Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s1KyZ5R_5oDp9LIO__TMIe2ABvo.roa
File: s1KyZ5R_5oDp9LIO__TMIe2ABvo.roa (raw, json)
Hash identifier: aVhz8IJi9hMhGoxdNGBPx86R9d3dk+E5gjUe+wm8Euk=
Subject key identifier: B3:52:B2:67:94:7F:E6:80:E9:F4:B2:0E:FF:F4:CC:21:ED:80:06:FA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188426D639E05E3F2BCB3E36B29380D10B0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s1KyZ5R_5oDp9LIO__TMIe2ABvo.roa
Signing time: Mon 22 May 2023 07:47:25 +0000
ROA not before: Mon 22 May 2023 07:47:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 45.81.243.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
45.139.105.0/24 maxlen: 24
185.225.74.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
212.87.204.0/24 maxlen: 24
95.214.27.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
94.156.161.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:6d:63:9e:05:e3:f2:bc:b3:e3:6b:29:38:0d:10:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 22 07:47:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b352b267947fe680e9f4b20efff4cc21ed8006fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:2c:ba:6d:6c:7d:8d:0f:c7:6b:04:1a:24:
71:af:6b:69:97:77:46:c3:3f:3b:eb:0e:db:43:73:
1b:9c:90:77:76:60:ea:84:05:ce:db:aa:d1:72:51:
62:5b:7d:83:00:9a:bc:bc:15:e3:1a:b8:04:66:0a:
a7:23:55:b7:a3:9d:2e:dc:13:80:98:1d:ad:46:03:
d9:aa:7d:22:ed:25:e2:2d:70:07:96:99:c1:4e:c4:
b6:a5:3d:3b:61:03:4b:8b:6c:d0:e6:6f:d3:af:4c:
56:23:a7:9a:b3:ea:ae:17:13:be:95:85:f4:af:48:
34:53:fc:b4:2f:82:20:49:f8:ca:09:88:b8:de:86:
21:66:0c:18:0c:c4:5b:35:3b:9c:2c:f7:a2:d3:86:
70:7c:13:75:82:21:32:c0:cf:f6:59:26:c6:24:91:
ee:74:4c:a2:17:84:ad:a2:4e:4d:5e:7f:11:a3:ed:
06:2e:a3:84:82:f7:79:7f:a8:d0:5c:19:7d:f6:f2:
9b:df:7e:59:75:11:ba:fc:9f:37:02:d4:1d:48:a5:
e3:c5:48:b1:8f:8a:43:f5:e0:9d:a5:20:28:5c:82:
0d:1e:e0:95:68:b3:58:b3:7b:86:87:2d:78:63:eb:
61:c0:8c:1e:e6:b1:6b:ec:3f:62:10:73:dd:31:86:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:52:B2:67:94:7F:E6:80:E9:F4:B2:0E:FF:F4:CC:21:ED:80:06:FA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s1KyZ5R_5oDp9LIO__TMIe2ABvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
45.12.253.0/24
45.66.230.0/24
45.81.39.0/24
45.81.243.0/24
45.88.67.0/24
45.139.105.0/24
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
84.54.50.0/24
85.31.44.0-85.31.46.255
85.217.144.0/24
87.121.221.0/24
94.156.161.0/24
95.214.27.0/24
109.206.240.0/23
109.206.243.0/24
185.216.68.0/24
185.216.71.0/24
185.225.73.0-185.225.74.255
