Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/0vckrfeS-JieXWc9j0s-sktyMWY.roa
File: 0vckrfeS-JieXWc9j0s-sktyMWY.roa (raw, json)
Hash identifier: 5q2yBs2MCX5xSyYwIc+QQuGl4mbJFnEq1DC03/3vN4c=
Subject key identifier: D2:F7:24:AD:F7:92:F8:98:9E:5D:67:3D:8F:4B:3E:B2:4B:72:31:66
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 0183604A7F68B4A9FB34BBD19839DEDBB9C2
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/0vckrfeS-JieXWc9j0s-sktyMWY.roa
Signing time: Wed 21 Sep 2022 13:43:58 +0000
ROA not before: Wed 21 Sep 2022 13:43:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59854
IP address blocks: 188.214.142.0/24 maxlen: 24
89.35.173.0/24 maxlen: 24
93.119.227.0/24 maxlen: 24
185.171.185.0/24 maxlen: 24
185.171.184.0/24 maxlen: 24
185.171.187.0/24 maxlen: 24
77.81.164.0/23 maxlen: 23
188.215.36.0/24 maxlen: 24
86.105.187.0/24 maxlen: 24
89.40.21.0/24 maxlen: 24
86.105.215.0/24 maxlen: 24
128.0.46.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:4a:7f:68:b4:a9:fb:34:bb:d1:98:39:de:db:b9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Sep 21 13:43:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2f724adf792f8989e5d673d8f4b3eb24b723166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:b6:2b:fd:78:34:85:bd:df:4d:d8:7b:19:
cb:69:88:f1:44:c4:bf:c1:6e:32:a6:29:2b:ed:b0:
dc:e8:8f:97:cf:c2:11:d9:84:f5:e4:a3:44:59:c1:
4e:0f:42:d4:1c:d4:33:4d:a5:f6:63:ee:dd:db:57:
ef:e5:bb:27:c4:9c:e8:cf:fd:e9:0d:70:d3:07:b7:
d6:64:41:e2:5c:a3:7b:d3:3e:b8:fc:1c:2f:97:90:
92:9d:6d:9f:ef:8a:a8:e3:96:74:28:90:f0:a2:60:
ee:d8:0f:de:bb:1e:ad:1a:09:8f:c2:a7:e1:16:f9:
45:b0:59:d6:e5:01:f9:6a:59:d5:b9:47:ef:89:28:
9f:7b:bd:8f:6b:d5:6b:d5:a9:fb:83:21:b3:cd:e9:
86:01:f3:a6:0e:a9:ca:ff:12:18:e2:0c:e0:e7:b0:
f5:07:c4:19:a8:e2:85:84:8b:30:3e:41:01:15:f2:
db:ba:46:f4:97:84:04:81:15:83:61:ba:fe:85:a1:
47:f7:1f:71:d1:ad:94:6f:c8:6a:1c:3c:a6:3d:54:
cc:c7:58:b2:4b:a5:3f:e7:5e:e9:a8:84:f8:97:4e:
8a:78:4b:56:56:0e:2f:bb:47:3b:9a:49:87:99:e9:
bc:d4:f0:64:fc:70:9f:28:23:ca:63:09:12:c7:35:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F7:24:AD:F7:92:F8:98:9E:5D:67:3D:8F:4B:3E:B2:4B:72:31:66
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/0vckrfeS-JieXWc9j0s-sktyMWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.164.0/23
86.105.187.0/24
86.105.215.0/24
89.35.173.0/24
89.40.21.0/24
93.119.227.0/24
