Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2ILlMmXkrJa4Sk0dO6KT6mT6NpM.roa
File: 2ILlMmXkrJa4Sk0dO6KT6mT6NpM.roa (raw, json)
Hash identifier: CMUTUs9ccENyYIS8YLwWMoBOl0b+P5tbylMmfgQNdl8=
Subject key identifier: D8:82:E5:32:65:E4:AC:96:B8:4A:4D:1D:3B:A2:93:EA:64:FA:36:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187BA0859913CAB2132B3CB0811AA64E528
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2ILlMmXkrJa4Sk0dO6KT6mT6NpM.roa
Signing time: Tue 25 Apr 2023 20:08:41 +0000
ROA not before: Tue 25 Apr 2023 20:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:08:59:91:3c:ab:21:32:b3:cb:08:11:aa:64:e5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 25 20:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d882e53265e4ac96b84a4d1d3ba293ea64fa3693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:79:7a:53:fd:9f:95:3d:50:e5:23:2c:4e:
cf:d5:41:e6:af:8f:f5:d3:ba:ae:1c:46:58:b4:08:
5f:ba:9d:e9:14:b1:05:f5:4a:61:b7:08:b7:02:cd:
ad:bc:2e:79:15:52:1c:44:8a:ef:06:19:c9:6e:df:
36:15:7c:30:af:f8:4e:9f:4f:a9:1d:e9:21:df:95:
aa:6a:49:d0:23:ef:d5:77:0f:a8:97:29:b8:f1:2f:
1f:7a:b3:56:47:75:18:2e:92:65:1c:45:84:96:06:
ad:e9:ab:7a:01:1e:ac:ee:94:c1:6b:75:0f:a7:e2:
d9:89:5b:8c:d9:a1:e5:51:2c:a7:16:2d:68:e2:70:
df:a2:ef:f7:8d:e3:b5:45:7b:64:2b:83:46:ad:53:
23:50:f3:e2:cc:94:7b:e4:7e:fc:77:51:cf:16:41:
99:85:30:cf:82:93:53:05:f9:3d:1b:3c:81:c7:2e:
10:1b:a8:ba:ca:19:82:72:c7:da:60:8d:8c:a0:15:
d3:5d:70:ab:91:1b:af:0f:32:49:42:05:35:f3:6c:
cb:f5:1f:f8:fa:1e:48:ec:d1:2c:01:d4:e8:98:bf:
c4:62:f4:c1:9f:1f:bb:18:cf:33:07:f6:f4:b8:3a:
95:6c:d7:9e:e2:4a:60:8c:53:d5:f9:20:72:c5:5b:
8b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:82:E5:32:65:E4:AC:96:B8:4A:4D:1D:3B:A2:93:EA:64:FA:36:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2ILlMmXkrJa4Sk0dO6KT6mT6NpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.128.0/24
62.197.132.0/24
91.209.12.0/24
103.205.25.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
185.229.105.0/24
185.245.236.0/24
Signature Algorithm: sha256WithRSAEncryption
97:5b:0f:ad:83:fa:e0:fe:63:2f:f3:fe:2d:f9:94:7b:48:e9:
52:55:7c:d9:55:b5:d4:94:24:ae:da:94:84:d8:45:69:29:9b:
3f:f7:a7:e5:6e:4f:f5:d6:4f:f3:b1:11:36:25:26:59:7d:b6:
b2:5d:6d:4e:de:ec:6a:f6:83:c7:ab:4c:b8:1d:eb:ba:34:22:
01:10:fa:51:ac:a7:34:61:2c:0c:1f:b7:d6:c0:48:ba:f7:36:
3a:e7:f4:48:4e:55:04:70:5e:c9:41:f3:6e:19:8b:ce:eb:c4:
62:c4:8b:6b:18:b4:3b:d0:ce:3e:8d:c9:47:af:f4:a4:9d:18:
7f:b6:ea:47:67:eb:30:28:01:e2:18:98:ec:78:c7:9c:07:c7:
e2:90:1f:9f:99:59:a4:4f:d2:9c:76:73:d6:88:e7:81:79:65:
1d:8f:a3:44:87:f5:b9:07:9d:aa:97:0e:a1:0e:58:93:aa:16:
28:3c:6e:a4:35:aa:b5:ea:2f:fc:a2:f5:95:25:af:d6:6c:02:
04:f7:9c:64:cc:36:2c:5b:6c:0b:2e:45:12:ab:ab:3c:0f:e5:
eb:60:2c:ff:1a:dd:a0:fd:f6:79:2b:1e:f6:ed:be:85:45:f6:
56:cd:c3:07:78:4b:f6:46:59:c0:e5:1f:2f:4a:94:7a:aa:df:
59:ac:8a:f6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYe6CFmRPKshMrPLCBGqZOUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI1MjAwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgyZTUzMjY1ZTRhYzk2Yjg0YTRkMWQzYmEyOTNlYTY0ZmEzNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYZ5elP9n5U9UOUjLE7P1UHmr4/1
07quHEZYtAhfup3pFLEF9Uphtwi3As2tvC55FVIcRIrvBhnJbt82FXwwr/hOn0+p
Hekh35WqaknQI+/Vdw+olym48S8ferNWR3UYLpJlHEWElgat6at6AR6s7pTBa3UP
p+LZiVuM2aHlUSynFi1o4nDfou/3jeO1RXtkK4NGrVMjUPPizJR75H78d1HPFkGZ
hTDPgpNTBfk9GzyBxy4QG6i6yhmCcsfaYI2MoBXTXXCrkRuvDzJJQgU182zL9R/4
+h5I7NEsAdTomL/EYvTBnx+7GM8zB/b0uDqVbNee4kpgjFPV+SByxVuLqwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNiC5TJl5KyWuEpNHTuik+pk+jaTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMklMbE1tWGtySmE0U2swZE82S1Q2bVQ2TnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAPsWAAwQA
PsWEAwQAW9EMAwQAZ80ZMAwDBACy78EDBACy78IDBACy78gDBAC55WkDBAC59eww
DQYJKoZIhvcNAQELBQADggEBAJdbD62D+uD+Yy/z/i35lHtI6VJVfNlVtdSUJK7a
lITYRWkpmz/3p+VuT/XWT/OxETYlJll9trJdbU7e7Gr2g8erTLgd67o0IgEQ+lGs
pzRhLAwft9bASLr3Njrn9EhOVQRwXslB824Zi87rxGLEi2sYtDvQzj6NyUev9KSd
GH+26kdn6zAoAeIYmOx4x5wHx+KQH5+ZWaRP0px2c9aI54F5ZR2Po0SH9bkHnaqX
DqEOWJOqFig8bqQ1qrXqL/yi9ZUlr9ZsAgT3nGTMNixbbAsuRRKrqzwP5etgLP8a
3aD99nkrHvbtvoVF9lbNwwd4S/ZGWcDlHy9KlHqq31msivY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org