Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTXP9yf7uDI9r2l9_Z_2Iv-HfVk.roa
File: tTXP9yf7uDI9r2l9_Z_2Iv-HfVk.roa (raw, json)
Hash identifier: 0SNq5K7u67WWmP24PQYsg+gNmf800JVrQO6DkwGcg5Q=
Subject key identifier: B5:35:CF:F7:27:FB:B8:32:3D:AF:69:7D:FD:9F:F6:22:FF:87:7D:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E43AEF7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTXP9yf7uDI9r2l9_Z_2Iv-HfVk.roa
Signing time: Wed 04 May 2022 06:05:17 +0000
ROA not before: Wed 04 May 2022 06:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 507752183 (0x1e43aef7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 4 06:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b535cff727fbb8323daf697dfd9ff622ff877d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:28:42:74:39:37:a5:17:bd:2e:c4:bf:e5:3a:
4c:49:05:eb:90:c5:6e:6b:e7:4d:8b:2d:2f:8e:52:
4b:72:77:f7:2e:2c:b0:74:97:4f:bc:e2:c1:2c:49:
f9:9d:58:3f:79:6d:e7:a2:20:7d:d3:44:9b:af:f4:
f9:c8:d8:a3:9e:8b:c4:fe:0a:c5:88:32:1b:e9:ad:
2f:2c:b8:f2:7a:91:d7:5e:35:00:70:f2:ad:93:3c:
59:d2:25:ea:9e:3c:19:3d:7d:a2:99:1b:0a:6b:7c:
d7:b3:95:6a:dd:ed:bf:90:f5:27:58:5e:62:ce:2d:
85:0c:34:f8:aa:8e:45:6f:01:e6:75:15:52:d9:e6:
6a:1e:55:c8:d3:82:ba:14:25:64:48:f1:59:f4:f7:
66:b5:6d:37:fe:4e:a5:94:30:ac:82:5a:b6:0f:56:
a0:12:a3:29:f5:03:02:c1:0d:4c:54:ce:88:cf:84:
a2:62:2c:59:f4:59:9d:ff:f1:18:9e:29:ae:5f:fe:
ef:2b:38:9f:d1:2a:17:1a:3b:74:67:b4:f1:8c:f1:
7a:97:68:0f:95:a8:e8:88:06:00:49:9c:c3:cb:4c:
06:30:59:8d:22:4f:3c:6b:15:2e:12:40:5e:30:de:
2c:f3:d3:96:fe:19:a7:04:92:00:67:3c:2f:2a:8c:
69:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:35:CF:F7:27:FB:B8:32:3D:AF:69:7D:FD:9F:F6:22:FF:87:7D:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTXP9yf7uDI9r2l9_Z_2Iv-HfVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/22
83.219.96.0/22
178.215.224.0/22
185.252.176.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/22
194.55.184.0/23
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b7:b8:44:fb:0f:01:35:5e:7e:4d:7e:13:9a:56:f5:36:20:
df:fe:d8:30:84:b5:df:dc:8e:79:d9:b6:3f:1d:98:a1:3e:41:
9a:be:26:d6:5a:85:74:58:eb:c6:c8:18:4d:b9:d6:b1:ea:23:
f1:3b:aa:1b:a9:78:ce:b6:42:b6:ea:83:b7:67:c7:49:29:b6:
38:a0:23:cc:8e:da:99:50:12:a9:b2:64:5f:2a:26:01:19:ed:
79:62:ab:4c:62:52:6a:ac:ea:b0:6f:17:e6:28:63:d1:ec:69:
df:56:fa:74:09:e1:75:ad:f1:d4:e3:1e:eb:88:b2:c3:5c:96:
61:99:fc:e3:cd:5c:40:c4:4a:58:6f:d8:ad:8d:e7:db:73:ca:
17:a5:dc:8e:b1:83:36:37:7b:25:95:f4:c8:00:15:10:ba:a3:
43:b3:96:43:c9:c3:6d:49:d9:41:5f:6a:41:16:11:7a:43:e8:
2b:b8:3f:e2:a1:ca:8c:3c:af:ab:ef:a9:25:8c:8d:bb:78:8c:
a1:9a:21:db:fe:bd:11:ce:43:c1:e6:f3:e9:c4:1a:c2:35:57:
56:fe:90:d5:5e:1d:65:bf:20:fe:70:7b:8b:36:b5:09:ab:f8:
91:e5:28:90:d4:bc:06:84:61:0d:ae:28:b8:06:a3:cf:56:17:
20:ca:15:df
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEHkOu9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUw
NDA2MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUzNWNmZjcyN2Zi
YjgzMjNkYWY2OTdkZmQ5ZmY2MjJmZjg3N2Q1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUoQnQ5N6UXvS7Ev+U6TEkF65DFbmvnTYstL45SS3J39y4s
sHSXT7ziwSxJ+Z1YP3lt56IgfdNEm6/0+cjYo56LxP4KxYgyG+mtLyy48nqR1141
AHDyrZM8WdIl6p48GT19opkbCmt817OVat3tv5D1J1heYs4thQw0+KqORW8B5nUV
Utnmah5VyNOCuhQlZEjxWfT3ZrVtN/5OpZQwrIJatg9WoBKjKfUDAsENTFTOiM+E
omIsWfRZnf/xGJ4prl/+7ys4n9EqFxo7dGe08YzxepdoD5Wo6IgGAEmcw8tMBjBZ
jSJPPGsVLhJAXjDeLPPTlv4ZpwSSAGc8LyqMaVcCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBS1Nc/3J/u4Mj2vaX39n/Yi/4d9WTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L3RUWFA5eWY3dURJOXIybDlfWl8ySXYtSGZWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEASWLggMEAk9uMAMEAlPbYAMEArLX
4AMEALn8sAMEAMEvPAMEAcEvPgMEAsIw+AMEAcI3uAMEAMI3uzANBgkqhkiG9w0B
AQsFAAOCAQEAmLe4RPsPATVefk1+E5pW9TYg3/7YMIS139yOedm2Px2YoT5Bmr4m
1lqFdFjrxsgYTbnWseoj8TuqG6l4zrZCtuqDt2fHSSm2OKAjzI7amVASqbJkXyom
ARnteWKrTGJSaqzqsG8X5ihj0exp31b6dAnhda3x1OMe64iyw1yWYZn8481cQMRK
WG/YrY3n23PKF6XcjrGDNjd7JZX0yAAVELqjQ7OWQ8nDbUnZQV9qQRYRekPoK7g/
4qHKjDyvq++pJYyNu3iMoZoh2/69Ec5Dwebz6cQawjVXVv6Q1V4dZb8g/nB7iza1
Cav4keUokNS8BoRhDa4ouAajz1YXIMoV3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org