Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a7MLv_yoZsF5w58W3iDIjMFhvxo.roa
File: a7MLv_yoZsF5w58W3iDIjMFhvxo.roa (raw, json)
Hash identifier: OVywYkcSI6NA8BiUu8ESH2La4a6tQh1gDFZ+6x0XXgg=
Subject key identifier: 6B:B3:0B:BF:FC:A8:66:C1:79:C3:9F:16:DE:20:C8:8C:C1:61:BF:1A
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018CC86F298A8A223D99DB4EFF5257FEE22F
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a7MLv_yoZsF5w58W3iDIjMFhvxo.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 88.204.44.0/23 maxlen: 24
88.204.42.0/23 maxlen: 24
88.204.46.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:29:8a:8a:22:3d:99:db:4e:ff:52:57:fe:e2:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bb30bbffca866c179c39f16de20c88cc161bf1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:aa:40:68:fb:a8:27:16:bf:5e:ba:91:95:a0:
e7:58:f3:fd:8f:78:02:4b:e5:bd:31:49:67:84:08:
b8:49:e2:f4:f4:17:2c:79:bc:2c:c5:15:c0:c9:94:
ca:08:1f:c1:db:90:ce:f8:0e:ec:6c:b6:4f:e0:55:
75:a7:72:5d:66:4c:a6:8f:9c:99:41:53:58:b6:f4:
54:ad:b9:a6:af:6c:2e:14:37:a8:be:66:a6:90:58:
c0:6a:dc:24:2e:b4:9b:c4:a2:a0:fb:ba:99:d1:ee:
9d:74:f0:51:d1:17:79:5d:ad:ad:36:61:f7:f2:9b:
ae:c2:21:bf:3b:80:7d:4c:38:07:cb:ca:bc:74:b5:
be:41:f6:ea:76:ef:46:ea:37:6c:b3:2f:72:ac:e5:
15:45:01:b4:d5:d2:d4:29:59:59:58:f4:30:4e:61:
2c:96:9e:52:dc:33:ad:4f:5d:9d:66:ee:eb:7a:24:
1c:4a:4e:9e:46:1f:f0:ef:d1:23:c7:da:32:a6:10:
89:d2:7d:fd:f4:f0:5b:09:1d:5b:86:f5:22:dc:e3:
26:da:d3:92:c5:43:bc:b1:8c:7b:8c:09:5b:76:32:
ce:7d:55:0e:e2:3c:e2:f8:a1:e2:c8:d4:95:96:f8:
35:12:70:5f:64:43:86:f3:12:28:ff:d3:5d:12:5b:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B3:0B:BF:FC:A8:66:C1:79:C3:9F:16:DE:20:C8:8C:C1:61:BF:1A
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/a7MLv_yoZsF5w58W3iDIjMFhvxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.248.0-78.136.254.255
88.204.42.0-88.204.47.255
Signature Algorithm: sha256WithRSAEncryption
2d:b7:9d:f2:f3:29:98:2d:80:c3:7d:37:c3:99:e5:76:64:4c:
d7:d5:03:5b:b2:3b:28:60:01:06:2f:62:be:19:e5:4b:fe:8e:
d4:2f:74:f0:35:dd:f5:a1:e3:71:11:89:09:66:98:1d:33:56:
48:67:86:9a:ae:25:fb:2c:37:ce:0c:49:16:49:03:34:04:bd:
78:32:7f:6a:bd:eb:0e:41:e9:54:dc:5d:38:54:25:1b:11:a8:
48:14:b0:95:8b:ae:79:10:7f:53:0a:7d:64:9d:40:06:6c:24:
ed:40:9a:d3:2f:c6:e9:61:a5:18:6d:e0:27:53:69:15:45:e7:
6a:ae:67:c1:ae:9d:7d:4c:cd:5b:b3:db:58:75:03:c6:5a:0b:
f0:b3:09:0b:e7:c4:6c:99:7b:ea:00:59:60:d6:48:12:ea:ea:
6b:10:1e:54:f5:5d:ee:c0:f7:16:7e:fb:84:71:dc:34:13:24:
48:b4:3f:04:2a:74:e9:bd:ee:20:06:af:0c:5c:a4:18:e2:cf:
ce:1d:e9:4b:4e:0d:15:cf:12:f3:0d:c1:62:d9:09:b1:43:b7:
79:41:db:5a:4c:a6:36:a8:67:9a:65:3e:cb:30:8c:93:a1:91:
15:f7:88:1a:cc:b3:08:fc:4b:eb:ea:4d:d2:a5:00:c9:0a:2b:
3a:23:46:54
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzIbymKiiI9mdtO/1JX/uIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmIzMGJiZmZjYTg2NmMxNzljMzlmMTZkZTIwYzg4Y2MxNjFiZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqpAaPuoJxa/XrqRlaDnWPP9j3gC
S+W9MUlnhAi4SeL09BcsebwsxRXAyZTKCB/B25DO+A7sbLZP4FV1p3JdZkymj5yZ
QVNYtvRUrbmmr2wuFDeovmamkFjAatwkLrSbxKKg+7qZ0e6ddPBR0Rd5Xa2tNmH3
8puuwiG/O4B9TDgHy8q8dLW+Qfbqdu9G6jdssy9yrOUVRQG01dLUKVlZWPQwTmEs
lp5S3DOtT12dZu7reiQcSk6eRh/w79Ejx9oyphCJ0n399PBbCR1bhvUi3OMm2tOS
xUO8sYx7jAlbdjLOfVUO4jzi+KHiyNSVlvg1EnBfZEOG8xIo/9NdEltCRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGuzC7/8qGbBecOfFt4gyIzBYb8aMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvYTdNTHZfeW9ac0Y1dzU4VzNpRElqTUZodnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANOiPgD
BABOiP4wDAMEAVjMKgMEBFjMIDANBgkqhkiG9w0BAQsFAAOCAQEALbed8vMpmC2A
w303w5nldmRM19UDW7I7KGABBi9ivhnlS/6O1C908DXd9aHjcRGJCWaYHTNWSGeG
mq4l+yw3zgxJFkkDNAS9eDJ/ar3rDkHpVNxdOFQlGxGoSBSwlYuueRB/Uwp9ZJ1A
Bmwk7UCa0y/G6WGlGG3gJ1NpFUXnaq5nwa6dfUzNW7PbWHUDxloL8LMJC+fEbJl7
6gBZYNZIEurqaxAeVPVd7sD3Fn77hHHcNBMkSLQ/BCp06b3uIAavDFykGOLPzh3p
S04NFc8S8w3BYtkJsUO3eUHbWkymNqhnmmU+yzCMk6GRFfeIGsyzCPxL6+pN0qUA
yQorOiNGVA==
-----END CERTIFICATE-----
Generated at Tue Jan 30 11:24:32 2024 by rpki-client on console-ams.rpki-client.org