Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/Wyfvxv_894lLV5FT8VMVOz_Wcy8.roa
File: Wyfvxv_894lLV5FT8VMVOz_Wcy8.roa (raw, json)
Hash identifier: OoHf0QPkKX1jH5K8xCwICeUjmdXdoQfiytFPVirPTzU=
Subject key identifier: 5B:27:EF:C6:FF:FC:F7:89:4B:57:91:53:F1:53:15:3B:3F:D6:73:2F
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 07FC549D
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/Wyfvxv_894lLV5FT8VMVOz_Wcy8.roa
Signing time: Wed 20 Apr 2022 13:36:55 +0000
ROA not before: Wed 20 Apr 2022 13:36:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12350
IP address blocks: 83.228.128.0/17 maxlen: 17
213.162.0.0/19 maxlen: 19
194.38.64.0/21 maxlen: 21
194.38.72.0/23 maxlen: 23
185.133.28.0/22 maxlen: 22
212.232.128.0/17 maxlen: 17
194.148.0.0/16 maxlen: 16
195.15.0.0/17 maxlen: 17
212.28.128.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
212.147.79.0/24 maxlen: 24
212.40.0.0/19 maxlen: 19
194.38.91.0/24 maxlen: 24
194.38.92.0/22 maxlen: 22
212.147.0.0/17 maxlen: 17
213.5.152.0/21 maxlen: 21
212.254.0.0/16 maxlen: 16
212.109.64.0/19 maxlen: 19
2a03:a360::/32 maxlen: 32
2001:4c78::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133977245 (0x7fc549d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Apr 20 13:36:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b27efc6fffcf7894b579153f153153b3fd6732f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3c:b0:84:04:b2:ca:55:aa:64:2a:1b:49:97:
86:bd:06:cb:9b:ad:dd:44:38:fd:0f:0a:b7:dd:af:
b1:ad:00:7a:e2:e1:56:4c:ac:94:35:7b:04:d1:cf:
5f:20:3a:82:cd:f3:09:d3:0d:6b:40:0c:1f:5b:0b:
b4:ec:df:36:f7:b3:b0:58:e8:55:f5:db:55:b7:f1:
78:61:ac:89:cd:b6:28:b5:4b:a0:16:68:36:c6:1a:
54:2f:9d:2b:db:b5:8e:2a:55:f0:2c:1c:11:92:48:
07:4b:9f:16:e2:1c:41:0a:d8:70:a5:ae:f3:e2:0d:
2b:b2:1c:04:b5:4c:88:13:d5:08:54:86:3b:55:6c:
8b:0d:66:16:8f:a2:c9:23:6e:7f:c7:31:d9:8a:bf:
83:9f:18:e6:54:d7:92:fd:cc:18:0b:57:98:2d:fa:
6c:17:71:3e:7b:92:ed:44:84:ae:da:08:f6:6f:6c:
56:a0:70:21:0b:6e:ba:12:16:ac:8a:57:87:4b:90:
8b:10:91:97:03:38:2e:ba:ec:03:37:b0:7d:e5:94:
f5:42:e0:c6:f2:e4:98:fe:32:bc:25:b2:61:d1:cc:
16:df:98:48:a8:ff:19:d1:59:e0:f0:5b:1c:66:78:
b9:a5:a3:98:2f:18:62:5f:11:41:8f:2d:54:4c:f1:
0c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:27:EF:C6:FF:FC:F7:89:4B:57:91:53:F1:53:15:3B:3F:D6:73:2F
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/Wyfvxv_894lLV5FT8VMVOz_Wcy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.128.0/17
185.133.28.0/22
194.38.64.0-194.38.73.255
194.38.91.0-194.38.95.255
194.38.160.0/19
194.148.0.0/16
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
22:9f:2f:88:01:78:9a:68:58:6c:50:ba:12:76:03:97:9d:82:
