Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rh0E-RO7hdNm5-h59IbcFmW0YyE.roa
File: rh0E-RO7hdNm5-h59IbcFmW0YyE.roa (raw, json)
Hash identifier: eLi7011/veMVnD5hSd+GQBnCjpj2onSP80nWGgs/WeQ=
Subject key identifier: AE:1D:04:F9:13:BB:85:D3:66:E7:E8:79:F4:86:DC:16:65:B4:63:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183A7C5FF6BBC56F85147F1F46BBE7E410B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rh0E-RO7hdNm5-h59IbcFmW0YyE.roa
Signing time: Wed 05 Oct 2022 10:51:54 +0000
ROA not before: Wed 05 Oct 2022 10:51:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:c5:ff:6b:bc:56:f8:51:47:f1:f4:6b:be:7e:41:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 5 10:51:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae1d04f913bb85d366e7e879f486dc1665b46321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c8:db:e8:84:fd:3a:9c:a2:18:72:8c:1e:3d:
05:5b:f9:a1:8d:5b:ad:20:e0:88:d9:cc:d0:78:81:
66:aa:ad:62:fc:7d:c9:b2:9a:16:da:39:07:db:e6:
66:70:69:1f:6b:b9:c0:a6:da:b6:f2:88:e6:f7:38:
aa:9f:c3:f7:9d:7e:95:9f:63:6c:45:eb:40:77:de:
6f:ca:a9:5b:35:ac:63:0a:55:cd:e7:d2:ab:3b:40:
7b:7d:95:fd:27:45:b1:1a:b7:bc:c3:71:11:c7:b9:
25:9c:74:37:ba:17:20:3e:2d:aa:3c:20:65:36:80:
4c:ef:b6:64:57:27:a0:9c:65:6b:1e:ab:19:83:3b:
cb:04:5b:8e:f1:37:d3:47:3d:31:3e:3b:93:22:40:
f1:d6:bf:fa:04:d8:2d:b8:eb:b2:6e:bc:75:ed:3b:
ab:8a:72:e8:5d:00:71:b0:1f:e4:b7:f0:fe:fb:96:
90:5e:ab:97:e2:ae:44:36:f5:1a:3a:df:4e:54:ca:
62:23:c0:0f:6f:12:65:5a:55:32:2a:35:0b:29:e5:
15:34:cb:3d:02:ab:1b:ba:c7:f3:80:73:9c:1a:9a:
20:27:bc:9a:e6:8a:46:c4:28:4b:a3:19:65:50:87:
11:54:dd:08:78:8f:89:41:61:6d:50:2c:42:bf:9c:
df:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1D:04:F9:13:BB:85:D3:66:E7:E8:79:F4:86:DC:16:65:B4:63:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rh0E-RO7hdNm5-h59IbcFmW0YyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
82.115.208.0/22
84.21.172.0/23
84.54.48.0/23
85.31.45.0/24
85.31.47.0/24
87.120.84.0/24
87.120.87.0/24
94.103.126.0/24
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.239.0/24
185.216.69.0-185.216.70.255
185.246.221.0/24
193.25.217.0-193.25.218.255
193.35.19.0/24
193.47.63.0/24
194.55.224.0/22
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b8:53:b1:17:88:31:22:5e:b0:b9:bb:9f:b3:77:60:5d:78:
30:80:95:34:20:e4:7b:9c:a3:87:38:f2:15:b1:53:12:00:6e:
bb:c4:67:8d:cc:8b:e7:29:5a:c3:67:af:bc:d2:00:73:1e:1a:
62:1d:a7:fb:d7:92:59:1f:e9:74:2a:ad:d7:9b:79:38:fd:8a:
e5:be:c4:00:f4:c9:b1:ec:eb:29:13:3f:be:88:fd:a6:af:ad:
c8:4c:c6:ff:8a:f5:cb:9e:ba:c9:88:b0:18:bd:7e:08:ed:5f:
db:5e:61:5a:f1:0d:5c:3b:a7:a0:b1:96:e5:13:0f:73:63:95:
3d:a6:17:c5:b0:eb:ee:a7:68:6c:2a:55:fc:b5:21:f8:87:c2:
30:ed:38:46:ae:80:7a:8e:b3:5f:8e:2f:c2:bf:78:5d:d0:b9:
4e:8f:68:b2:89:5b:13:70:65:9c:87:48:f4:bd:04:ff:de:c1:
4a:08:c6:77:0a:f3:7b:03:a2:89:72:e8:8f:36:f4:0f:de:28:
8a:0e:12:e3:f0:7b:bd:2f:e8:63:46:3e:29:14:f0:87:2c:a0:
68:0a:e6:d8:97:2c:c6:28:a1:82:75:b0:1f:12:a8:ea:46:49:
ea:6a:05:73:22:df:97:86:aa:70:49:d0:43:fb:d4:55:9b:11:
9b:a9:75:5f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYOnxf9rvFb4UUfx9Gu+fkELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDA1MTA1MTU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFkMDRmOTEzYmI4NWQzNjZlN2U4NzlmNDg2ZGMxNjY1YjQ2MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcjb6IT9OpyiGHKMHj0FW/mhjVut
IOCI2czQeIFmqq1i/H3JspoW2jkH2+ZmcGkfa7nAptq28ojm9ziqn8P3nX6Vn2Ns
RetAd95vyqlbNaxjClXN59KrO0B7fZX9J0WxGre8w3ERx7klnHQ3uhcgPi2qPCBl
NoBM77ZkVyegnGVrHqsZgzvLBFuO8TfTRz0xPjuTIkDx1r/6BNgtuOuybrx17Tur
inLoXQBxsB/kt/D++5aQXquX4q5ENvUaOt9OVMpiI8APbxJlWlUyKjULKeUVNMs9
AqsbusfzgHOcGpogJ7ya5opGxChLoxllUIcRVN0IeI+JQWFtUCxCv5zfTwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFK4dBPkTu4XTZufoefSG3BZltGMhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcmgwRS1STzdoZE5tNS1oNTlJYmNGbVcwWXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBABQ
TDADBAJSc9ADBAFUFawDBAFUNjADBABVHy0DBABVHy8DBABXeFQDBABXeFcDBABe
Z34DBABemqwwDAMEALLX4QMEArLX4AMEALLX7zAMAwQAudhFAwQAudhGAwQAufbd
MAwDBADBGdkDBADBGdoDBADBIxMDBADBLz8DBALCN+ADBADCtCQwDQYJKoZIhvcN
AQELBQADggEBAJa4U7EXiDEiXrC5u5+zd2BdeDCAlTQg5Huco4c48hWxUxIAbrvE
Z43Mi+cpWsNnr7zSAHMeGmIdp/vXklkf6XQqrdebeTj9iuW+xAD0ybHs6ykTP76I
/aavrchMxv+K9cueusmIsBi9fgjtX9teYVrxDVw7p6CxluUTD3NjlT2mF8Ww6+6n
aGwqVfy1IfiHwjDtOEaugHqOs1+OL8K/eF3QuU6PaLKJWxNwZZyHSPS9BP/ewUoI
xncK83sDooly6I829A/eKIoOEuPwe70v6GNGPikU8IcsoGgK5tiXLMYooYJ1sB8S
qOpGSepqBXMi35eGqnBJ0EP71FWbEZupdV8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org