Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZmU35YJr2OYkD88LW0zhJiwdcQ.roa
File: vZmU35YJr2OYkD88LW0zhJiwdcQ.roa (raw, json)
Hash identifier: EFQhj06DiyPKinvVbEW2tRPYSmM6YPQXY5+pHin6DSk=
Subject key identifier: BD:99:94:DF:96:09:AF:63:98:90:3F:3C:2D:6D:33:84:98:B0:75:C4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188330EEA2F6FC3368C80AE1A553440DA93
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZmU35YJr2OYkD88LW0zhJiwdcQ.roa
Signing time: Fri 19 May 2023 08:09:55 +0000
ROA not before: Fri 19 May 2023 08:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 45.81.243.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
45.139.105.0/24 maxlen: 24
185.225.74.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
212.87.204.0/24 maxlen: 24
95.214.27.0/24 maxlen: 24
84.54.50.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
94.156.161.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:0e:ea:2f:6f:c3:36:8c:80:ae:1a:55:34:40:da:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 08:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd9994df9609af6398903f3c2d6d338498b075c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:40:63:fb:b2:ee:39:d3:50:ad:29:84:21:
4f:a1:71:e7:7c:69:ac:d2:42:dd:9f:72:a0:1b:ad:
b7:44:35:12:a9:6e:45:fc:a4:1b:e1:e0:76:14:a5:
f9:70:ce:86:e8:8b:49:70:3d:b2:dc:78:57:96:10:
9e:d9:5d:0f:c3:a6:a6:96:32:a0:c0:62:32:44:82:
63:b4:db:88:51:39:14:c1:91:10:e8:8e:3e:04:a0:
54:db:3a:6f:70:22:02:c4:ea:67:b5:38:7c:11:3b:
48:8f:22:69:76:69:de:56:47:9c:88:6f:b6:69:6a:
b2:28:39:1d:54:1a:28:98:85:bf:a2:1b:98:55:50:
ad:d6:48:b3:e8:24:4d:f8:69:73:d1:cf:f1:61:2c:
35:d9:c5:02:66:66:b3:c5:a4:7b:47:bc:9d:20:c9:
a6:f2:d2:de:d6:d2:08:f2:67:f5:fd:25:7d:92:b8:
44:76:9c:0e:55:a3:84:24:38:b7:81:79:02:8f:49:
0c:50:29:79:65:20:62:6d:af:15:90:85:06:1e:c6:
a5:7d:33:9f:43:48:27:aa:7e:2c:b6:50:cf:91:fe:
f4:cf:b5:4b:3d:cf:6a:67:f2:73:fa:6d:ae:57:11:
e4:9b:f8:61:a7:4c:69:24:ba:dd:17:e5:0d:a0:2e:
f7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:99:94:DF:96:09:AF:63:98:90:3F:3C:2D:6D:33:84:98:B0:75:C4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vZmU35YJr2OYkD88LW0zhJiwdcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
45.12.253.0/24
45.66.230.0/24
45.81.39.0/24
45.81.243.0/24
45.88.67.0/24
45.139.105.0/24
45.149.235.0/24
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
84.54.50.0/24
85.31.44.0-85.31.46.255
85.217.144.0/24
87.121.221.0/24
94.156.161.0/24
95.214.27.0/24
109.206.240.0/23
109.206.243.0/24
