Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pCa3vOJveDfEFCyj4D0ETYds2-o.roa
File: pCa3vOJveDfEFCyj4D0ETYds2-o.roa (raw, json)
Hash identifier: 6Jk1WkycBsbjdZSAdInePCS5GnkD/7SYttVGTgCibHA=
Subject key identifier: A4:26:B7:BC:E2:6F:78:37:C4:14:2C:A3:E0:3D:04:4D:87:6C:DB:EA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018224E1F1B6FB3A32D94394A777E7D33A7C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pCa3vOJveDfEFCyj4D0ETYds2-o.roa
Signing time: Fri 22 Jul 2022 07:49:23 +0000
ROA not before: Fri 22 Jul 2022 07:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:24:e1:f1:b6:fb:3a:32:d9:43:94:a7:77:e7:d3:3a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 22 07:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a426b7bce26f7837c4142ca3e03d044d876cdbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:10:22:4f:5d:e8:10:4c:c2:a8:a2:95:8d:76:
52:28:72:f6:82:69:60:dd:25:c0:b0:f4:f1:2d:96:
28:25:af:af:cf:11:62:95:7e:b5:b5:0c:54:50:89:
09:93:77:8a:2c:f7:7c:1c:9f:be:f3:28:7d:c3:90:
5b:96:c8:46:a0:9c:94:90:e8:c3:c5:43:f4:e1:f9:
64:db:31:f0:fa:94:9b:eb:0c:17:8b:34:69:57:0d:
c1:4e:b8:87:c9:2c:9e:c9:37:c5:a8:ca:cf:f6:6f:
65:8e:69:4d:58:51:e1:69:a4:d4:f4:4a:ec:51:fe:
96:f8:4d:1a:c6:ed:be:e1:47:48:40:77:ae:70:9b:
08:ea:fa:7b:4f:ab:ef:20:1a:2c:11:9d:75:e4:14:
ad:67:db:46:45:d0:75:32:30:e6:0c:e7:f5:19:4e:
17:be:fd:da:70:9e:17:f5:93:00:1b:aa:6c:d9:22:
0e:b0:5f:06:9d:26:9d:17:11:03:30:bd:3c:e0:41:
48:2d:1d:bf:bf:b4:82:88:18:09:d5:24:00:06:49:
f6:a4:8b:a8:bb:39:08:03:58:10:b1:22:b7:eb:5a:
26:ff:3a:f8:87:f3:12:1d:61:4e:b2:c7:12:c4:75:
df:9e:29:5c:c5:16:11:51:e3:4c:57:53:87:10:7e:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:26:B7:BC:E2:6F:78:37:C4:14:2C:A3:E0:3D:04:4D:87:6C:DB:EA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pCa3vOJveDfEFCyj4D0ETYds2-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0-80.76.50.255
83.219.97.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
94.154.174.0/24
109.206.239.0/24
178.215.225.0-178.215.227.255
178.215.236.0/23
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.35.18.0/23
193.37.42.0/24
193.37.47.0/24
193.47.62.0/23
193.222.96.0-193.222.98.255
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a1:de:d7:cf:c4:11:59:62:ae:db:4e:04:18:e0:c5:c2:e4:
63:0e:cb:0d:9f:d8:af:60:c8:51:e4:1d:f2:fd:e4:fb:ab:e0:
9e:b2:33:e2:c0:84:5d:4b:85:cb:91:93:37:10:fd:b5:96:9e:
a1:2c:de:27:50:e5:38:36:0b:96:ed:39:f1:b2:3d:6a:7d:1a:
ac:40:0b:3e:01:7c:36:d3:ac:68:ca:67:f3:23:11:9b:1c:49:
ad:98:6b:4f:c9:22:6e:4c:4e:0b:08:5f:1e:8d:cd:8b:f3:58:
3a:5a:90:7c:fd:b8:0e:93:42:dc:1f:b4:7b:2f:fa:63:59:7c:
f0:e2:6a:95:68:d5:d2:c8:fe:bf:f0:92:68:47:52:bc:b8:81:
65:ce:ba:8e:61:c7:eb:28:8c:70:3a:09:af:e4:b3:18:1a:7a:
ad:87:c8:a6:78:2f:64:5d:ef:1b:32:b7:3a:e3:d3:0e:7c:99:
ff:08:c6:ef:f4:ae:9b:8c:94:4c:bd:b6:17:e2:31:70:84:40:
f2:41:1e:84:31:8c:90:5a:48:ed:12:2e:32:9b:43:21:59:22:
d9:c8:da:ef:58:7b:84:c0:49:ca:6a:3f:dd:7f:83:c3:75:3d:
77:9a:bb:bc:2d:4c:ad:40:be:23:00:9b:7f:2c:ed:db:9c:a9:
ca:84:e9:b4
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYIk4fG2+zoy2UOUp3fn0zp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzIyMDc0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI2YjdiY2UyNmY3ODM3YzQxNDJjYTNlMDNkMDQ0ZDg3NmNkYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRAiT13oEEzCqKKVjXZSKHL2gmlg
3SXAsPTxLZYoJa+vzxFilX61tQxUUIkJk3eKLPd8HJ++8yh9w5BblshGoJyUkOjD
xUP04flk2zHw+pSb6wwXizRpVw3BTriHySyeyTfFqMrP9m9ljmlNWFHhaaTU9Ers
Uf6W+E0axu2+4UdIQHeucJsI6vp7T6vvIBosEZ115BStZ9tGRdB1MjDmDOf1GU4X
vv3acJ4X9ZMAG6ps2SIOsF8GnSadFxEDML084EFILR2/v7SCiBgJ1SQABkn2pIuo
uzkIA1gQsSK361om/zr4h/MSHWFOsscSxHXfnilcxRYRUeNMV1OHEH6FrwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFKQmt7zib3g3xBQso+A9BE2HbNvqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcENhM3ZPSnZlRGZFRkN5ajREMEVUWWRzMi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABP
bjADBABPbj0DBABPbj8wDAMEBFBMMAMEAFBMMgMEAFPbYQMEAFQ2MQMEAFUfLQME
AFUfLwMEAFXZkAMEAFd4VAMEAFd4VzAMAwQAXmd9AwQHXmcAAwQAXpqsAwQAXpqu
AwQAbc7vMAwDBACy1+EDBAKy1+ADBAGy1+wDBACy1+8wDAMEALnYRQMEALnYRgME
ALnaiAMEALn23QMEAbn8sAMEAcEjEgMEAMElKgMEAMElLwMEAcEvPjAMAwQFwd5g
AwQAwd5iAwQAwqmvAwQAwrQyAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQBood7X
z8QRWWKu204EGODFwuRjDssNn9ivYMhR5B3y/eT7q+CesjPiwIRdS4XLkZM3EP21
lp6hLN4nUOU4NguW7Tnxsj1qfRqsQAs+AXw206xoymfzIxGbHEmtmGtPySJuTE4L
CF8ejc2L81g6WpB8/bgOk0LcH7R7L/pjWXzw4mqVaNXSyP6/8JJoR1K8uIFlzrqO
YcfrKIxwOgmv5LMYGnqth8imeC9kXe8bMrc649MOfJn/CMbv9K6bjJRMvbYX4jFw
hEDyQR6EMYyQWkjtEi4ym0MhWSLZyNrvWHuEwEnKaj/df4PDdT13mru8LUytQL4j
AJt/LO3bnKnKhOm0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org