Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cM0ptuUC-L0vn7yRQZQ5l38nySs.roa
File: cM0ptuUC-L0vn7yRQZQ5l38nySs.roa (raw, json)
Hash identifier: i0ebzId1V/8m3XgphZ53OUTwdl6EANsBVYuwYZXdDts=
Subject key identifier: 70:CD:29:B6:E5:02:F8:BD:2F:9F:BC:91:41:94:39:97:7F:27:C9:2B
Certificate issuer: /CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Certificate serial: 0185708CA14FAF98141F3380AA5DA709E469
Authority key identifier: 35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cM0ptuUC-L0vn7yRQZQ5l38nySs.roa
Signing time: Mon 02 Jan 2023 03:35:42 +0000
ROA not before: Mon 02 Jan 2023 03:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34513
IP address blocks: 85.198.28.0/24 maxlen: 24
85.198.29.0/24 maxlen: 24
85.198.25.0/24 maxlen: 24
85.198.26.0/24 maxlen: 24
85.198.27.0/24 maxlen: 24
85.198.0.0/24 maxlen: 24
85.198.1.0/24 maxlen: 24
85.198.2.0/24 maxlen: 24
85.198.3.0/24 maxlen: 24
85.198.4.0/24 maxlen: 24
78.110.112.0/24 maxlen: 24
85.198.9.0/24 maxlen: 24
85.198.6.0/24 maxlen: 24
85.198.5.0/24 maxlen: 24
78.110.113.0/24 maxlen: 24
78.110.118.0/24 maxlen: 24
78.110.114.0/24 maxlen: 24
85.198.7.0/24 maxlen: 24
78.110.115.0/24 maxlen: 24
85.198.8.0/24 maxlen: 24
85.198.10.0/24 maxlen: 24
85.198.11.0/24 maxlen: 24
78.110.116.0/24 maxlen: 24
78.110.117.0/24 maxlen: 24
78.110.122.0/24 maxlen: 24
85.198.14.0/24 maxlen: 24
85.198.13.0/24 maxlen: 24
85.198.15.0/24 maxlen: 24
78.110.123.0/24 maxlen: 24
85.198.16.0/24 maxlen: 24
78.110.121.0/24 maxlen: 24
78.110.124.0/24 maxlen: 24
85.198.17.0/24 maxlen: 24
85.198.12.0/24 maxlen: 24
78.110.125.0/24 maxlen: 24
78.110.119.0/24 maxlen: 24
78.110.120.0/24 maxlen: 24
85.198.23.0/24 maxlen: 24
85.198.21.0/24 maxlen: 24
85.198.22.0/24 maxlen: 24
85.198.24.0/24 maxlen: 24
85.198.18.0/24 maxlen: 24
78.110.126.0/24 maxlen: 24
85.198.19.0/24 maxlen: 24
78.110.127.0/24 maxlen: 24
85.198.20.0/24 maxlen: 24
185.58.241.0/24 maxlen: 24
185.58.242.0/24 maxlen: 24
185.58.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a1:4f:af:98:14:1f:33:80:aa:5d:a7:09:e4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35730bb8b2623e7f65a6163604d1c85f9106288f
Validity
Not Before: Jan 2 03:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70cd29b6e502f8bd2f9fbc91419439977f27c92b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d7:da:c2:6c:3e:96:e7:d6:5c:26:ac:be:c9:
e2:be:a0:7e:45:a7:d7:9f:c4:e4:a7:87:a3:cb:37:
8c:54:9f:94:2b:a0:71:e0:2d:54:52:3b:a8:5b:5c:
d1:d3:cf:f1:13:0a:a1:26:58:e7:82:11:9c:26:fe:
b5:17:95:4e:99:5d:08:73:ee:7a:75:ab:72:d6:67:
99:47:b7:bf:a4:0a:b8:1e:a2:80:df:4f:61:21:8b:
ab:62:b6:38:c9:c3:32:a1:a6:f9:bd:37:54:6d:78:
36:37:ec:a9:f6:91:ef:e4:bd:8c:97:ad:35:f3:ab:
5c:ad:84:89:d3:d9:87:7b:98:3c:77:bc:f7:d1:8f:
b5:2b:e4:61:62:c2:fa:25:0a:75:88:71:72:75:d4:
f6:96:3e:b5:88:f5:47:93:ac:dc:d2:af:98:ba:56:
b3:25:15:18:96:c2:81:7d:58:d9:9f:8c:32:38:42:
25:b0:58:34:0e:cf:d3:22:22:88:c6:f0:42:6b:b5:
e8:98:00:f7:07:a1:1e:15:50:02:38:76:e8:0b:de:
0d:0f:0f:52:2f:ee:77:a1:d0:61:37:ef:0b:7c:84:
98:a7:50:33:23:41:49:63:4f:48:15:79:98:6d:20:
