9tgAwQAVDYyAwQAXpqiAwQAstfiAwQA
wSoiAwQAwS88AwQAwS8/AwQBwjfgAwQBwrQmMA0GCSqGSIb3DQEBCwUAA4IBAQCl
z2wUSbLtlU/lx2hB/uM/mAylDz4zfpFEHygcn4a3CcZjDK/WVrCVkvG99Ayze2QA
n9ibuc+nFp1a1NbA84cARPxVMLT32hF9WOselnJL0qmXbU+ra8EC4i+FOEgTxsK5
bZQMgOkJiXuSdIDs6jEwoWzK/Td5aHGDPkGw6wmvsjj50RcU031+e7bM1LARRaCL
rnZczk3z9VD6IjT8i/jexLukVWqjrS85P3vxHB6SWwOjV2e8+NGRyw3Lo0iVUu9x
0L7muHYZ78ZH07SaLHs8ck6BsX5JLSYj1F3bHCa1CEzkFio2eAm+jEb0mXpSj29T
xaYSWfhJ01/kQ/vJMFN7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org