Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/oYuW0AKBD0kUcfEkaLsYt_UF3dU.roa
File: oYuW0AKBD0kUcfEkaLsYt_UF3dU.roa (raw, json)
Hash identifier: qFHwF8cJN7JlAa+GoeovIsgUoZ0SGgZwWLtXLIa6N6c=
Subject key identifier: A1:8B:96:D0:02:81:0F:49:14:71:F1:24:68:BB:18:B7:F5:05:DD:D5
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 018F712FE8967696E854E41F61D57D4F3C35
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/oYuW0AKBD0kUcfEkaLsYt_UF3dU.roa
Signing time: Mon 13 May 2024 09:01:55 +0000
ROA not before: Mon 13 May 2024 09:01:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 78.136.248.0/24 maxlen: 24
78.136.249.0/24 maxlen: 24
78.136.250.0/24 maxlen: 24
78.136.251.0/24 maxlen: 24
78.136.252.0/24 maxlen: 24
78.136.253.0/24 maxlen: 24
78.136.254.0/24 maxlen: 24
88.204.46.0/24 maxlen: 24
88.204.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:2f:e8:96:76:96:e8:54:e4:1f:61:d5:7d:4f:3c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: May 13 09:01:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a18b96d002810f491471f12468bb18b7f505ddd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:80:1f:82:3a:53:2d:2c:10:6f:43:9b:29:ee:
4a:bc:a3:b1:80:4b:aa:41:cb:1f:c4:b9:91:ff:e0:
14:fe:13:fb:e3:f7:67:99:31:4f:c1:ca:98:89:65:
e1:2a:fd:a6:a3:d0:07:3a:3d:89:59:45:08:63:ba:
40:2f:fd:1a:72:95:35:f7:34:08:bc:e2:ca:b8:0f:
ee:ba:b2:2a:12:a7:e4:18:9c:d5:a5:30:9e:99:35:
33:f4:26:a3:97:d8:5a:10:67:93:9d:6b:ad:85:3c:
d5:98:23:1a:82:c3:7e:69:ad:33:40:b7:ca:1d:ef:
b2:89:4f:48:ae:58:0b:21:75:a0:aa:3c:72:6c:a2:
c3:61:8d:0e:40:ed:6c:d0:52:42:d3:b4:3b:7d:ae:
26:25:ac:86:7c:46:9b:67:6e:3f:2b:62:de:f4:31:
36:89:fa:da:ea:40:8e:fd:f2:8e:ed:10:41:b5:f8:
40:0a:db:be:f1:58:95:a1:51:35:2b:ec:91:6b:53:
1f:5f:b7:f6:cf:5a:1b:09:70:76:85:f5:b5:fb:9a:
d1:c1:5d:c2:fc:19:26:80:dc:ea:1b:a4:72:ab:e8:
8f:ff:8c:8c:8e:92:01:b0:94:be:3b:e2:df:e0:b4:
31:3d:58:86:9c:5d:0f:e4:71:fc:3f:0f:83:71:53:
bb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8B:96:D0:02:81:0F:49:14:71:F1:24:68:BB:18:B7:F5:05:DD:D5
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/oYuW0AKBD0kUcfEkaLsYt_UF3dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.248.0-78.136.254.255
88.204.46.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:a7:e4:97:14:a5:16:5f:c6:e6:c4:74:da:6d:3a:bf:1f:bf:
8a:93:ef:c3:49:55:43:13:c4:8b:72:54:b6:78:27:61:69:de:
6f:99:0a:06:92:97:24:fb:cd:30:50:f6:6c:cb:03:47:fe:c3:
80:62:1b:a1:4f:33:41:90:ec:a0:15:66:2c:3d:5d:4e:88:12:
0f:f8:07:6a:41:2b:79:bd:51:e0:6f:fd:34:32:6f:be:ec:b9:
a3:38:91:20:8e:12:cc:78:42:2c:55:4f:60:d7:da:00:b3:e5:
a2:1e:20:f3:99:5d:15:b0:93:51:57:d5:c9:bd:10:53:25:07:
03:6e:f6:ea:b2:15:af:d6:1f:64:a3:c8:d1:a7:cd:39:47:01:
6a:56:c8:e4:b5:eb:df:23:63:18:86:d2:b8:61:d0:6f:a5:eb:
2d:de:79:48:6b:21:8f:02:ed:73:b5:f0:a2:2f:5d:1d:5b:70:
9d:16:9e:59:17:00:5e:5c:53:cc:fd:6e:a4:4e:57:e7:88:f1:
6d:ea:69:9c:3d:c9:8c:87:7c:9a:cc:55:20:fc:66:a5:36:38:
b3:a8:39:30:3d:e8:6c:18:a1:13:c0:f5:bd:38:69:3e:b2:cd:
64:4e:01:1f:cd:8e:96:5d:0e:ef:18:5b:9d:60:49:14:86:d2:
d4:f4:64:dc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY9xL+iWdpboVOQfYdV9Tzw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQwNTEzMDkwMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMThiOTZkMDAyODEwZjQ5MTQ3MWYxMjQ2OGJiMThiN2Y1MDVkZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oAfgjpTLSwQb0ObKe5KvKOxgEuq
QcsfxLmR/+AU/hP74/dnmTFPwcqYiWXhKv2mo9AHOj2JWUUIY7pAL/0acpU19zQI
vOLKuA/uurIqEqfkGJzVpTCemTUz9Cajl9haEGeTnWuthTzVmCMagsN+aa0zQLfK
He+yiU9IrlgLIXWgqjxybKLDYY0OQO1s0FJC07Q7fa4mJayGfEabZ24/K2Le9DE2
ifra6kCO/fKO7RBBtfhACtu+8ViVoVE1K+yRa1MfX7f2z1obCXB2hfW1+5rRwV3C
/BkmgNzqG6Ryq+iP/4yMjpIBsJS+O+Lf4LQxPViGnF0P5HH8Pw+DcVO7AwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKGLltACgQ9JFHHxJGi7GLf1Bd3VMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvb1l1VzBBS0JEMGtVY2ZFa2FMc1l0X1VGM2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANOiPgD
BABOiP4DBAFYzC4wDQYJKoZIhvcNAQELBQADggEBAG+n5JcUpRZfxubEdNptOr8f
v4qT78NJVUMTxItyVLZ4J2Fp3m+ZCgaSlyT7zTBQ9mzLA0f+w4BiG6FPM0GQ7KAV
Ziw9XU6IEg/4B2pBK3m9UeBv/TQyb77suaM4kSCOEsx4QixVT2DX2gCz5aIeIPOZ
XRWwk1FX1cm9EFMlBwNu9uqyFa/WH2SjyNGnzTlHAWpWyOS1698jYxiG0rhh0G+l
6y3eeUhrIY8C7XO18KIvXR1bcJ0WnlkXAF5cU8z9bqROV+eI8W3qaZw9yYyHfJrM
VSD8ZqU2OLOoOTA96GwYoRPA9b04aT6yzWROAR/NjpZdDu8YW51gSRSG0tT0ZNw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:20 2024 by rpki-client on console-ams.rpki-client.org