Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/DIG9lFs-KA-8lWgS6ZJJ4mEWZWU.roa
File: DIG9lFs-KA-8lWgS6ZJJ4mEWZWU.roa (raw, json)
Hash identifier: RWAkVN49MTsnRPcMusT8Bf4aHH+2q9WJWkNRjjbN5b8=
Subject key identifier: 0C:81:BD:94:5B:3E:28:0F:BC:95:68:12:E9:92:49:E2:61:16:65:65
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 077B3F9C
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/DIG9lFs-KA-8lWgS6ZJJ4mEWZWU.roa
Signing time: Thu 24 Feb 2022 10:13:16 +0000
ROA not before: Thu 24 Feb 2022 10:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.150.252.0/22 maxlen: 32
45.134.76.0/22 maxlen: 32
170.245.40.0/22 maxlen: 32
185.46.116.0/22 maxlen: 32
194.48.164.0/22 maxlen: 32
168.205.72.0/22 maxlen: 32
193.201.248.0/22 maxlen: 32
95.181.216.0/22 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
45.136.8.0/22 maxlen: 32
193.19.207.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
63.141.34.0/23 maxlen: 32
31.223.188.0/23 maxlen: 32
150.107.200.0/22 maxlen: 32
185.202.28.0/22 maxlen: 32
185.75.208.0/22 maxlen: 32
185.28.180.0/22 maxlen: 32
45.143.68.0/22 maxlen: 32
45.139.232.0/22 maxlen: 32
103.225.200.0/22 maxlen: 32
185.253.68.0/22 maxlen: 32
194.76.108.0/23 maxlen: 32
188.68.0.0/22 maxlen: 32
194.76.120.0/23 maxlen: 32
45.66.48.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125517724 (0x77b3f9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Feb 24 10:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c81bd945b3e280fbc956812e99249e261166565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:95:7f:d4:2b:fc:c6:c1:ac:90:2b:46:c7:c5:
0c:65:7a:ee:16:96:6a:c1:9c:50:5d:45:cb:9b:83:
e6:a7:65:9f:7f:2e:d8:9f:c4:1a:80:db:5e:5b:f7:
ae:23:b9:e9:1f:68:d9:d2:74:66:82:d4:de:bd:c1:
4c:a6:32:c6:3d:31:fb:4e:b9:57:70:9f:85:fd:27:
ba:78:de:02:26:c3:8e:c9:35:f6:45:bf:fb:7b:bc:
3a:90:be:cc:73:bd:cc:c4:51:85:94:49:3b:06:eb:
6d:6f:50:f9:f1:ab:af:c9:d7:ae:2f:7d:2a:24:f2:
88:ce:d1:54:6a:7e:0c:f5:d0:99:4f:7f:77:b2:6e:
65:95:6c:c8:3f:c5:1a:d9:33:a3:7f:84:77:49:ed:
d0:70:2e:a3:ac:ce:3c:cc:a0:33:56:9b:83:c6:cc:
16:1c:6b:71:3b:97:37:e3:82:bb:ae:16:92:b5:b3:
e0:bc:dc:4b:a1:15:16:f2:18:2b:02:54:f4:fa:51:
c5:71:f9:79:ce:d4:53:47:d0:ea:80:e5:d8:e2:a1:
1a:ad:18:6a:e4:a2:a0:f5:c3:25:ff:1e:49:70:d1:
2b:71:3b:ea:77:e4:19:a7:03:18:39:2a:b6:6d:8b:
19:35:c3:52:42:86:cc:9c:1f:e1:c8:30:16:3b:c4:
f1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:81:BD:94:5B:3E:28:0F:BC:95:68:12:E9:92:49:E2:61:16:65:65
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/DIG9lFs-KA-8lWgS6ZJJ4mEWZWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.188.0/23
45.66.48.0/22
45.134.76.0/22
45.136.8.0/22
45.139.232.0/22
45.143.68.0/22
45.150.252.0/22
63.141.34.0-63.141.37.255
95.181.216.0/22
103.225.200.0/22
150.107.200.0/22
168.205.72.0/22
170.245.40.0/22
185.28.180.0/22
185.46.116.0/22
185.75.208.0/22
