Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/27zhkL_XypyHfdLtjkipNnxsaV8.roa
File: 27zhkL_XypyHfdLtjkipNnxsaV8.roa (raw, json)
Hash identifier: ac1J2RsT4YWfLtfWLqdH1Xvgv9Yh3TA4IzLgPIyEzZI=
Subject key identifier: DB:BC:E1:90:BF:D7:CA:9C:87:7D:D2:ED:8E:48:A9:36:7C:6C:69:5F
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018A4BF173702F9C73D0303BADA1E132DECF
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/27zhkL_XypyHfdLtjkipNnxsaV8.roa
Signing time: Thu 31 Aug 2023 14:13:49 +0000
ROA not before: Thu 31 Aug 2023 14:13:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.204.40.0/23 maxlen: 24
88.204.44.0/23 maxlen: 24
88.204.42.0/23 maxlen: 24
88.204.46.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:f1:73:70:2f:9c:73:d0:30:3b:ad:a1:e1:32:de:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Aug 31 14:13:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbbce190bfd7ca9c877dd2ed8e48a9367c6c695f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4d:84:82:9c:47:f5:75:40:15:e0:4b:58:03:
8f:61:a7:38:b5:d8:4c:d1:8e:38:14:6b:6d:ca:c5:
8f:6a:25:c9:6f:51:1b:2b:53:2d:d9:39:69:e6:c4:
02:96:fe:c8:2f:0a:23:41:3d:4c:73:30:c7:6d:32:
f7:73:a3:59:76:f5:a0:e7:32:96:ba:09:69:fc:e6:
bb:1a:55:68:2c:8d:a4:b3:13:29:7c:a5:8b:f3:e5:
98:d9:c5:e2:58:67:71:dd:3b:6a:77:ed:15:2e:4a:
08:4e:80:c9:69:d7:4f:14:1e:b1:83:1b:e6:03:88:
da:cd:34:45:9b:26:33:f0:cb:2e:28:92:a3:69:e6:
c1:7c:23:1b:fb:c0:5d:b5:8d:c2:25:aa:e3:4d:10:
fb:9c:1c:94:1f:0d:41:09:23:f2:cc:51:cd:b2:39:
76:21:dd:43:55:24:ca:41:95:54:3f:cd:18:48:e6:
9e:5a:1f:16:6a:ff:64:ae:e5:f5:54:90:c1:a9:3d:
d4:e0:47:b1:ab:f9:95:62:1a:75:c8:96:61:e6:80:
58:0a:95:66:e1:e5:24:28:8e:1c:23:3c:b5:ac:b5:
94:ca:e3:e5:54:45:4d:eb:07:28:e0:8f:1d:9f:2a:
4e:61:d6:33:7a:15:31:af:87:13:cf:65:83:19:0e:
c5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BC:E1:90:BF:D7:CA:9C:87:7D:D2:ED:8E:48:A9:36:7C:6C:69:5F
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/27zhkL_XypyHfdLtjkipNnxsaV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.248.0-78.136.254.255
88.204.40.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:96:fa:7a:fc:b1:ca:65:d1:5b:df:29:9a:c0:db:7a:e3:5a:
73:2b:52:01:f3:be:0f:2c:f4:79:4c:93:b7:0a:76:f2:ff:90:
19:43:62:24:08:41:71:ca:f9:bc:4d:59:44:fd:3d:ea:16:87:
06:69:19:23:30:8e:49:23:30:d6:68:70:4d:97:37:e7:4e:52:
c1:dd:50:d1:89:6f:79:a1:a5:89:8d:6f:5a:cf:d3:75:f4:36:
81:b5:d0:58:83:c6:7e:d7:14:23:24:c0:d0:17:bd:25:e0:f4:
de:a5:06:44:f3:72:4d:95:cd:4f:be:12:d9:34:49:24:5f:bb:
bd:79:8d:31:05:30:fc:6c:8a:1c:e5:6d:9f:0a:97:08:70:c8:
d8:85:73:79:ea:6b:5c:30:c0:c5:82:b6:1f:eb:39:82:ed:24:
6c:00:8d:c2:55:b8:cd:61:81:08:21:91:e7:4a:be:b5:48:59:
66:89:d7:89:0a:5b:6e:a4:7b:41:dd:34:29:39:08:a2:14:b2:
26:a5:4f:9f:7e:39:23:b5:b9:06:33:ec:5c:b9:66:70:b3:13:
ec:9b:a7:68:03:77:e3:25:83:c7:bf:77:3b:78:aa:12:b8:db:
44:4c:18:bc:08:09:86:bc:47:99:05:34:8b:86:2d:c2:02:c9:
4c:fd:b1:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYpL8XNwL5xz0DA7raHhMt7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjMwODMxMTQxMzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmJjZTE5MGJmZDdjYTljODc3ZGQyZWQ4ZTQ4YTkzNjdjNmM2OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk2EgpxH9XVAFeBLWAOPYac4tdhM
0Y44FGttysWPaiXJb1EbK1Mt2Tlp5sQClv7ILwojQT1MczDHbTL3c6NZdvWg5zKW
uglp/Oa7GlVoLI2ksxMpfKWL8+WY2cXiWGdx3Ttqd+0VLkoIToDJaddPFB6xgxvm
A4jazTRFmyYz8MsuKJKjaebBfCMb+8BdtY3CJarjTRD7nByUHw1BCSPyzFHNsjl2
Id1DVSTKQZVUP80YSOaeWh8Wav9kruX1VJDBqT3U4Eexq/mVYhp1yJZh5oBYCpVm
4eUkKI4cIzy1rLWUyuPlVEVN6wco4I8dnypOYdYzehUxr4cTz2WDGQ7FzwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNu84ZC/18qch33S7Y5IqTZ8bGlfMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvMjd6aGtMX1h5cHlIZmRMdGpraXBObnhzYVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANOiPgD
BABOiP4DBANYzCgwDQYJKoZIhvcNAQELBQADggEBAE+W+nr8scpl0VvfKZrA23rj
WnMrUgHzvg8s9HlMk7cKdvL/kBlDYiQIQXHK+bxNWUT9PeoWhwZpGSMwjkkjMNZo
cE2XN+dOUsHdUNGJb3mhpYmNb1rP03X0NoG10FiDxn7XFCMkwNAXvSXg9N6lBkTz
ck2VzU++Etk0SSRfu715jTEFMPxsihzlbZ8KlwhwyNiFc3nqa1wwwMWCth/rOYLt
JGwAjcJVuM1hgQghkedKvrVIWWaJ14kKW26ke0HdNCk5CKIUsialT59+OSO1uQYz
7Fy5ZnCzE+ybp2gDd+Mlg8e/dzt4qhK420RMGLwICYa8R5kFNIuGLcICyUz9sZc=
-----END CERTIFICATE-----
Generated at Wed Nov 15 10:43:13 2023 by rpki-client on console-ams.rpki-client.org