Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vxh7I2OtjPIJF622qHIl_ytv0F8.roa
File: vxh7I2OtjPIJF622qHIl_ytv0F8.roa (raw, json)
Hash identifier: ZCegm9vLpEJwVeM5S6+YkzlVpa6WOA3HSwTZk17QUyo=
Subject key identifier: BF:18:7B:23:63:AD:8C:F2:09:17:AD:B6:A8:72:25:FF:2B:6F:D0:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E54ADD7D6E8030583F68232EBD412619
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vxh7I2OtjPIJF622qHIl_ytv0F8.roa
Signing time: Mon 17 Oct 2022 09:33:52 +0000
ROA not before: Mon 17 Oct 2022 09:33:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8866
IP address blocks: 87.120.192.0/23 maxlen: 23
94.156.131.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
94.156.234.0/23 maxlen: 24
94.156.238.0/24 maxlen: 24
94.156.236.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.72.0/21 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
31.13.252.0/22 maxlen: 22
93.123.119.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:4a:dd:7d:6e:80:30:58:3f:68:23:2e:bd:41:26:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 09:33:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf187b2363ad8cf20917adb6a87225ff2b6fd05f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:e9:2e:83:6c:97:50:f1:05:83:c4:b2:00:
c4:56:4f:6a:84:50:24:f6:95:4f:b4:9d:6b:34:37:
a6:20:34:07:a8:1f:5f:0f:fa:c7:3a:53:8b:6f:51:
32:d3:5b:85:f0:c9:cf:f6:94:19:6f:60:82:0f:91:
f1:74:63:58:2f:de:68:02:f1:2b:82:d2:76:59:66:
c7:7d:df:aa:5d:ba:e1:6f:f2:46:ed:c9:93:50:99:
88:86:84:18:e6:03:42:e5:4a:70:af:c5:73:91:b9:
60:10:ca:7b:b1:f3:83:1a:e7:9e:a4:10:83:7a:7c:
f6:17:4d:85:d2:34:22:1e:51:5d:92:db:df:e3:c1:
8f:5a:d6:0e:d7:f8:61:3f:c7:1c:c4:42:fe:93:c3:
6b:b4:05:b1:96:17:1a:80:ee:46:73:5e:e9:cd:fd:
10:c4:de:ad:81:7f:0d:88:1c:a3:3e:5d:1e:c1:94:
b2:8a:3b:4f:6e:cf:cf:86:24:25:41:5a:46:ec:f2:
86:43:55:6c:fb:71:ae:ba:de:20:83:d3:ba:00:fa:
d5:b6:05:82:07:f7:20:7e:bf:9e:c9:d4:c7:98:a8:
b2:bd:08:18:79:4b:c2:8b:01:d5:a5:40:e6:e6:b8:
ae:56:86:3a:98:77:9f:bd:ea:65:75:d3:95:e3:cf:
91:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:18:7B:23:63:AD:8C:F2:09:17:AD:B6:A8:72:25:FF:2B:6F:D0:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vxh7I2OtjPIJF622qHIl_ytv0F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.192.0/23
87.121.38.0/24
87.121.100.0/23
87.121.104.0/23
87.121.146.0/23
93.123.85.0-93.123.95.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.131.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.234.0-94.156.239.255
Signature Algorithm: sha256WithRSAEncryption
5f:65:75:42:e9:02:14:49:82:ed:7f:44:5a:5e:be:c9:0c:f5:
52:25:1f:f7:8f:06:ef:73:fe:ef:fd:7a:cc:9d:bb:78:f5:37:
a4:87:9c:92:26:8d:bf:cd:9b:d7:d6:53:ab:84:af:49:fe:73:
a5:03:10:3b:0e:65:ca:77:48:04:ac:36:63:b7:62:53:13:8c:
dd:90:e2:95:17:a3:d3:70:7b:d4:b9:ee:2d:df:66:0b:72:8a:
1c:86:c8:a0:b7:90:20:2a:d9:4e:5d:86:f9:ca:f8:f4:7f:54:
7a:61:9c:55:72:bb:8a:7b:7a:82:7b:82:e0:9d:92:21:8f:7a:
03:f4:09:5f:3e:ef:a3:ac:82:bf:1d:9c:75:0e:b4:ac:05:61:
9c:4e:28:70:8f:1f:b3:d8:cb:28:91:39:77:97:29:3a:e9:c1:
e2:fd:ae:f8:a1:5b:81:94:0f:4d:dc:d0:05:a0:d3:a0:c7:b8:
fe:b9:fe:43:de:ec:a5:12:75:42:aa:4f:a6:a0:c0:33:b7:7b:
2b:bd:31:9a:33:9f:fe:77:39:7a:fb:9d:e1:da:70:dd:5b:d7:
b4:9c:79:51:6c:f1:8e:19:8b:c9:bc:46:e3:c7:6f:8b:20:be:
bb:f8:7f:bb:58:5f:56:74:4f:74:7c:8e:2d:da:28:54:c3:eb:
e7:25:a4:63
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYPlSt19boAwWD9oIy69QSYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MDkzMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjE4N2IyMzYzYWQ4Y2YyMDkxN2FkYjZhODcyMjVmZjJiNmZkMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJDpLoNsl1DxBYPEsgDEVk9qhFAk
9pVPtJ1rNDemIDQHqB9fD/rHOlOLb1Ey01uF8MnP9pQZb2CCD5HxdGNYL95oAvEr
gtJ2WWbHfd+qXbrhb/JG7cmTUJmIhoQY5gNC5Upwr8VzkblgEMp7sfODGueepBCD
enz2F02F0jQiHlFdktvf48GPWtYO1/hhP8ccxEL+k8NrtAWxlhcagO5Gc17pzf0Q
xN6tgX8NiByjPl0ewZSyijtPbs/PhiQlQVpG7PKGQ1Vs+3Guut4gg9O6APrVtgWC
B/cgfr+eydTHmKiyvQgYeUvCiwHVpUDm5riuVoY6mHefveplddOV48+RfQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFL8YeyNjrYzyCRettqhyJf8rb9BfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdnhoN0kyT3RqUElKRjYyMnFISWxfeXR2MEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAIf
DfwDBAFXeC4DBAFXeEADBAFXeEQDBANXeEgDBAFXeFgDBAFXeGADBAFXeMADBABX
eSYDBAFXeWQDBAFXeWgDBAFXeZIwDAMEAF17VQMEBV17QDAMAwQEXXtwAwQBXXt0
AwQAXXt3AwQAXpyDMAwDBAFenJoDBAFenJwDBAFenKADBAFenKgwDAMEBF6csAME
AV6ctDAMAwQBXpzqAwQEXpzgMA0GCSqGSIb3DQEBCwUAA4IBAQBfZXVC6QIUSYLt
f0RaXr7JDPVSJR/3jwbvc/7v/XrMnbt49Tekh5ySJo2/zZvX1lOrhK9J/nOlAxA7
DmXKd0gErDZjt2JTE4zdkOKVF6PTcHvUue4t32YLcoochsigt5AgKtlOXYb5yvj0
f1R6YZxVcruKe3qCe4LgnZIhj3oD9AlfPu+jrIK/HZx1DrSsBWGcTihwjx+z2Mso
kTl3lyk66cHi/a74oVuBlA9N3NAFoNOgx7j+uf5D3uylEnVCqk+moMAzt3srvTGa
M5/+dzl6+53h2nDdW9e0nHlRbPGOGYvJvEbjx2+LIL67+H+7WF9WdE90fI4t2ihU
w+vnJaRj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org