Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8plBZ_4MSPmEpuH-b02pm1JTyUE.roa
File: 8plBZ_4MSPmEpuH-b02pm1JTyUE.roa (raw, json)
Hash identifier: 4QWTaYFHWQSiy3FCB18vk1UhXqBmhgDk8Ju0Qfw3lZ0=
Subject key identifier: F2:99:41:67:FE:0C:48:F9:84:A6:E1:FE:6F:4D:A9:9B:52:53:C9:41
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187DFF53B5ACB35431A7B7974FA4EDA8201
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8plBZ_4MSPmEpuH-b02pm1JTyUE.roa
Signing time: Wed 03 May 2023 04:53:23 +0000
ROA not before: Wed 03 May 2023 04:53:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:df:f5:3b:5a:cb:35:43:1a:7b:79:74:fa:4e:da:82:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 3 04:53:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2994167fe0c48f984a6e1fe6f4da99b5253c941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:2f:ef:72:26:0d:38:eb:06:6e:88:b4:2b:
2e:80:5b:ad:29:c9:ce:c7:c9:13:0c:66:46:5d:c6:
e3:32:02:3e:66:3a:3a:f4:13:e9:b6:05:59:2d:fa:
9c:08:cd:d5:c7:b3:f8:49:61:8c:ab:8f:83:7e:29:
50:ef:fa:5f:2f:7d:2e:05:e9:40:8e:f0:76:3f:46:
fe:24:23:17:89:a4:75:16:48:a5:25:55:14:af:dc:
ce:1f:88:d0:cc:98:52:46:d8:f6:cd:48:2b:09:c2:
4d:33:81:c3:67:c7:9b:b5:21:3b:18:41:e1:f2:d5:
4d:bf:86:03:ae:9c:9b:a1:52:a8:cd:4e:04:41:87:
95:ec:04:ab:89:b4:70:ca:5a:b9:ea:13:0a:63:f4:
57:c9:cf:e7:0e:ff:ad:83:3e:9f:e2:e1:9d:29:e3:
23:31:b0:e7:d3:1f:a6:4a:77:82:b9:c2:b1:e6:de:
c9:f1:25:9c:8f:3e:f4:3e:d7:04:cb:6d:70:00:fe:
b7:15:cf:fc:52:84:2f:ef:b4:0f:d4:19:e3:ca:0d:
33:41:ec:65:ca:13:57:a9:83:56:fb:18:43:79:fd:
5f:97:b4:b7:47:78:c0:3b:d7:ef:b8:fd:22:e7:d0:
99:9d:09:d3:77:36:aa:ff:77:d1:3d:09:f6:22:5b:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:99:41:67:FE:0C:48:F9:84:A6:E1:FE:6F:4D:A9:9B:52:53:C9:41
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8plBZ_4MSPmEpuH-b02pm1JTyUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.128.0/24
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
178.239.192.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/23
185.236.62.0/24
185.245.237.0-185.245.238.255
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
95:7b:9e:84:67:83:57:a1:ce:46:5d:f7:8e:1b:eb:3c:67:8e:
cc:17:3c:9e:73:97:dd:00:aa:3c:90:a9:f5:75:d4:15:5a:37:
6e:76:c2:08:9a:e7:f4:75:3f:99:25:31:e8:0f:30:a1:8c:43:
6a:af:94:99:45:a8:66:3d:bc:5b:99:2f:a3:5c:d9:9f:c5:ed:
14:90:3d:d2:60:51:3b:31:c0:db:d3:1d:79:a2:c7:d3:99:47:
1e:99:6a:55:26:b4:7d:e8:b0:8f:2d:e0:89:4d:5f:13:db:c9:
92:d2:64:c5:6d:07:d4:0d:e8:67:75:a4:c8:c9:90:c1:c0:a2:
91:eb:aa:1d:1a:64:37:3c:a9:98:96:1b:dd:38:4c:c7:de:64:
b0:b8:95:89:81:a8:5f:0e:ad:b5:ab:5b:33:58:5a:27:c3:a5:
34:e6:92:f6:0b:1f:03:98:56:e1:d9:89:6a:3b:d0:72:f2:16:
09:92:5b:2d:df:68:3c:14:cf:f8:98:4e:0a:e7:ca:ee:cd:d3:
24:a0:f5:f8:c1:9e:7e:3e:56:92:24:7f:f3:f4:a1:3f:b5:b4:
86:b4:de:df:3c:f4:4d:5b:72:75:86:85:0b:c2:c3:69:0a:7d:
f8:3d:dd:55:96:9c:34:06:ac:bc:19:aa:2b:24:34:b7:29:dc:
5f:fb:07:ca
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYff9TtayzVDGnt5dPpO2oIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAzMDQ1MzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk5NDE2N2ZlMGM0OGY5ODRhNmUxZmU2ZjRkYTk5YjUyNTNjOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv8v73ImDTjrBm6ItCsugFutKcnO
x8kTDGZGXcbjMgI+Zjo69BPptgVZLfqcCM3Vx7P4SWGMq4+DfilQ7/pfL30uBelA
jvB2P0b+JCMXiaR1FkilJVUUr9zOH4jQzJhSRtj2zUgrCcJNM4HDZ8ebtSE7GEHh
8tVNv4YDrpyboVKozU4EQYeV7ASribRwylq56hMKY/RXyc/nDv+tgz6f4uGdKeMj
MbDn0x+mSneCucKx5t7J8SWcjz70PtcEy21wAP63Fc/8UoQv77QP1Bnjyg0zQexl
yhNXqYNW+xhDef1fl7S3R3jAO9fvuP0i59CZnQnTdzaq/3fRPQn2Iluy5QIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFPKZQWf+DEj5hKbh/m9NqZtSU8lBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOHBsQlpfNE1TUG1FcHVILWIwMnBtMUpUeVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYwDAME
Ay2fmAMEAC2fmgMEAD7FgAMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gME
ALLvwAMEALLvywMEALlnSQMEALlnSzAMAwQAuXORAwQAuXOSAwQBuXnmAwQAueVo
AwQAueVqAwQBueb4AwQAuew+MAwDBAC59e0DBAC59e4DBAHCBJwDBADCBJ8DBADV
IPkwDQYJKoZIhvcNAQELBQADggEBAJV7noRng1ehzkZd944b6zxnjswXPJ5zl90A
qjyQqfV11BVaN252wgia5/R1P5klMegPMKGMQ2qvlJlFqGY9vFuZL6Nc2Z/F7RSQ
PdJgUTsxwNvTHXmix9OZRx6ZalUmtH3osI8t4IlNXxPbyZLSZMVtB9QN6Gd1pMjJ
kMHAopHrqh0aZDc8qZiWG904TMfeZLC4lYmBqF8OrbWrWzNYWifDpTTmkvYLHwOY
VuHZiWo70HLyFgmSWy3faDwUz/iYTgrnyu7N0ySg9fjBnn4+VpIkf/P0oT+1tIa0
3t889E1bcnWGhQvCw2kKffg93VWWnDQGrLwZqiskNLcp3F/7B8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org