Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00OcSSd6fuFI8KFZ6uKIso1uuWo.roa
File: 00OcSSd6fuFI8KFZ6uKIso1uuWo.roa (raw, json)
Hash identifier: MYHw7DsW9KuCy+c2UQ2b3gg4PZrfg7EEB07UcK0Ns2Q=
Subject key identifier: D3:43:9C:49:27:7A:7E:E1:48:F0:A1:59:EA:E2:88:B2:8D:6E:B9:6A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186DB1C5CDAAC1162C9F57F4EC024846C5B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00OcSSd6fuFI8KFZ6uKIso1uuWo.roa
Signing time: Mon 13 Mar 2023 13:15:14 +0000
ROA not before: Mon 13 Mar 2023 13:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:1c:5c:da:ac:11:62:c9:f5:7f:4e:c0:24:84:6c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 13 13:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3439c49277a7ee148f0a159eae288b28d6eb96a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:39:0e:3e:29:7b:a8:e8:76:75:8d:2f:72:
d2:4e:9c:3c:e8:3b:8f:6f:23:83:ce:d2:ce:14:cc:
c9:22:66:57:98:54:dd:51:3b:f4:1a:2f:0d:d8:91:
32:f7:f6:aa:4e:64:d2:0f:f0:34:12:73:a8:38:49:
62:a1:e1:58:cd:0b:6c:8f:67:23:6d:bb:30:63:bf:
2e:82:5d:06:80:76:61:31:c8:01:a8:54:43:e5:ef:
52:16:3a:47:18:32:5a:21:5d:81:30:42:8c:0a:4c:
73:95:e5:3b:1d:af:89:2a:41:e0:80:03:93:3d:8c:
3d:4e:5a:a0:5b:ad:75:0c:02:d5:57:74:0f:b7:ad:
37:0e:20:2f:ce:cb:ee:c5:94:f4:a8:f9:50:8a:20:
10:ff:0e:2b:73:eb:37:f9:bc:7a:94:0a:ce:ce:8b:
d0:26:35:69:e8:e4:ea:52:c8:26:92:e8:92:a9:72:
f1:36:ec:13:99:d5:7c:14:c5:cd:09:4e:2a:ac:94:
62:e8:db:a8:0f:d6:2c:24:bd:f7:2c:e6:85:41:a0:
48:99:bb:04:e1:2c:44:a2:52:bb:d4:ca:48:94:65:
80:40:c4:ef:db:4f:14:c5:00:f6:27:a3:b8:e2:46:
07:b9:cc:77:3d:fa:58:35:f7:2f:ab:77:cc:07:64:
fd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:43:9C:49:27:7A:7E:E1:48:F0:A1:59:EA:E2:88:B2:8D:6E:B9:6A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/00OcSSd6fuFI8KFZ6uKIso1uuWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.135.0/24
93.115.255.0/24
185.255.168.0/24
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
33:dd:20:e8:67:21:fb:4e:e4:1a:0a:2f:0e:b8:3f:70:98:2b:
c3:7f:43:4f:94:78:ae:a0:57:04:2b:22:30:64:9c:a1:70:e0:
a7:e7:f8:1f:ba:d6:e3:38:10:a0:30:84:2f:6c:06:16:d0:da:
c4:2a:5d:25:28:ad:0a:c8:f8:4d:2a:54:f6:7c:7a:20:8e:53:
35:ec:5c:14:4c:a0:4f:c7:58:9f:a9:a9:af:7f:98:e1:1d:3b:
f2:0f:1f:88:c5:56:1f:32:59:91:78:0a:5c:62:37:f5:a3:65:
3f:c5:34:e1:e2:d4:fc:e2:90:77:21:fc:b9:d6:ca:26:8a:60:
27:a2:55:0c:ff:91:5e:59:35:2e:5f:b7:21:b0:e4:41:be:1f:
28:42:c3:ee:da:e6:b3:77:b7:cc:17:00:98:e4:e0:61:2d:ce:
e0:7b:5d:08:8d:9f:fc:40:3d:6b:c0:1f:19:0a:6e:fb:64:66:
d4:bf:ea:9f:29:cf:8e:f7:5b:a2:93:3b:5c:6b:c2:38:af:43:
23:e4:2a:5d:1e:8b:ad:a8:03:3e:4c:0d:ad:27:eb:d7:8e:c6:
be:e7:e3:1f:c8:e8:b7:0b:0f:31:18:c1:e2:6f:f0:be:1a:8f:
2c:d0:2a:9d:db:e2:7a:df:12:b5:20:16:43:8f:4e:d8:c5:6d:
ed:2c:dc:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYbbHFzarBFiyfV/TsAkhGxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzEzMTMxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQzOWM0OTI3N2E3ZWUxNDhmMGExNTllYWUyODhiMjhkNmViOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r05Dj4pe6jodnWNL3LSTpw86DuP
byODztLOFMzJImZXmFTdUTv0Gi8N2JEy9/aqTmTSD/A0EnOoOElioeFYzQtsj2cj
bbswY78ugl0GgHZhMcgBqFRD5e9SFjpHGDJaIV2BMEKMCkxzleU7Ha+JKkHggAOT
PYw9TlqgW611DALVV3QPt603DiAvzsvuxZT0qPlQiiAQ/w4rc+s3+bx6lArOzovQ
JjVp6OTqUsgmkuiSqXLxNuwTmdV8FMXNCU4qrJRi6NuoD9YsJL33LOaFQaBImbsE
4SxEolK71MpIlGWAQMTv208UxQD2J6O44kYHucx3PfpYNfcvq3fMB2T9aQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNNDnEknen7hSPChWeriiLKNbrlqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMDBPY1NTZDZmdUZJOEtGWjZ1S0lzbzF1dVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPsWHAwQA
XXP/AwQAuf+oAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3
DQEBCwUAA4IBAQAz3SDoZyH7TuQaCi8OuD9wmCvDf0NPlHiuoFcEKyIwZJyhcOCn
5/gfutbjOBCgMIQvbAYW0NrEKl0lKK0KyPhNKlT2fHogjlM17FwUTKBPx1ifqamv
f5jhHTvyDx+IxVYfMlmReApcYjf1o2U/xTTh4tT84pB3Ify51somimAnolUM/5Fe
WTUuX7chsORBvh8oQsPu2uazd7fMFwCY5OBhLc7ge10IjZ/8QD1rwB8ZCm77ZGbU
v+qfKc+O91uikztca8I4r0Mj5CpdHoutqAM+TA2tJ+vXjsa+5+MfyOi3Cw8xGMHi
b/C+Go8s0Cqd2+J63xK1IBZDj07YxW3tLNxB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org