185.202.28.0/22
185.253.68.0/22
188.68.0.0/22
193.19.205.0-193.19.207.255
193.201.248.0/22
194.48.164.0/22
194.76.108.0/23
194.76.120.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:6a:71:ce:ee:8c:7c:eb:e5:ab:8b:71:24:4f:00:c5:7c:f8:
a7:a5:84:0f:df:cd:04:50:12:25:77:45:1a:0e:2b:5c:94:cf:
b1:f0:35:bb:4e:b2:75:31:87:4a:a0:03:ef:70:0c:de:c0:3c:
04:1a:42:86:ce:0c:60:ff:ac:80:0f:fa:e2:77:f6:32:88:77:
14:f4:8f:d3:e0:d6:02:dd:e8:61:14:09:7b:f4:39:17:8e:90:
63:b1:c8:6c:bd:a1:1e:58:07:e0:14:ea:ba:5f:6f:54:88:4f:
f5:a1:71:7c:16:4f:ce:6c:71:cf:f9:16:ea:f0:ca:f2:ed:9b:
7e:0d:90:ae:dc:1d:d1:1c:a8:3f:b9:42:8c:40:a4:0e:ac:77:
64:6e:56:4d:0f:08:c7:35:97:88:75:44:bc:9f:4b:be:a0:08:
76:e1:c6:6b:34:35:3b:0e:24:42:26:84:a3:e1:cf:59:4d:c0:
40:b4:75:a6:63:0f:12:29:ff:b5:0c:cd:f4:6a:44:ea:0f:24:
7d:4a:e2:4f:2f:f3:6d:ed:b0:16:04:10:0a:15:07:a1:cc:62:
6a:a0:02:8e:48:5c:f3:a3:2b:1f:eb:79:d2:7b:00:d8:91:0c:
5c:40:4e:fb:ad:d6:97:7a:c4:98:cf:47:89:95:b2:d2:00:5a:
47:7e:6d:8d
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIEB3s/nDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzAzYTJjYWYyOTgwMTlmYmQ2Njg2MjE1MTZjOGM2ZTFkMTBlODNjMB4XDTIyMDIy
NDEwMTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM4MWJkOTQ1YjNl
MjgwZmJjOTU2ODEyZTk5MjQ5ZTI2MTE2NjU2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeVf9Qr/MbBrJArRsfFDGV67haWasGcUF1Fy5uD5qdln38u
2J/EGoDbXlv3riO56R9o2dJ0ZoLU3r3BTKYyxj0x+065V3Cfhf0nunjeAibDjsk1
9kW/+3u8OpC+zHO9zMRRhZRJOwbrbW9Q+fGrr8nXri99KiTyiM7RVGp+DPXQmU9/
d7JuZZVsyD/FGtkzo3+Ed0nt0HAuo6zOPMygM1abg8bMFhxrcTuXN+OCu64WkrWz
4LzcS6EVFvIYKwJU9PpRxXH5ec7UU0fQ6oDl2OKhGq0YauSioPXDJf8eSXDRK3E7
6nfkGacDGDkqtm2LGTXDUkKGzJwf4cgwFjvE8dMCAwEAAaOCAqgwggKkMB0GA1Ud
DgQWBBQMgb2UWz4oD7yVaBLpkkniYRZlZTAfBgNVHSMEGDAWgBRsA6LK8pgBn71m
hiFRbIxuHRDoPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBT2l5dktZQVotOVpvWWhVV3lNYmgwUTZEdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8x
L0RJRzlsRnMtS0EtOGxXZ1M2WkpKNG1FV1pXVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8xL2JBT2l5dktZQVot
OVpvWWhVV3lNYmgwUTZEdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vQYIKwYBBQUHAQcBAf8Ega0wgaowgacEAgABMIGgAwQBH9+8AwQCLUIwAwQCLYZM
AwQCLYgIAwQCLYvoAwQCLY9EAwQCLZb8MAwDBAE/jSIDBAE/jSQDBAJftdgDBAJn
4cgDBAKWa8gDBAKozUgDBAKq9SgDBAK5HLQDBAK5LnQDBAK5S9ADBAK5yhwDBAK5
/UQDBAK8RAAwDAMEAMETzQMEBMETwAMEAsHJ+AMEAsIwpAMEAcJMbAMEAcJMeDAN
BgkqhkiG9w0BAQsFAAOCAQEAp2pxzu6MfOvlq4txJE8AxXz4p6WED9/NBFASJXdF
Gg4rXJTPsfA1u06ydTGHSqAD73AM3sA8BBpChs4MYP+sgA/64nf2Moh3FPSP0+DW
At3oYRQJe/Q5F46QY7HIbL2hHlgH4BTqul9vVIhP9aFxfBZPzmxxz/kW6vDK8u2b
fg2Qrtwd0RyoP7lCjECkDqx3ZG5WTQ8IxzWXiHVEvJ9LvqAIduHGazQ1Ow4kQiaE
o+HPWU3AQLR1pmMPEin/tQzN9GpE6g8kfUriTy/zbe2wFgQQChUHocxiaqACjkhc
86MrH+t50nsA2JEMXEBO+63Wl3rEmM9HiZWy0gBaR35tjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:29 2023 by rpki-client on console-ams.rpki-client.org