Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/w70DyPZFbR_YA8vIh2NGzGRIxmw.roa
File: w70DyPZFbR_YA8vIh2NGzGRIxmw.roa (raw, json)
Hash identifier: REalEY+z48HV3eC6vy0+hz2+2GwNIwb/68jlVMv4DiY=
Subject key identifier: C3:BD:03:C8:F6:45:6D:1F:D8:03:CB:C8:87:63:46:CC:64:48:C6:6C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184374D26C661A6F26B0FB761030B8E4B51
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/w70DyPZFbR_YA8vIh2NGzGRIxmw.roa
Signing time: Wed 02 Nov 2022 07:45:13 +0000
ROA not before: Wed 02 Nov 2022 07:45:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397423
IP address blocks: 212.87.206.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
92.249.51.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
109.206.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:4d:26:c6:61:a6:f2:6b:0f:b7:61:03:0b:8e:4b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 2 07:45:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3bd03c8f6456d1fd803cbc8876346cc6448c66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:89:95:f3:64:93:83:26:67:15:f0:14:a5:06:
fe:bb:46:4b:6c:2b:a6:ae:eb:02:96:ed:8b:8a:b3:
67:08:39:5f:f7:c7:be:3b:4a:f7:65:25:a9:3e:50:
40:0a:41:c7:c9:94:9b:7c:66:f8:62:bb:76:4a:2e:
6c:96:0b:e3:ae:2f:6a:ab:c2:75:89:24:57:74:4d:
74:c0:66:90:e6:b8:69:9d:13:37:dc:b2:60:f4:59:
8a:51:6e:4f:6f:ed:22:96:a5:ec:7a:a6:90:b0:7e:
57:ba:df:31:e4:7c:a6:67:79:95:07:7c:af:c8:4b:
87:a2:a5:37:cd:8f:b5:e9:7c:0a:99:98:8e:23:ce:
07:56:ea:10:ee:97:0f:be:03:a2:00:3c:75:56:f7:
66:7a:37:d1:e4:a9:bd:bc:f6:96:94:c7:35:0c:bc:
ff:6d:a7:93:81:8f:e1:4a:70:14:12:5c:83:4f:d9:
08:91:37:b1:75:c9:6f:b3:e5:d1:6b:d2:48:df:88:
53:16:61:b6:20:7f:73:31:53:84:6b:61:1e:c2:fa:
cd:3b:57:64:a4:1c:81:fd:04:cc:e6:a1:47:9d:55:
2a:fc:ec:2b:5a:56:07:84:22:04:78:78:32:2c:7e:
92:53:22:7e:73:32:49:17:dc:ed:8f:d6:ac:f6:55:
e6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BD:03:C8:F6:45:6D:1F:D8:03:CB:C8:87:63:46:CC:64:48:C6:6C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/w70DyPZFbR_YA8vIh2NGzGRIxmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.61.0/24
83.219.97.0/24
85.217.144.0/24
92.249.48.0/24
92.249.51.0/24
94.103.127.0/24
109.206.238.0/24
178.215.224.0/24
185.252.179.0/24
193.25.216.0/24
193.37.44.0/24
193.47.60.0/24
212.87.206.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:dc:28:d6:fa:df:db:7e:d4:b5:31:d7:b7:13:13:78:02:27:
22:37:06:fb:74:6d:89:99:fc:ac:6b:6b:83:84:a2:6c:b4:34:
7b:93:a7:6f:db:fa:54:c8:a5:33:cd:4c:fb:73:6d:9d:95:e3:
6c:49:c3:0b:60:4c:6e:0e:74:33:f0:56:d6:68:a2:5f:74:0f:
e7:0c:99:e3:b0:c1:cc:a2:55:47:e5:7a:e1:db:fd:83:d7:78:
6d:2a:25:b7:10:39:94:7c:82:98:cd:9f:4d:35:10:56:22:93:
ed:1c:93:e7:c6:70:c5:ac:30:98:eb:b3:b2:9d:85:da:0d:7a:
e3:ad:6d:7c:8a:ae:aa:5c:15:16:6b:f7:7a:bd:fd:d3:4f:7f:
50:d2:43:96:90:46:31:2f:84:6c:e2:f4:c2:ab:17:39:f8:9f:
eb:d8:db:06:b5:36:81:60:3d:bf:1b:3c:07:72:11:6f:5b:51:
ab:6e:52:cf:43:cb:4c:be:e2:c4:7e:22:d1:55:49:cb:6c:a8:
be:d2:60:2a:b8:93:14:59:bc:63:d5:6c:73:08:29:2b:25:3e:
41:78:0a:15:09:24:61:24:ac:5a:c8:96:8f:af:b1:2d:93:9f:
9a:94:e1:62:1e:63:de:7f:43:e2:eb:97:cd:77:55:39:75:f1:
b4:c5:fc:94
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYQ3TSbGYabyaw+3YQMLjktRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTAyMDc0NTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JkMDNjOGY2NDU2ZDFmZDgwM2NiYzg4NzYzNDZjYzY0NDhjNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4mV82STgyZnFfAUpQb+u0ZLbCum
rusClu2LirNnCDlf98e+O0r3ZSWpPlBACkHHyZSbfGb4Yrt2Si5slgvjri9qq8J1
iSRXdE10wGaQ5rhpnRM33LJg9FmKUW5Pb+0ilqXseqaQsH5Xut8x5HymZ3mVB3yv
yEuHoqU3zY+16XwKmZiOI84HVuoQ7pcPvgOiADx1VvdmejfR5Km9vPaWlMc1DLz/
baeTgY/hSnAUElyDT9kIkTexdclvs+XRa9JI34hTFmG2IH9zMVOEa2EewvrNO1dk
pByB/QTM5qFHnVUq/OwrWlYHhCIEeHgyLH6SUyJ+czJJF9ztj9as9lXm3QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMO9A8j2RW0f2APLyIdjRsxkSMZsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdzcwRHlQWkZiUl9ZQTh2SWgyTkd6R1JJeG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAT249AwQA
U9thAwQAVdmQAwQAXPkwAwQAXPkzAwQAXmd/AwQAbc7uAwQAstfgAwQAufyzAwQA
wRnYAwQAwSUsAwQAwS88AwQA1FfOMA0GCSqGSIb3DQEBCwUAA4IBAQBO3CjW+t/b
ftS1Mde3ExN4AiciNwb7dG2Jmfysa2uDhKJstDR7k6dv2/pUyKUzzUz7c22dleNs
ScMLYExuDnQz8FbWaKJfdA/nDJnjsMHMolVH5Xrh2/2D13htKiW3EDmUfIKYzZ9N
NRBWIpPtHJPnxnDFrDCY67OynYXaDXrjrW18iq6qXBUWa/d6vf3TT39Q0kOWkEYx
L4Rs4vTCqxc5+J/r2NsGtTaBYD2/GzwHchFvW1GrblLPQ8tMvuLEfiLRVUnLbKi+
0mAquJMUWbxj1WxzCCkrJT5BeAoVCSRhJKxayJaPr7Etk5+alOFiHmPef0Pi65fN
d1U5dfG0xfyU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org