Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/nyuhnJyDTQ-V42c9e8sUYLd4S60.roa
File: nyuhnJyDTQ-V42c9e8sUYLd4S60.roa (raw, json)
Hash identifier: GdjpBUywyZk8Za+9MIbN3sDyydehnCsgSxqAfONHjn0=
Subject key identifier: 9F:2B:A1:9C:9C:83:4D:0F:95:E3:67:3D:7B:CB:14:60:B7:78:4B:AD
Certificate issuer: /CN=73189d26bae7f85cb4e06ab5ab536de5a80c16a1
Certificate serial: 1725F5A9
Authority key identifier: 73:18:9D:26:BA:E7:F8:5C:B4:E0:6A:B5:AB:53:6D:E5:A8:0C:16:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxidJrrn-Fy04Gq1q1Nt5agMFqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/nyuhnJyDTQ-V42c9e8sUYLd4S60.roa
Signing time: Sat 01 Jan 2022 10:05:15 +0000
ROA not before: Sat 01 Jan 2022 10:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60876
IP address blocks: 185.24.168.0/22 maxlen: 24
85.204.120.0/23 maxlen: 24
85.204.132.0/23 maxlen: 24
85.204.136.0/23 maxlen: 24
212.237.96.0/20 maxlen: 24
85.204.194.0/23 maxlen: 24
195.192.248.0/23 maxlen: 24
2a00:7660::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388363689 (0x1725f5a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73189d26bae7f85cb4e06ab5ab536de5a80c16a1
Validity
Not Before: Jan 1 10:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f2ba19c9c834d0f95e3673d7bcb1460b7784bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3c:fe:01:a0:ea:03:44:e4:ff:cb:00:86:39:
7b:7b:64:cd:85:49:f8:ca:20:3a:97:00:17:87:5a:
8c:c6:06:73:bb:b8:9c:27:af:fc:9c:6b:74:75:a7:
33:d5:3a:56:25:10:f0:a5:a1:c2:0b:e7:74:a5:37:
16:ca:8b:70:b4:a7:f7:eb:61:b8:0f:a2:79:c8:e4:
36:8e:71:48:72:39:2a:dc:e1:33:ad:a3:9d:5d:2b:
e9:dc:ab:8a:c1:38:41:63:16:54:25:05:e7:4e:2e:
22:e8:96:d3:61:3e:5b:83:c6:c4:5b:de:8d:7c:59:
fc:f8:47:f6:c8:a9:63:55:fa:b7:12:87:22:4e:93:
a5:d3:96:f9:de:c2:a5:2b:c1:b6:4b:fb:80:0c:97:
15:96:38:da:5d:57:e1:52:6c:8c:d1:a5:c3:37:79:
2a:0c:59:3a:24:04:ee:5f:fc:ee:b7:0f:ce:bc:0e:
30:85:37:da:fe:2e:6b:7c:25:a3:29:f7:5c:87:a1:
c3:fe:4d:6c:32:b4:51:f3:70:f6:25:b5:27:17:b1:
bb:cf:fb:ff:fc:0e:b8:25:2a:8f:56:e2:e9:cc:6c:
a9:b9:18:81:c1:dd:a6:b1:4d:1c:ce:7e:4d:6f:fe:
f6:88:fa:63:7e:24:88:aa:c5:bb:6f:27:26:2f:90:
eb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2B:A1:9C:9C:83:4D:0F:95:E3:67:3D:7B:CB:14:60:B7:78:4B:AD
X509v3 Authority Key Identifier:
keyid:73:18:9D:26:BA:E7:F8:5C:B4:E0:6A:B5:AB:53:6D:E5:A8:0C:16:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxidJrrn-Fy04Gq1q1Nt5agMFqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/nyuhnJyDTQ-V42c9e8sUYLd4S60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/cxidJrrn-Fy04Gq1q1Nt5agMFqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.120.0/23
85.204.132.0/23
85.204.136.0/23
85.204.194.0/23
185.24.168.0/22