9b:b3:18:90:57:c4:61:75:cf:ac:cf:5e:10:f3:01:79:42:62:
86:58:e1:fb:9e:0b:d7:42:f3:f2:aa:3c:3f:0b:87:36:8d:33:
80:32:c4:bd:26:3b:47:d1:32:31:e2:69:26:6c:62:45:c4:19:
9c:3e:c2:e3:44:89:b4:65:07:88:e7:fd:32:96:4e:49:1f:5c:
64:c5:fb:ec:e7:80:49:2d:33:7d:c8:fc:d2:fb:f3:76:49:12:
58:26:aa:fd:25:e0:e4:dc:79:6d:f0:25:04:22:3a:d6:ef:26:
59:4a:89:d3:0f:13:26:07:d6:12:a1:f1:42:98:a9:96:5b:84:
1b:c9:d3:d6:af:ea:3d:97:2a:61:33:4d:9d:74:6e:4f:a3:67:
e9:e8:38:65:da:da:be:ca:2f:23:62:60:91:04:e9:db:8e:22:
bb:ed:b7:f6:69:7c:a3:d2:76:0f:e5:b0:48:a7:35:c2:f8:ea:
db:ed:9e:7f:b7:25:fc:24:6f:ed:20:5e:2d:74:7d:40:6e:95:
f2:5e:2d:18:5b:53:6d:00:36:00:d0:15:79:f0:cd:5a:61:42:
30:ef:34:3b:2d:6b:ee:26:51:c6:91:ab:6d:df:2e:e5:0a:43:
68:e4:9e:f6
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIEB/xUnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjczOWQyMTNhNDM4ZjY3OGIzMjJhOGY4Zjg0ZTJkOGM3ODE0YWNhMB4XDTIyMDQy
MDEzMzY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWIyN2VmYzZmZmZj
Zjc4OTRiNTc5MTUzZjE1MzE1M2IzZmQ2NzMyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQ8sIQEsspVqmQqG0mXhr0Gy5ut3UQ4/Q8Kt92vsa0AeuLh
VkyslDV7BNHPXyA6gs3zCdMNa0AMH1sLtOzfNvezsFjoVfXbVbfxeGGsic22KLVL
oBZoNsYaVC+dK9u1jipV8CwcEZJIB0ufFuIcQQrYcKWu8+INK7IcBLVMiBPVCFSG
O1Vsiw1mFo+iySNuf8cx2Yq/g58Y5lTXkv3MGAtXmC36bBdxPnuS7USErtoI9m9s
VqBwIQtuuhIWrIpXh0uQixCRlwM4LrrsAzewfeWU9ULgxvLkmP4yvCWyYdHMFt+Y
SKj/GdFZ4PBbHGZ4uaWjmC8YYl8RQY8tVEzxDL0CAwEAAaOCAoQwggKAMB0GA1Ud
DgQWBBRbJ+/G//z3iUtXkVPxUxU7P9ZzLzAfBgNVHSMEGDAWgBQfc50hOkOPZ4sy
Ko+PhOLYx4FKyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gzT2RJVHBEajJlTE1pcVBqNFRpMk1lQlNzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvODFiYzk1LTE0NDQtNDA4YS05MmYxLTM5MmUwNWE4NDI3Ny8x
L1d5ZnZ4dl84OTRsTFY1RlQ4Vk1WT3pfV2N5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ODFiYzk1LTE0NDQtNDA4YS05MmYxLTM5MmUwNWE4NDI3Ny8xL0gzT2RJVHBEajJl
TE1pcVBqNFRpMk1lQlNzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mQYIKwYBBQUHAQcBAf8EgYkwgYYwbgQCAAEwaAMEB1PkgAMEArmFHDAMAwQGwiZA
AwQBwiZIMAwDBADCJlsDBAXCJkADBAXCJqADAwDClAMEB8MPAAMEBdQcgAMEBdQo
AAMEBdRtQAMEB9STAAMEB9TogAMDANT+AwQD1QWYAwQF1aIAMBQEAgACMA4DBQAg
AUx4AwUAKgOjYDANBgkqhkiG9w0BAQsFAAOCAQEAIp8viAF4mmhYbFC6EnYDl52C
m7MYkFfEYXXPrM9eEPMBeUJihljh+54L10Lz8qo8PwuHNo0zgDLEvSY7R9EyMeJp
JmxiRcQZnD7C40SJtGUHiOf9MpZOSR9cZMX77OeASS0zfcj80vvzdkkSWCaq/SXg
5Nx5bfAlBCI61u8mWUqJ0w8TJgfWEqHxQpiplluEG8nT1q/qPZcqYTNNnXRuT6Nn
6eg4ZdravsovI2JgkQTp244iu+239ml8o9J2D+WwSKc1wvjq2+2ef7cl/CRv7SBe
LXR9QG6V8l4tGFtTbQA2ANAVefDNWmFCMO80Oy1r7iZRxpGrbd8u5QpDaOSe9g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:37 2023 by rpki-client on console-fra.rpki-client.org