185.216.71.0/24
185.225.73.0-185.225.74.255
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.42.32.0/23
193.47.61.0/24
194.55.186.0/24
194.55.224.0/24
194.180.48.0/23
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:79:b4:ba:68:26:6e:74:d3:f4:c3:0e:bb:42:11:b0:6b:d3:
64:76:bf:51:4f:85:8a:13:92:72:9d:18:00:2e:cb:43:26:36:
0b:a0:55:ad:7f:21:ea:1d:20:e1:fa:a7:18:e2:b2:6b:1b:2f:
7b:d3:a8:18:8c:dd:56:ee:b5:77:1c:ad:0b:cf:a1:f7:c9:b4:
4f:67:05:ce:a5:81:32:f2:fd:a5:a4:5a:18:03:d9:17:2f:a4:
7c:1a:a1:47:bd:30:ce:e2:22:20:39:15:81:18:07:cf:ef:bb:
3f:1d:b1:f0:ee:cb:56:32:08:4e:6e:1f:d4:69:52:17:52:dd:
a8:b0:91:93:0a:13:2e:d9:ca:f6:80:c2:1f:e0:da:a3:f1:8d:
d2:be:59:ab:72:d3:64:de:1c:96:e1:90:f0:e0:26:27:39:70:
a0:43:36:af:3d:bc:b6:54:4e:6b:b2:ba:07:20:a9:ef:9c:a0:
a0:6d:46:f4:d2:fe:29:67:6f:b9:83:b3:21:83:03:a1:ae:d4:
a7:7a:88:a6:2a:8d:60:8a:ce:ab:df:1d:fc:0f:24:1d:a3:be:
c3:5b:a7:f9:e8:82:44:22:20:c5:f6:a6:01:f4:8a:2b:c7:9e:
68:cc:3e:93:4f:a4:01:ad:a4:d4:63:e1:8d:9c:77:7d:82:84:
78:b4:d5:d0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYgzDuovb8M2jICuGlU0QNqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk5OTRkZjk2MDlhZjYzOTg5MDNmM2MyZDZkMzM4NDk4YjA3NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI5AY/uy7jnTUK0phCFPoXHnfGms
0kLdn3KgG623RDUSqW5F/KQb4eB2FKX5cM6G6ItJcD2y3HhXlhCe2V0Pw6amljKg
wGIyRIJjtNuIUTkUwZEQ6I4+BKBU2zpvcCICxOpntTh8ETtIjyJpdmneVkeciG+2
aWqyKDkdVBoomIW/ohuYVVCt1kiz6CRN+Glz0c/xYSw12cUCZmazxaR7R7ydIMmm
8tLe1tII8mf1/SV9krhEdpwOVaOEJDi3gXkCj0kMUCl5ZSBiba8VkIUGHsalfTOf
Q0gnqn4stlDPkf70z7VLPc9qZ/Jz+m2uVxHkm/hhp0xpJLrdF+UNoC73jQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFL2ZlN+WCa9jmJA/PC1tM4SYsHXEMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdlptVTM1WUpyMk9Za0Q4OExXMHpoSml3ZGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAEl
i4ADBAAtDP0DBAAtQuYDBAAtUScDBAAtUfMDBAAtWEMDBAAti2kDBAAtlesDBAFP
bj4DBABQTDMDBABUFawDBABUNjIwDAMEAlUfLAMEAFUfLgMEAFXZkAMEAFd53QME
AF6coQMEAF/WGwMEAW3O8AMEAG3O8wMEALnYRzAMAwQAueFJAwQAueFKAwQBufbc
AwQAufyyAwQAuf4lAwQBwSogAwQAwS89AwQAwje6AwQAwjfgAwQBwrQwAwQA1FfM
MA0GCSqGSIb3DQEBCwUAA4IBAQCfebS6aCZudNP0ww67QhGwa9Nkdr9RT4WKE5Jy
nRgALstDJjYLoFWtfyHqHSDh+qcY4rJrGy9706gYjN1W7rV3HK0Lz6H3ybRPZwXO
pYEy8v2lpFoYA9kXL6R8GqFHvTDO4iIgORWBGAfP77s/HbHw7stWMghObh/UaVIX
Ut2osJGTChMu2cr2gMIf4Nqj8Y3SvlmrctNk3hyW4ZDw4CYnOXCgQzavPby2VE5r
sroHIKnvnKCgbUb00v4pZ2+5g7MhgwOhrtSneoimKo1gis6r3x38DyQdo77DW6f5
6IJEIiDF9qYB9Iorx55ozD6TT6QBraTUY+GNnHd9goR4tNXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org