Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/FinzoxgxOMwgTygD0xmDOynNS-k.roa
File: FinzoxgxOMwgTygD0xmDOynNS-k.roa (raw, json)
Hash identifier: cgOvmx8hdmYLmepU3u0WCrORScfPnvUD6TNInx8jk4w=
Subject key identifier: 16:29:F3:A3:18:31:38:CC:20:4F:28:03:D3:19:83:3B:29:CD:4B:E9
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 084C803F
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/FinzoxgxOMwgTygD0xmDOynNS-k.roa
Signing time: Sat 28 May 2022 14:15:16 +0000
ROA not before: Sat 28 May 2022 14:15:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.150.252.0/22 maxlen: 32
45.134.76.0/22 maxlen: 32
170.245.40.0/22 maxlen: 32
185.46.116.0/22 maxlen: 32
194.48.164.0/22 maxlen: 32
168.205.72.0/22 maxlen: 32
193.201.248.0/22 maxlen: 32
95.181.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 24
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
63.141.34.0/23 maxlen: 32
31.223.188.0/23 maxlen: 32
150.107.200.0/22 maxlen: 32
185.202.28.0/22 maxlen: 32
185.75.208.0/22 maxlen: 32
185.28.180.0/22 maxlen: 32
45.143.68.0/22 maxlen: 32
45.139.232.0/22 maxlen: 32
103.225.200.0/22 maxlen: 32
185.253.68.0/22 maxlen: 32
194.76.108.0/23 maxlen: 32
188.68.0.0/22 maxlen: 32
194.76.120.0/23 maxlen: 32
45.66.48.0/22 maxlen: 32
45.131.224.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139231295 (0x84c803f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: May 28 14:15:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1629f3a3183138cc204f2803d319833b29cd4be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:60:43:da:64:cf:03:89:e2:b1:26:0e:de:
7f:68:2b:56:09:41:6b:2b:0a:6d:03:c3:71:cb:79:
9a:13:c6:03:ce:41:31:06:11:ae:f0:57:e0:a2:d0:
ba:56:b5:af:c9:e4:18:0c:91:5d:9d:70:c7:c5:33:
42:52:71:4a:e5:ef:47:f6:5c:ff:c1:56:d6:09:20:
5c:b4:ad:9a:93:eb:3c:fe:e1:34:9e:98:0a:df:ce:
48:cb:36:92:1d:d7:cf:c4:e7:a2:b9:f5:87:8e:5f:
de:e2:3c:d0:76:87:85:22:ad:7f:45:4c:f5:fb:45:
c3:bc:15:79:0a:f5:d1:7f:12:77:5b:5a:b9:88:83:
fc:29:ea:b2:77:07:1c:3d:f5:5c:57:a0:26:2e:cf:
a1:c9:4e:03:4c:e5:82:11:55:03:21:17:46:80:69:
40:27:73:03:59:f2:af:f7:e4:41:df:ae:7f:2e:80:
00:17:ae:04:79:20:f3:43:84:70:66:42:09:3c:3c:
58:d4:2b:99:fe:76:14:94:90:51:fa:ab:c1:b9:36:
04:bc:e6:6b:4f:9a:33:41:6f:f9:38:e9:91:5a:5f:
03:c5:60:3b:d6:ef:04:df:c2:47:ca:e7:a7:1d:c6:
17:40:b0:bb:42:6f:84:7d:97:5b:d6:fa:f0:c7:2e:
a7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:29:F3:A3:18:31:38:CC:20:4F:28:03:D3:19:83:3B:29:CD:4B:E9
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/FinzoxgxOMwgTygD0xmDOynNS-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.188.0/23
45.66.48.0/22
45.131.224.0/22
45.134.76.0/22
45.139.232.0/22
45.143.68.0/22
45.145.104.0/22
45.150.252.0/22
63.141.34.0-63.141.37.255
95.181.216.0/22
103.225.200.0/22
150.107.200.0/22
168.205.72.0/22
170.245.40.0/22
