Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/50wT9WOmEfOlL8eY45NmbowxcYs.roa
File: 50wT9WOmEfOlL8eY45NmbowxcYs.roa (raw, json)
Hash identifier: h7/SmygNd7rDAuaoLlSIycvjJ2KFpXGcQFNymPuB1TM=
Subject key identifier: E7:4C:13:F5:63:A6:11:F3:A5:2F:C7:98:E3:93:66:6E:8C:31:71:8B
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 0184853EED18D5101FA56828CA3AB1E8EBB2
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/50wT9WOmEfOlL8eY45NmbowxcYs.roa
Signing time: Thu 17 Nov 2022 11:00:04 +0000
ROA not before: Thu 17 Nov 2022 11:00:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/19 maxlen: 19
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.96.0/19 maxlen: 19
194.148.0.0/18 maxlen: 18
194.148.0.0/16 maxlen: 16
195.15.0.0/17 maxlen: 17
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:3e:ed:18:d5:10:1f:a5:68:28:ca:3a:b1:e8:eb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Nov 17 11:00:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e74c13f563a611f3a52fc798e393666e8c31718b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f0:29:5e:00:0f:eb:b4:be:cd:24:23:b8:91:
ee:b6:fe:22:88:3d:b6:3f:68:3f:b1:98:f9:08:57:
54:c4:5d:11:6e:bb:7a:45:5e:64:a0:82:18:8c:59:
f9:8c:68:1d:ff:19:f0:1c:c9:8e:a3:46:ec:53:c6:
42:0d:4c:d9:67:dc:de:1d:b6:39:9d:5b:51:3a:1b:
6b:52:07:06:20:23:28:58:dd:9e:16:62:7c:84:5e:
b4:24:78:07:1d:97:48:da:98:b7:2f:58:ed:53:3d:
cf:de:8f:f3:7e:de:cf:af:75:04:35:ed:ad:1e:4e:
00:6c:b1:c6:1c:22:74:a5:52:c3:5a:21:15:ef:c4:
cc:da:e4:2e:a3:9a:b5:27:32:c0:d1:5b:5e:3e:67:
5b:68:fc:83:42:3e:49:ea:3e:11:3d:2e:6b:2a:cf:
2a:ae:95:84:79:bb:8c:d1:19:08:d7:b3:89:8e:ed:
a2:61:7b:8e:91:9e:17:bc:2c:3a:d4:00:4f:cd:ed:
92:24:c3:6d:84:ce:fc:9d:e9:5d:a8:12:49:c1:af:
05:17:a7:51:32:0a:46:78:5d:84:4c:e8:4b:cc:00:
d1:25:46:dd:11:21:4e:e2:f9:a5:e9:aa:60:96:3b:
d6:bf:17:11:ed:be:50:2d:0f:44:a9:76:fb:29:8b:
03:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4C:13:F5:63:A6:11:F3:A5:2F:C7:98:E3:93:66:6E:8C:31:71:8B
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/50wT9WOmEfOlL8eY45NmbowxcYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.0.0/16
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
2e:c9:b5:39:56:c5:7e:76:15:6d:86:09:c0:e1:b8:06:8a:80:
a5:bf:a7:63:61:a4:b1:2e:21:f3:5a:df:1e:24:88:ee:bd:6e:
a4:d5:e2:97:a6:fd:85:71:86:a7:28:28:9c:a5:86:08:c8:f9:
8d:34:ee:40:8b:7c:0e:ba:4d:30:08:76:9a:3b:67:9c:b8:8d:
7c:7e:3f:9a:b4:73:ed:e5:13:9a:32:22:0c:52:24:db:71:48:
f2:ca:b3:d6:58:82:ad:dd:25:5d:52:2b:66:4c:60:70:3f:e3:
a3:e1:01:a4:5f:9a:fe:59:55:a2:c1:4d:da:9e:d1:f3:61:d6:
07:c5:22:8d:fc:34:4b:b1:18:c2:db:75:bc:8e:eb:8f:2c:88:
e1:64:f1:03:46:b1:b7:66:f6:84:86:2d:35:ed:a3:8d:7f:07:
2a:13:70:8a:2b:38:2e:ec:d9:ed:55:69:c7:66:b0:f3:79:56:
c8:54:50:18:b2:57:38:01:31:57:de:31:c8:18:a5:b2:ab:b7:
c0:c8:e4:7a:e3:57:aa:ac:d1:bc:06:06:f3:de:b6:3f:88:34:
cd:7c:de:3c:6a:15:32:95:b9:03:0c:f6:80:eb:2a:c6:0a:a0:
c2:12:49:3e:0a:05:67:ff:3e:53:8c:f8:c3:e4:50:f1:64:36:
82:c8:81:94
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYSFPu0Y1RAfpWgoyjqx6OuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjIxMTE3MTEwMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRjMTNmNTYzYTYxMWYzYTUyZmM3OThlMzkzNjY2ZThjMzE3MThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/ApXgAP67S+zSQjuJHutv4iiD22
P2g/sZj5CFdUxF0Rbrt6RV5koIIYjFn5jGgd/xnwHMmOo0bsU8ZCDUzZZ9zeHbY5
nVtROhtrUgcGICMoWN2eFmJ8hF60JHgHHZdI2pi3L1jtUz3P3o/zft7Pr3UENe2t
Hk4AbLHGHCJ0pVLDWiEV78TM2uQuo5q1JzLA0VtePmdbaPyDQj5J6j4RPS5rKs8q
rpWEebuM0RkI17OJju2iYXuOkZ4XvCw61ABPze2SJMNthM78neldqBJJwa8FF6dR
MgpGeF2ETOhLzADRJUbdESFO4vml6apgljvWvxcR7b5QLQ9EqXb7KYsDjQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFOdME/VjphHzpS/HmOOTZm6MMXGLMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvNTB3VDlXT21FZk9sTDhlWTQ1Tm1ib3d4Y1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUgMEB1PkgAME
ArmFHAMEBcImQAMEBcImoAMDAMKUAwQHww8AAwQF1ByAAwQF1CgAAwQF1G1AAwQH
1JMAAwQH1OiAAwMA1P4DBAPVBZgDBAXVogAwFAQCAAIwDgMFACABTHgDBQAqA6Ng
MA0GCSqGSIb3DQEBCwUAA4IBAQAuybU5VsV+dhVthgnA4bgGioClv6djYaSxLiHz
Wt8eJIjuvW6k1eKXpv2FcYanKCicpYYIyPmNNO5Ai3wOuk0wCHaaO2ecuI18fj+a
tHPt5ROaMiIMUiTbcUjyyrPWWIKt3SVdUitmTGBwP+Oj4QGkX5r+WVWiwU3antHz
YdYHxSKN/DRLsRjC23W8juuPLIjhZPEDRrG3ZvaEhi017aONfwcqE3CKKzgu7Nnt
VWnHZrDzeVbIVFAYslc4ATFX3jHIGKWyq7fAyOR641eqrNG8Bgbz3rY/iDTNfN48
ahUylbkDDPaA6yrGCqDCEkk+CgVn/z5TjPjD5FDxZDaCyIGU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:19 2023 by rpki-client on console-ams.rpki-client.org