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.42.32.0/23
193.47.61.0/24
194.55.186.0/24
194.55.224.0/24
194.180.48.0/23
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
45:51:36:a5:1f:33:db:d4:71:24:d4:a9:3f:fb:1c:64:16:ef:
b1:ec:b2:65:08:21:3d:ed:6d:0f:8c:dd:ae:79:82:21:21:4b:
8d:40:42:10:d5:9d:77:d5:49:b0:cc:b6:d6:b7:ff:a9:f9:10:
2d:3a:b5:90:5a:6a:6a:1a:9a:f6:56:7e:fc:47:16:61:a0:dd:
5c:44:c6:97:2e:02:21:9a:14:cf:9d:27:e7:4a:b6:eb:36:7f:
51:8b:46:6e:16:ec:49:7d:bf:4a:f4:ce:a3:e2:ca:f5:45:a6:
be:45:d9:3d:d6:84:5f:b6:39:6a:21:20:d5:a0:0a:58:8b:68:
3d:fc:ef:c9:00:5b:e8:85:69:b3:b5:82:68:42:e9:94:1b:95:
c9:3b:50:96:49:11:b7:c4:2d:72:5c:f2:bc:1b:64:0a:06:ac:
6d:ee:cc:04:9a:e4:79:6f:a2:02:c2:9a:ad:77:65:35:fa:63:
22:6b:c9:ae:52:5b:68:72:15:f7:59:70:bf:21:d3:70:0a:6a:
45:f2:6f:a4:5d:79:ba:5c:c5:19:20:50:cc:c8:6d:96:46:59:
a7:48:53:16:2e:4d:b9:4d:11:df:04:27:35:96:1a:79:e9:95:
d4:40:55:04:f6:7a:b9:ee:11:00:a8:7b:69:bb:52:3d:be:00:
b0:f2:74:73
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYhCbWOeBePyvLPjayk4DRCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIyMDc0NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzUyYjI2Nzk0N2ZlNjgwZTlmNGIyMGVmZmY0Y2MyMWVkODAwNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmosum1sfY0Px2sEGiRxr2tpl3dG
wz876w7bQ3MbnJB3dmDqhAXO26rRclFiW32DAJq8vBXjGrgEZgqnI1W3o50u3BOA
mB2tRgPZqn0i7SXiLXAHlpnBTsS2pT07YQNLi2zQ5m/Tr0xWI6eas+quFxO+lYX0
r0g0U/y0L4IgSfjKCYi43oYhZgwYDMRbNTucLPei04ZwfBN1giEywM/2WSbGJJHu
dEyiF4Stok5NXn8Ro+0GLqOEgvd5f6jQXBl99vKb335ZdRG6/J83AtQdSKXjxUix
j4pD9eCdpSAoXIINHuCVaLNYs3uGhy14Y+thwIwe5rFr7D9iEHPdMYal3QIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFLNSsmeUf+aA6fSyDv/0zCHtgAb6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvczFLeVo1Ul81b0RwOUxJT19fVE1JZTJBQnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAEl
i4ADBAAtDP0DBAAtQuYDBAAtUScDBAAtUfMDBAAtWEMDBAAti2kDBAFPbj4DBABQ
TDMDBABUFawDBABUNjIwDAMEAlUfLAMEAFUfLgMEAFXZkAMEAFd53QMEAF6coQME
AF/WGwMEAW3O8AMEAG3O8wMEALnYRAMEALnYRzAMAwQAueFJAwQAueFKAwQBufbc
AwQAufyyAwQAuf4lAwQBwSogAwQAwS89AwQAwje6AwQAwjfgAwQBwrQwAwQA1FfM
MA0GCSqGSIb3DQEBCwUAA4IBAQBFUTalHzPb1HEk1Kk/+xxkFu+x7LJlCCE97W0P
jN2ueYIhIUuNQEIQ1Z131UmwzLbWt/+p+RAtOrWQWmpqGpr2Vn78RxZhoN1cRMaX
LgIhmhTPnSfnSrbrNn9Ri0ZuFuxJfb9K9M6j4sr1Raa+Rdk91oRftjlqISDVoApY
i2g9/O/JAFvohWmztYJoQumUG5XJO1CWSRG3xC1yXPK8G2QKBqxt7swEmuR5b6IC
wpqtd2U1+mMia8muUltochX3WXC/IdNwCmpF8m+kXXm6XMUZIFDMyG2WRlmnSFMW
Lk25TRHfBCc1lhp56ZXUQFUE9nq57hEAqHtpu1I9vgCw8nRz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org