Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/DCsBCOtrpQPV1vUn0mMB44UTwog.roa
File: DCsBCOtrpQPV1vUn0mMB44UTwog.roa (raw, json)
Hash identifier: 9CFsR+KGx8t45bw/lufbRnnFVDrYH3naIRNRXhl3reo=
Subject key identifier: 0C:2B:01:08:EB:6B:A5:03:D5:D6:F5:27:D2:63:01:E3:85:13:C2:88
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018ADB718F53DED65D51092F6BBDD4D309C4
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/DCsBCOtrpQPV1vUn0mMB44UTwog.roa
Signing time: Thu 28 Sep 2023 10:59:27 +0000
ROA not before: Thu 28 Sep 2023 10:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60683
IP address blocks: 188.132.153.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.223.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.240.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
212.68.32.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
212.68.48.0/24 maxlen: 24
31.210.48.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.200.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.210.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:71:8f:53:de:d6:5d:51:09:2f:6b:bd:d4:d3:09:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Sep 28 10:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2b0108eb6ba503d5d6f527d26301e38513c288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:21:d7:b8:9b:7f:9c:f5:93:a9:64:60:e2:e4:
e9:d7:54:a9:78:3d:1d:4a:a1:a1:d6:ec:43:aa:81:
91:cd:20:47:c3:4f:40:37:42:b1:42:1a:e0:a8:1a:
57:10:0e:2d:08:26:2e:75:74:2d:ac:18:1e:58:3b:
d1:64:0b:b4:80:9a:b8:5c:21:05:08:5a:aa:d9:bb:
4d:cf:9a:ae:85:a6:ee:4a:73:fb:5e:40:63:e7:f9:
fd:6f:cb:31:af:59:54:19:3c:92:9a:95:b0:80:44:
9f:06:d9:e2:73:4b:84:b8:fa:57:1c:32:e7:90:74:
f0:53:52:dc:47:c4:1c:41:f8:90:f1:1f:61:65:13:
fc:95:92:c9:6a:f7:f6:72:34:70:8f:ac:77:06:0e:
b4:4e:b3:ea:ff:3e:39:aa:9f:fb:86:a8:1d:bc:ce:
bd:8f:aa:5b:93:08:7a:e9:9a:d5:2c:c7:0a:15:d2:
d9:c5:7f:96:ef:9e:f1:3a:b9:4b:70:a4:c5:63:17:
b0:e0:fc:4e:25:47:26:6f:f0:7e:78:56:ae:56:ff:
a5:94:07:1b:88:49:9a:dc:39:02:d8:46:06:1c:75:
51:66:c6:80:a6:ce:00:da:80:13:1a:49:1d:d2:c5:
a3:ea:13:38:50:eb:8e:30:75:2c:45:5c:92:4f:ac:
34:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:01:08:EB:6B:A5:03:D5:D6:F5:27:D2:63:01:E3:85:13:C2:88
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/DCsBCOtrpQPV1vUn0mMB44UTwog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
77.92.143.0/24
77.92.145.0-77.92.147.255
188.132.153.0/24
188.132.184.0/24
188.132.190.0/24
188.132.200.0/24
188.132.206.0/23
188.132.210.0/24
188.132.214.0/24
188.132.223.0/24
188.132.229.0/24
188.132.240.0/24
188.132.242.0/24
212.68.32.0/24
212.68.48.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e2:d0:64:69:b9:34:ea:f6:da:a4:61:0a:0a:f5:52:21:ce:
07:f3:b6:ab:5f:b9:9a:ac:5b:26:af:16:bd:30:5f:07:6b:33:
7c:99:a5:2d:17:ee:06:79:7c:dc:88:7f:f5:7d:23:0a:5f:fa:
e3:44:35:0d:bf:44:46:88:62:22:39:a5:5a:39:75:95:0c:20:
55:25:86:15:84:0a:20:58:0f:9d:3d:01:bc:07:27:e2:88:df:
1a:56:67:0c:e3:cd:9e:02:84:10:d0:96:37:5c:f9:08:cb:a3:
2f:92:14:4d:a0:72:7c:c3:28:d0:3c:10:27:74:5f:8a:2b:fb:
50:df:8b:81:c6:41:0b:ff:56:7f:f3:85:e9:1a:a3:66:e5:c7:
91:1a:11:71:b3:b7:90:90:52:3d:3c:75:7d:39:d6:e8:b9:44:
56:9a:b1:9f:3a:2a:a6:d3:31:52:56:2d:94:3a:08:25:02:90:
f7:da:fb:11:1c:7c:d3:11:f9:4f:18:09:7d:40:5e:3b:60:37:
f8:c3:2a:51:39:b7:0d:51:9a:86:dc:f9:dc:f1:61:20:0a:5b:
13:58:fc:74:60:a7:ca:e5:ee:dc:8c:89:50:19:7c:62:a6:95:
ac:c4:46:fc:33:81:90:de:00:5a:67:e0:27:2f:e6:07:e9:d6:
1a:c4:ec:3c
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYrbcY9T3tZdUQkva73U0wnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwOTI4MTA1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiMDEwOGViNmJhNTAzZDVkNmY1MjdkMjYzMDFlMzg1MTNjMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiHXuJt/nPWTqWRg4uTp11SpeD0d
SqGh1uxDqoGRzSBHw09AN0KxQhrgqBpXEA4tCCYudXQtrBgeWDvRZAu0gJq4XCEF
CFqq2btNz5quhabuSnP7XkBj5/n9b8sxr1lUGTySmpWwgESfBtnic0uEuPpXHDLn
kHTwU1LcR8QcQfiQ8R9hZRP8lZLJavf2cjRwj6x3Bg60TrPq/z45qp/7hqgdvM69
j6pbkwh66ZrVLMcKFdLZxX+W757xOrlLcKTFYxew4PxOJUcmb/B+eFauVv+llAcb
iEma3DkC2EYGHHVRZsaAps4A2oATGkkd0sWj6hM4UOuOMHUsRVyST6w0owIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFAwrAQjra6UD1db1J9JjAeOFE8KIMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvRENzQkNPdHJwUVBWMXZVbjBtTUI0NFVUd29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAB/SMAME
AE1cjzAMAwQATVyRAwQCTVyQAwQAvISZAwQAvIS4AwQAvIS+AwQAvITIAwQBvITO
AwQAvITSAwQAvITWAwQAvITfAwQAvITlAwQAvITwAwQAvITyAwQA1EQgAwQA1EQw
AwQA1EQ3MA0GCSqGSIb3DQEBCwUAA4IBAQBL4tBkabk06vbapGEKCvVSIc4H87ar
X7marFsmrxa9MF8HazN8maUtF+4GeXzciH/1fSMKX/rjRDUNv0RGiGIiOaVaOXWV
DCBVJYYVhAogWA+dPQG8ByfiiN8aVmcM482eAoQQ0JY3XPkIy6MvkhRNoHJ8wyjQ
PBAndF+KK/tQ34uBxkEL/1Z/84XpGqNm5ceRGhFxs7eQkFI9PHV9OdbouURWmrGf
Oiqm0zFSVi2UOgglApD32vsRHHzTEflPGAl9QF47YDf4wypRObcNUZqG3Pnc8WEg
ClsTWPx0YKfK5e7cjIlQGXxippWsxEb8M4GQ3gBaZ+AnL+YH6dYaxOw8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:53 2024 by rpki-client on console-ams.rpki-client.org