128.0.46.0/23
185.171.184.0/23
185.171.187.0/24
188.214.142.0/24
188.215.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:d7:f0:9f:dd:0f:bb:7f:0b:59:39:ba:b1:76:a4:30:37:6c:
01:89:90:eb:9a:d3:32:ac:62:ab:c0:17:28:33:ed:2f:4a:63:
8b:63:6d:89:35:d6:6b:2e:fa:d6:e5:fd:60:2f:a1:db:70:83:
37:6f:dc:af:3f:cf:92:5d:4e:ec:d0:44:77:d8:02:9b:67:de:
1e:66:5d:e3:c7:75:f8:8b:32:25:7d:f7:80:58:fd:01:1f:52:
05:37:0b:5d:fc:fe:d6:cd:1b:5c:32:ec:1a:f1:16:51:d3:07:
a1:bc:8c:08:39:ed:5e:52:5e:e0:18:7f:99:ed:30:90:05:88:
52:d3:56:44:ce:67:e7:ed:fa:b8:e7:fa:c8:44:20:34:03:e5:
5e:84:b0:4d:9e:21:28:29:96:af:e0:24:29:f2:a4:53:5f:ce:
0a:50:aa:f9:90:60:06:8c:cf:6a:1b:2e:4e:e0:d4:aa:d5:77:
fe:cd:56:57:2a:30:c1:a7:7f:c6:1e:60:56:d0:8f:cb:c2:aa:
65:a6:10:dc:5b:ac:a4:19:93:cf:88:4c:35:1e:1c:11:cb:bd:
0f:d2:b2:f0:3f:68:21:8f:19:08:86:d3:f6:5b:a4:d0:9f:d5:
67:7c:e8:05:f4:1a:5d:da:1e:4f:dc:d7:8a:69:1e:d4:3e:2b:
47:97:09:06
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYNgSn9otKn7NLvRmDne27nCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjIwOTIxMTM0MzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY3MjRhZGY3OTJmODk4OWU1ZDY3M2Q4ZjRiM2ViMjRiNzIzMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyi2K/14NIW9303YexnLaYjxRMS/
wW4ypikr7bDc6I+Xz8IR2YT15KNEWcFOD0LUHNQzTaX2Y+7d21fv5bsnxJzoz/3p
DXDTB7fWZEHiXKN70z64/Bwvl5CSnW2f74qo45Z0KJDwomDu2A/eux6tGgmPwqfh
FvlFsFnW5QH5alnVuUfviSife72Pa9Vr1an7gyGzzemGAfOmDqnK/xIY4gzg57D1
B8QZqOKFhIswPkEBFfLbukb0l4QEgRWDYbr+haFH9x9x0a2Ub8hqHDymPVTMx1iy
S6U/517pqIT4l06KeEtWVg4vu0c7mkmHmem81PBk/HCfKCPKYwkSxzVdvwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNL3JK33kviYnl1nPY9LPrJLcjFmMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvMHZja3JmZVMtSmllWFdjOWowcy1za3R5TVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBTVGkAwQA
Vmm7AwQAVmnXAwQAWSOtAwQAWSgVAwQAXXfjAwQBgAAuAwQBuau4AwQAuau7AwQA
vNaOAwQAvNckMA0GCSqGSIb3DQEBCwUAA4IBAQAO1/Cf3Q+7fwtZObqxdqQwN2wB
iZDrmtMyrGKrwBcoM+0vSmOLY22JNdZrLvrW5f1gL6HbcIM3b9yvP8+SXU7s0ER3
2AKbZ94eZl3jx3X4izIlffeAWP0BH1IFNwtd/P7WzRtcMuwa8RZR0wehvIwIOe1e
Ul7gGH+Z7TCQBYhS01ZEzmfn7fq45/rIRCA0A+VehLBNniEoKZav4CQp8qRTX84K
UKr5kGAGjM9qGy5O4NSq1Xf+zVZXKjDBp3/GHmBW0I/LwqplphDcW6ykGZPPiEw1
HhwRy70P0rLwP2ghjxkIhtP2W6TQn9VnfOgF9Bpd2h5P3NeKaR7UPitHlwkG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:20 2023 by rpki-client on console-ams.rpki-client.org