Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1st_v92vRKSNqbzPUr1bPQHZPGQ.roa
File: 1st_v92vRKSNqbzPUr1bPQHZPGQ.roa (raw, json)
Hash identifier: cO6Q/72F71dppjfs/l5nmxP5VYahd4eDAW8XFNbpqsQ=
Subject key identifier: D6:CB:7F:BF:DD:AF:44:A4:8D:A9:BC:CF:52:BD:5B:3D:01:D9:3C:64
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018746AB774F24826D36A53A944C598E303E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1st_v92vRKSNqbzPUr1bPQHZPGQ.roa
Signing time: Mon 03 Apr 2023 10:30:54 +0000
ROA not before: Mon 03 Apr 2023 10:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:ab:77:4f:24:82:6d:36:a5:3a:94:4c:59:8e:30:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 3 10:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6cb7fbfddaf44a48da9bccf52bd5b3d01d93c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:04:d7:3b:f8:95:8f:18:f4:f1:56:11:c7:f3:
06:0b:ef:ae:69:c8:86:61:8c:42:50:72:21:dd:be:
de:83:55:20:26:66:be:5c:f8:f7:25:bf:1b:54:21:
34:f5:14:d5:71:82:02:79:ff:5f:36:95:3c:fd:4a:
0c:e6:29:8a:a4:4e:0c:b3:86:55:01:de:10:ae:34:
1c:9e:7d:67:e1:73:fd:4e:5c:62:f4:9b:f0:17:01:
62:2b:92:84:f5:59:ac:1d:59:2a:67:f6:e6:36:8e:
86:a3:7f:e1:31:85:f3:e3:3e:9b:db:3a:1e:ae:f0:
8e:0c:69:b6:d2:8d:c0:02:24:30:5d:2a:d7:79:84:
6a:68:b6:a5:a3:92:b4:67:6b:02:23:8f:e2:dc:7f:
f6:09:c6:e2:9e:32:ef:67:72:be:02:2e:3f:8c:23:
83:5c:27:63:05:bd:3f:08:6a:30:63:5c:71:45:03:
0a:21:9f:ff:02:74:fd:11:72:1b:f9:32:06:98:f5:
53:c5:75:af:4d:2f:a3:a1:76:03:80:1e:0a:96:97:
7d:b8:81:ea:5d:8f:9a:1a:42:7a:52:13:d4:15:a7:
f0:4d:3b:fa:b2:9f:05:64:e7:d6:46:ec:66:61:c3:
31:fd:9d:8c:1b:eb:d9:f0:0a:47:c4:6c:8f:d9:d4:
4b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:CB:7F:BF:DD:AF:44:A4:8D:A9:BC:CF:52:BD:5B:3D:01:D9:3C:64
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1st_v92vRKSNqbzPUr1bPQHZPGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.153.0/24
62.197.128.0/24
62.197.132.0/24
91.209.12.0/24
103.205.25.0/24
103.205.27.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
185.229.105.0/24
185.245.236.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:79:80:08:c4:a7:78:c1:e4:71:6d:24:2c:77:a0:23:a4:69:
87:7b:5b:38:3b:f6:59:9f:e1:a1:e7:ae:55:cb:16:7d:c4:5f:
c9:5f:c6:7a:62:1d:7e:4e:be:fe:00:96:d7:12:f0:9f:2d:23:
11:cc:7f:96:42:74:f9:a1:a8:a2:df:4a:ac:b7:3b:ed:93:fe:
09:b6:44:45:c3:40:a9:ec:56:1f:e9:32:05:98:9a:1a:9d:11:
ad:be:41:77:9f:69:28:eb:33:60:ad:8e:97:20:81:a7:4a:57:
bf:b1:bc:38:a1:a1:2c:0e:a5:09:d9:26:af:34:a4:d0:31:fa:
b6:ae:f0:bd:2e:7a:68:75:40:ab:af:09:ef:48:cc:e9:ce:47:
8a:8d:5b:08:fe:40:22:70:d7:f0:2e:c1:20:d9:9e:be:d0:88:
e2:61:e7:22:07:b1:09:af:93:29:9d:3f:92:28:c4:95:14:45:
1d:63:68:4b:02:cd:c9:c2:87:2e:4c:00:47:ce:74:79:4d:bf:
50:00:1d:b2:56:9e:3f:05:f9:d1:bb:ed:a6:81:77:47:ea:bf:
91:80:2f:70:e3:4a:27:af:2a:a5:46:3c:09:da:1f:f7:e4:ec:
c8:0b:4e:0f:5f:4f:85:fd:24:60:ca:d6:b0:66:c2:f9:29:34:
e8:b1:ba:6c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYdGq3dPJIJtNqU6lExZjjA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAzMTAzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmNiN2ZiZmRkYWY0NGE0OGRhOWJjY2Y1MmJkNWIzZDAxZDkzYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ATXO/iVjxj08VYRx/MGC++uaciG
YYxCUHIh3b7eg1UgJma+XPj3Jb8bVCE09RTVcYICef9fNpU8/UoM5imKpE4Ms4ZV
Ad4QrjQcnn1n4XP9Tlxi9JvwFwFiK5KE9VmsHVkqZ/bmNo6Go3/hMYXz4z6b2zoe
rvCODGm20o3AAiQwXSrXeYRqaLalo5K0Z2sCI4/i3H/2CcbinjLvZ3K+Ai4/jCOD
XCdjBb0/CGowY1xxRQMKIZ//AnT9EXIb+TIGmPVTxXWvTS+joXYDgB4Klpd9uIHq
XY+aGkJ6UhPUFafwTTv6sp8FZOfWRuxmYcMx/Z2MG+vZ8ApHxGyP2dRLZwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNbLf7/dr0Skjam8z1K9Wz0B2TxkMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMXN0X3Y5MnZSS1NOcWJ6UFVyMWJQUUhaUEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALZ+ZAwQA
PsWAAwQAPsWEAwQAW9EMAwQAZ80ZAwQAZ80bMAwDBACy78EDBACy78IDBACy78gD
BAC55WkDBAC59ewwDQYJKoZIhvcNAQELBQADggEBAD95gAjEp3jB5HFtJCx3oCOk
aYd7Wzg79lmf4aHnrlXLFn3EX8lfxnpiHX5Ovv4AltcS8J8tIxHMf5ZCdPmhqKLf
Sqy3O+2T/gm2REXDQKnsVh/pMgWYmhqdEa2+QXefaSjrM2CtjpcggadKV7+xvDih
oSwOpQnZJq80pNAx+rau8L0uemh1QKuvCe9IzOnOR4qNWwj+QCJw1/AuwSDZnr7Q
iOJh5yIHsQmvkymdP5IoxJUURR1jaEsCzcnChy5MAEfOdHlNv1AAHbJWnj8F+dG7
7aaBd0fqv5GAL3DjSievKqVGPAnaH/fk7MgLTg9fT4X9JGDK1rBmwvkpNOixumw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org