a6:61:01:e8:98:bf:1f:4b:12:1d:4e:8b:74:76:fb:
92:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CD:29:B6:E5:02:F8:BD:2F:9F:BC:91:41:94:39:97:7F:27:C9:2B
X509v3 Authority Key Identifier:
keyid:35:73:0B:B8:B2:62:3E:7F:65:A6:16:36:04:D1:C8:5F:91:06:28:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NXMLuLJiPn9lphY2BNHIX5EGKI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/cM0ptuUC-L0vn7yRQZQ5l38nySs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5c5138-aee4-482c-913c-3a4dff8e8ded/1/NXMLuLJiPn9lphY2BNHIX5EGKI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/20
85.198.0.0-85.198.29.255
185.58.240.0-185.58.242.255
Signature Algorithm: sha256WithRSAEncryption
01:77:31:b3:1f:03:5e:ce:fe:2d:22:8c:f6:dc:e8:aa:3e:03:
d9:94:11:bd:ac:7c:7f:ed:22:eb:6e:1f:38:e6:9a:02:a6:bd:
62:2f:43:00:25:bd:6f:78:6b:1f:25:8b:d4:a0:e7:76:29:de:
91:19:05:dc:f2:7a:7e:03:55:8d:eb:ea:d7:ae:ad:e2:6a:07:
c4:28:f6:24:5d:a2:da:33:40:b2:c5:a7:69:55:ad:ff:1e:66:
c0:83:2f:43:12:b7:64:a1:cd:6f:17:53:e3:48:9d:bb:81:d8:
f3:35:4b:17:dc:cf:48:58:55:45:a1:8d:fe:75:f3:30:42:49:
63:98:9e:f2:59:de:57:0c:b4:f6:5e:e4:75:a4:03:7c:8c:ba:
e1:3e:b4:a1:ca:b2:c6:44:98:b4:b1:2f:d5:43:4d:d6:c0:08:
1b:38:06:54:d3:8c:85:83:b2:8c:fa:2f:c9:e1:6b:74:c9:77:
44:2b:0a:28:d1:c1:96:93:d7:4b:a3:a2:46:30:50:a2:42:41:
f0:2b:93:b4:b4:e2:0c:cf:53:32:9e:dc:92:b4:f4:ba:e9:30:
e1:39:85:c0:e7:f8:fe:71:66:6a:31:d0:e7:13:c0:3d:3a:99:
7a:b3:14:b3:19:62:d2:87:f9:b0:60:9c:2d:cc:a6:25:97:5c:
b6:f1:01:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwjKFPr5gUHzOAql2nCeRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NzMwYmI4YjI2MjNlN2Y2NWE2MTYzNjA0ZDFjODVmOTEw
NjI4OGYwHhcNMjMwMTAyMDMzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNkMjliNmU1MDJmOGJkMmY5ZmJjOTE0MTk0Mzk5NzdmMjdjOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdfawmw+lufWXCasvsnivqB+RafX
n8Tkp4ejyzeMVJ+UK6Bx4C1UUjuoW1zR08/xEwqhJljnghGcJv61F5VOmV0Ic+56
daty1meZR7e/pAq4HqKA309hIYurYrY4ycMyoab5vTdUbXg2N+yp9pHv5L2Ml601
86tcrYSJ09mHe5g8d7z30Y+1K+RhYsL6JQp1iHFyddT2lj61iPVHk6zc0q+Yulaz
JRUYlsKBfVjZn4wyOEIlsFg0Ds/TIiKIxvBCa7XomAD3B6EeFVACOHboC94NDw9S
L+53odBhN+8LfISYp1AzI0FJY09IFXmYbSCmYQHomL8fSxIdTot0dvuSfQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHDNKbblAvi9L5+8kUGUOZd/J8krMB8GA1UdIwQY
MBaAFDVzC7iyYj5/ZaYWNgTRyF+RBiiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2Mt
M2E0ZGZmOGU4ZGVkLzEvY00wcHR1VUMtTDB2bjd5UlFaUTVsMzhueVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC81YzUxMzgtYWVlNC00ODJjLTkxM2MtM2E0ZGZmOGU4ZGVk
LzEvTlhNTHVMSmlQbjlscGhZMkJOSElYNUVHS0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwQETm5wMAsD
AwFVxgMEAVXGHDAMAwQEuTrwAwQAuTryMA0GCSqGSIb3DQEBCwUAA4IBAQABdzGz
HwNezv4tIoz23OiqPgPZlBG9rHx/7SLrbh845poCpr1iL0MAJb1veGsfJYvUoOd2
Kd6RGQXc8np+A1WN6+rXrq3iagfEKPYkXaLaM0CyxadpVa3/HmbAgy9DErdkoc1v
F1PjSJ27gdjzNUsX3M9IWFVFoY3+dfMwQkljmJ7yWd5XDLT2XuR1pAN8jLrhPrSh
yrLGRJi0sS/VQ03WwAgbOAZU04yFg7KM+i/J4Wt0yXdEKwoo0cGWk9dLo6JGMFCi
QkHwK5O0tOIMz1MyntyStPS66TDhOYXA5/j+cWZqMdDnE8A9Opl6sxSzGWLSh/mw
YJwtzKYll1y28QHw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org