195.192.248.0/23
212.237.96.0/20
IPv6:
2a00:7660::/29
Signature Algorithm: sha256WithRSAEncryption
b3:61:0a:c9:f0:78:e8:69:2d:a2:a3:0d:35:19:b7:b7:f6:ab:
6a:be:55:92:a5:d4:e5:2a:06:49:1d:35:21:36:62:e5:bf:ed:
b2:fb:c3:e9:cd:98:43:2f:0a:f5:76:87:cc:35:77:21:95:6a:
b0:23:2e:3d:dd:10:4b:48:22:db:23:fd:a0:27:1c:00:57:08:
b1:60:81:f4:8e:4e:f4:c2:67:da:56:61:3f:1a:68:cf:60:45:
3f:51:03:7f:ca:e0:ee:e3:4f:be:f2:13:b9:f5:b1:bf:95:bb:
55:27:8d:9d:47:3e:67:06:f0:c7:71:ca:f8:da:77:77:79:0a:
c4:4a:73:f2:77:64:2c:74:73:3a:2b:c5:5f:ac:a0:1c:3d:0d:
e9:f1:48:7f:53:33:59:62:ed:01:4f:de:df:b9:82:53:2d:81:
93:16:8d:3a:69:c9:12:c7:02:f1:80:b9:76:62:7d:93:34:33:
b3:0c:b9:f8:fd:79:80:94:91:12:31:d9:71:f1:c6:fa:5f:f4:
d5:1c:86:22:c6:66:1f:96:56:f0:d5:d6:ae:38:3d:d0:91:d6:
4c:e5:23:66:28:c0:04:a3:1e:8b:6c:8a:df:0c:73:f3:91:d9:
3b:2f:e1:42:24:4e:2d:28:24:a2:23:1f:7e:1b:68:2e:f4:4d:
69:f2:fb:57
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEFyX1qTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzE4OWQyNmJhZTdmODVjYjRlMDZhYjVhYjUzNmRlNWE4MGMxNmExMB4XDTIyMDEw
MTEwMDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYyYmExOWM5Yzgz
NGQwZjk1ZTM2NzNkN2JjYjE0NjBiNzc4NGJhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw8/gGg6gNE5P/LAIY5e3tkzYVJ+MogOpcAF4dajMYGc7u4
nCev/JxrdHWnM9U6ViUQ8KWhwgvndKU3FsqLcLSn9+thuA+iecjkNo5xSHI5Ktzh
M62jnV0r6dyrisE4QWMWVCUF504uIuiW02E+W4PGxFvejXxZ/PhH9sipY1X6txKH
Ik6TpdOW+d7CpSvBtkv7gAyXFZY42l1X4VJsjNGlwzd5KgxZOiQE7l/87rcPzrwO
MIU32v4ua3wloyn3XIehw/5NbDK0UfNw9iW1Jxexu8/7//wOuCUqj1bi6cxsqbkY
gcHdprFNHM5+TW/+9oj6Y34kiKrFu28nJi+Q67ECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSfK6GcnINND5XjZz17yxRgt3hLrTAfBgNVHSMEGDAWgBRzGJ0muuf4XLTg
arWrU23lqAwWoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N4aWRKcnJuLUZ5MDRHcTFxMU50NWFnTUZxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYwYTlkLWIxMjEtNDVhZS04MzBkLTA2NmI2MzIzN2Q4NS8x
L255dWhuSnlEVFEtVjQyYzllOHNVWUxkNFM2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYwYTlkLWIxMjEtNDVhZS04MzBkLTA2NmI2MzIzN2Q4NS8xL2N4aWRKcnJuLUZ5
MDRHcTFxMU50NWFnTUZxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAVXMeAMEAVXMhAMEAVXMiAMEAVXM
wgMEArkYqAMEAcPA+AMEBNTtYDANBAIAAjAHAwUDKgB2YDANBgkqhkiG9w0BAQsF
AAOCAQEAs2EKyfB46GktoqMNNRm3t/arar5VkqXU5SoGSR01ITZi5b/tsvvD6c2Y
Qy8K9XaHzDV3IZVqsCMuPd0QS0gi2yP9oCccAFcIsWCB9I5O9MJn2lZhPxpoz2BF
P1EDf8rg7uNPvvITufWxv5W7VSeNnUc+Zwbwx3HK+Np3d3kKxEpz8ndkLHRzOivF
X6ygHD0N6fFIf1MzWWLtAU/e37mCUy2BkxaNOmnJEscC8YC5dmJ9kzQzswy5+P15
gJSREjHZcfHG+l/01RyGIsZmH5ZW8NXWrjg90JHWTOUjZijABKMei2yK3wxz85HZ
Oy/hQiROLSgkoiMffhtoLvRNafL7Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:41 2024 by rpki-client on console-ams.rpki-client.org