185.28.180.0/22
185.46.116.0/22
185.75.208.0/22
185.202.28.0/22
185.253.68.0/22
188.68.0.0/22
193.19.204.0/22
193.201.248.0/22
194.48.164.0/22
194.76.108.0/23
194.76.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:61:55:3a:d2:1c:5e:13:ce:76:32:36:d4:40:41:e1:26:d3:
4f:2d:24:4b:a2:ac:36:e9:08:eb:42:89:5b:f7:9a:86:52:e3:
1f:94:76:b8:5b:13:b3:85:4e:87:98:c6:80:95:df:6e:98:12:
3d:01:68:7b:df:c9:cf:b2:b6:a8:f5:c3:74:18:8d:45:97:c9:
1c:24:56:b4:c3:4d:6b:c4:10:88:de:1c:e8:a8:74:3f:14:c2:
28:3e:49:16:7f:1a:14:8d:1c:af:c8:28:ed:65:68:23:fe:b1:
cd:b5:d6:12:c0:1b:75:26:5c:e1:c2:00:2f:a6:8c:e6:09:b8:
3e:f8:db:1b:7d:ff:f0:0f:9c:ae:4e:c0:e0:63:6a:a6:0c:f3:
4e:2f:fe:b1:b7:b3:83:38:be:9b:1a:78:b9:f0:af:5b:fc:ae:
2c:1f:c6:47:08:22:7f:83:15:7c:d1:02:6b:79:86:27:91:5a:
b4:50:30:a1:1d:09:84:49:6b:cd:cd:79:cb:a2:3d:85:2b:f9:
12:c3:a0:9c:91:4c:72:60:1e:72:f2:15:ad:45:ca:ad:31:8a:
30:a7:43:cb:34:1a:16:f0:c1:03:7a:b2:3e:3a:7a:f8:ce:d8:
66:57:5d:97:b1:b7:02:a2:0c:a5:fe:dd:04:86:70:55:26:19:
25:bd:62:a7
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIECEyAPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzAzYTJjYWYyOTgwMTlmYmQ2Njg2MjE1MTZjOGM2ZTFkMTBlODNjMB4XDTIyMDUy
ODE0MTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTYyOWYzYTMxODMx
MzhjYzIwNGYyODAzZDMxOTgzM2IyOWNkNGJlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3jYEPaZM8DieKxJg7ef2grVglBaysKbQPDcct5mhPGA85B
MQYRrvBX4KLQula1r8nkGAyRXZ1wx8UzQlJxSuXvR/Zc/8FW1gkgXLStmpPrPP7h
NJ6YCt/OSMs2kh3Xz8Tnorn1h45f3uI80HaHhSKtf0VM9ftFw7wVeQr10X8Sd1ta
uYiD/CnqsncHHD31XFegJi7PoclOA0zlghFVAyEXRoBpQCdzA1nyr/fkQd+ufy6A
ABeuBHkg80OEcGZCCTw8WNQrmf52FJSQUfqrwbk2BLzma0+aM0Fv+TjpkVpfA8Vg
O9bvBN/CR8rnpx3GF0Cwu0JvhH2XW9b68Mcup4ECAwEAAaOCAqYwggKiMB0GA1Ud
DgQWBBQWKfOjGDE4zCBPKAPTGYM7Kc1L6TAfBgNVHSMEGDAWgBRsA6LK8pgBn71m
hiFRbIxuHRDoPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBT2l5dktZQVotOVpvWWhVV3lNYmgwUTZEdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8x
L0ZpbnpveGd4T013Z1R5Z0QweG1ET3luTlMtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8xL2JBT2l5dktZQVot
OVpvWWhVV3lNYmgwUTZEdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uwYIKwYBBQUHAQcBAf8EgaswgagwgaUEAgABMIGeAwQBH9+8AwQCLUIwAwQCLYPg
AwQCLYZMAwQCLYvoAwQCLY9EAwQCLZFoAwQCLZb8MAwDBAE/jSIDBAE/jSQDBAJf
tdgDBAJn4cgDBAKWa8gDBAKozUgDBAKq9SgDBAK5HLQDBAK5LnQDBAK5S9ADBAK5
yhwDBAK5/UQDBAK8RAADBALBE8wDBALByfgDBALCMKQDBAHCTGwDBAHCTHgwDQYJ
KoZIhvcNAQELBQADggEBAE9hVTrSHF4TznYyNtRAQeEm008tJEuirDbpCOtCiVv3
moZS4x+UdrhbE7OFToeYxoCV326YEj0BaHvfyc+ytqj1w3QYjUWXyRwkVrTDTWvE
EIjeHOiodD8Uwig+SRZ/GhSNHK/IKO1laCP+sc211hLAG3UmXOHCAC+mjOYJuD74
2xt9//APnK5OwOBjaqYM804v/rG3s4M4vpsaeLnwr1v8riwfxkcIIn+DFXzRAmt5
hieRWrRQMKEdCYRJa83NecuiPYUr+RLDoJyRTHJgHnLyFa1Fyq0xijCnQ8s0Ghbw
wQN6sj46evjO2GZXXZextwKiDKX+3QSGcFUmGSW9Yqc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org