Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pGIOZjbFpPOg_L2JdxfXBwUOZOg.roa
File: pGIOZjbFpPOg_L2JdxfXBwUOZOg.roa (raw, json)
Hash identifier: AdfPnmY7YCn/nuGSflKHngUmWnXMd1l8MEh2Rpc4KYw=
Subject key identifier: A4:62:0E:66:36:C5:A4:F3:A0:FC:BD:89:77:17:D7:07:05:0E:64:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018776E0929AAD715C18AB6EA37E2A1B60FE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pGIOZjbFpPOg_L2JdxfXBwUOZOg.roa
Signing time: Wed 12 Apr 2023 19:10:41 +0000
ROA not before: Wed 12 Apr 2023 19:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 193.168.196.0/22 maxlen: 24
45.91.193.0/24 maxlen: 24
45.139.100.0/22 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:e0:92:9a:ad:71:5c:18:ab:6e:a3:7e:2a:1b:60:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 12 19:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4620e6636c5a4f3a0fcbd897717d707050e64e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:10:87:57:ee:82:01:7a:36:91:b5:a7:f0:6a:
eb:59:06:2e:e2:12:28:d7:cc:4e:64:fa:52:de:e9:
9c:96:2d:99:17:89:aa:ad:34:94:4f:14:8a:16:31:
32:31:05:fa:0e:32:29:1e:e0:32:83:23:b6:30:42:
76:fb:01:e6:ee:35:b8:a7:ec:de:94:96:37:6c:8f:
b6:df:84:ff:14:b3:07:c9:01:8d:7a:85:59:1f:1c:
a5:55:2e:cf:2b:ef:58:30:1b:cc:79:ec:e2:d5:fc:
45:cd:b5:3a:4f:68:a8:67:4e:3b:0a:ed:ab:ab:48:
45:12:d9:b6:33:4b:48:f6:25:a5:59:0b:ab:b6:a1:
a4:9a:46:02:a2:71:6c:c9:72:b9:27:be:11:5c:ad:
0b:ea:c9:26:20:6e:6c:5c:85:17:d4:98:6f:1b:35:
93:45:66:a1:61:6b:fd:f4:66:ff:14:9b:8c:fa:55:
5d:fb:63:fc:61:ec:44:81:77:95:49:ef:11:dc:0a:
53:d6:3f:e0:07:96:33:2a:7b:4f:7f:9f:12:c3:77:
62:bf:2a:73:fc:1c:51:08:fd:6c:e4:8a:bc:22:61:
17:42:c5:a8:da:e2:de:af:1c:17:04:6d:72:64:a6:
b6:ad:49:68:4f:9e:c1:a1:20:d5:29:b3:fb:73:03:
e0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:62:0E:66:36:C5:A4:F3:A0:FC:BD:89:77:17:D7:07:05:0E:64:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pGIOZjbFpPOg_L2JdxfXBwUOZOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.193.0/24
45.139.100.0/22
88.218.76.0/22
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:27:ca:17:ae:ff:02:ba:e7:e2:49:6f:7d:42:bf:36:d0:7f:
e3:c2:56:99:6b:21:1f:4d:0a:9c:57:69:4b:59:9b:c8:37:e9:
2c:39:61:a3:d5:a0:e7:dc:0b:bd:ad:00:d4:7d:d5:42:21:8f:
fe:51:e8:a5:95:c5:e9:79:b4:9a:a3:fb:ee:01:7b:e5:db:72:
4e:11:a3:0e:14:29:d2:f8:3b:5b:d6:57:53:43:bd:7e:d8:52:
32:a0:8b:a6:ec:62:23:5d:56:c1:92:f6:ff:59:c2:6f:1b:36:
fe:6e:dd:5e:bd:50:c7:a7:58:37:4f:96:a9:38:fb:7a:7d:80:
e6:37:51:3a:32:ce:b2:aa:0e:55:64:ce:30:c8:64:c9:63:04:
fa:a6:ce:84:e1:46:54:eb:1b:70:b0:9e:dd:32:be:e7:d7:ab:
0a:7f:7b:13:82:c9:2a:e1:1d:44:ac:83:b5:dd:3b:c4:1b:b2:
29:d3:00:9c:63:da:be:19:bb:83:b2:92:a3:d5:27:1a:5b:bc:
a7:f8:f6:50:22:74:a4:35:6c:12:2a:7e:ca:2d:c6:83:eb:9d:
8c:5e:76:4b:83:0f:d4:35:07:3a:82:44:7d:d2:5e:db:0d:f1:
21:49:05:ab:d4:02:c2:57:47:d8:2f:03:c8:b9:84:15:6f:37:
24:a8:fc:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd24JKarXFcGKtuo34qG2D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEyMTkxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDYyMGU2NjM2YzVhNGYzYTBmY2JkODk3NzE3ZDcwNzA1MGU2NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRCHV+6CAXo2kbWn8GrrWQYu4hIo
18xOZPpS3umcli2ZF4mqrTSUTxSKFjEyMQX6DjIpHuAygyO2MEJ2+wHm7jW4p+ze
lJY3bI+234T/FLMHyQGNeoVZHxylVS7PK+9YMBvMeezi1fxFzbU6T2ioZ047Cu2r
q0hFEtm2M0tI9iWlWQurtqGkmkYConFsyXK5J74RXK0L6skmIG5sXIUX1JhvGzWT
RWahYWv99Gb/FJuM+lVd+2P8YexEgXeVSe8R3ApT1j/gB5YzKntPf58Sw3divypz
/BxRCP1s5Iq8ImEXQsWo2uLerxwXBG1yZKa2rUloT57BoSDVKbP7cwPgcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKRiDmY2xaTzoPy9iXcX1wcFDmToMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcEdJT1pqYkZwUE9nX0wySmR4ZlhCd1VPWk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVvBAwQC
LYtkAwQCWNpMAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQAsJ8oXrv8CuufiSW99
Qr820H/jwlaZayEfTQqcV2lLWZvIN+ksOWGj1aDn3Au9rQDUfdVCIY/+UeillcXp
ebSao/vuAXvl23JOEaMOFCnS+Dtb1ldTQ71+2FIyoIum7GIjXVbBkvb/WcJvGzb+
bt1evVDHp1g3T5apOPt6fYDmN1E6Ms6yqg5VZM4wyGTJYwT6ps6E4UZU6xtwsJ7d
Mr7n16sKf3sTgskq4R1ErIO13TvEG7Ip0wCcY9q+GbuDspKj1ScaW7yn+PZQInSk
NWwSKn7KLcaD652MXnZLgw/UNQc6gkR90l7bDfEhSQWr1ALCV0fYLwPIuYQVbzck
qPzy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org