Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9LvQmCOO67qTIrR9be2D3tx1mu0.roa
File: 9LvQmCOO67qTIrR9be2D3tx1mu0.roa (raw, json)
Hash identifier: v8FMyPm7Vjz5nuvk/n2SpOs4W+yEqG6HhTKF8Hqy+Zo=
Subject key identifier: F4:BB:D0:98:23:8E:EB:BA:93:22:B4:7D:6D:ED:83:DE:DC:75:9A:ED
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187EFFF1A8964A54A665140890B71B78DD1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9LvQmCOO67qTIrR9be2D3tx1mu0.roa
Signing time: Sat 06 May 2023 07:38:05 +0000
ROA not before: Sat 06 May 2023 07:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ef:ff:1a:89:64:a5:4a:66:51:40:89:0b:71:b7:8d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 6 07:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4bbd098238eebba9322b47d6ded83dedc759aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c0:df:32:4b:49:14:fe:d9:1a:84:7a:70:a9:
21:1b:4d:bb:d3:13:72:d7:cb:ba:1a:b5:e4:58:de:
5d:23:99:d0:01:ae:d2:44:35:a9:99:31:36:81:aa:
d1:b8:49:7f:33:f3:bb:cd:e4:fb:95:af:23:e7:d9:
ab:c6:08:be:7c:23:5f:df:77:16:7d:70:c4:a9:85:
bd:28:2d:19:c7:43:8c:6a:71:de:4e:1f:98:13:89:
18:39:27:23:d9:e3:90:b1:a5:8a:d9:72:c1:35:1d:
cd:cb:eb:3a:22:2e:21:9c:bd:59:8a:91:ff:22:bd:
82:3f:5d:3d:6d:ca:82:f3:bc:6b:9c:5b:ed:6d:71:
89:24:f3:e1:01:43:6d:d6:fd:80:ea:b8:41:15:85:
f9:5f:e0:f3:07:1d:2a:00:e0:26:e6:ee:d4:d2:b8:
40:bd:4c:fe:0e:b5:66:df:f5:bd:1f:00:5a:df:4e:
20:95:95:ca:7a:c8:f7:22:84:c1:8a:de:cd:04:7a:
1d:2b:85:85:38:17:cf:18:35:ff:b8:e9:6e:41:83:
d5:87:c9:77:93:e2:ee:00:c5:3c:f1:a3:26:bd:90:
9f:38:3f:92:b1:7b:5a:07:25:88:6d:ca:e7:22:a1:
94:3b:c1:4e:45:15:5b:9b:1e:9f:c6:0d:a9:50:b9:
c6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BB:D0:98:23:8E:EB:BA:93:22:B4:7D:6D:ED:83:DE:DC:75:9A:ED
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9LvQmCOO67qTIrR9be2D3tx1mu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.128.0/24
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
91.209.12.0/24
103.205.25.0/24
178.239.192.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/24
185.245.236.0-185.245.238.255
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
80:65:ec:dd:28:5d:70:4a:c0:86:2a:c8:ce:18:88:7d:5d:79:
00:f4:0a:8e:6f:9b:a8:f5:ef:22:b5:ab:08:1a:f7:d5:96:02:
89:45:9d:8b:00:cf:9f:d3:b3:b3:ac:68:84:2c:f2:5c:d0:00:
ef:17:41:25:2e:fd:23:3f:ce:c6:c1:2f:7a:68:d1:69:d7:e9:
18:71:e0:f3:ab:f9:84:5d:b0:a9:96:0d:89:e2:f8:74:d6:ca:
1b:df:e3:b7:ff:90:5c:84:e5:03:49:30:d5:20:97:d5:19:32:
b0:2c:64:2c:8e:c9:75:6a:70:19:b8:17:c4:09:36:df:95:ff:
26:8c:8d:16:68:38:10:ba:26:c9:fb:2f:2b:21:ed:eb:ca:ad:
4a:fe:7d:e9:50:91:4a:a1:a8:4c:c7:5e:e5:d3:26:ae:0e:2a:
4d:1c:47:de:a2:3f:05:39:ad:62:90:a5:06:2f:52:70:4c:aa:
7d:16:c0:7e:80:6d:73:9a:ab:58:3a:32:31:d3:14:48:fb:e9:
95:31:73:c7:6e:6b:0e:70:86:a5:8c:9e:a0:d8:17:8e:70:1d:
b6:b4:0c:08:a6:c5:d8:5e:a1:b4:be:a1:7b:48:45:a2:14:ec:
0d:2c:61:58:35:b1:db:3d:8b:35:b0:d5:6f:83:f8:03:6d:6e:
cf:94:17:97
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYfv/xqJZKVKZlFAiQtxt43RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA2MDczODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJiZDA5ODIzOGVlYmJhOTMyMmI0N2Q2ZGVkODNkZWRjNzU5YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcDfMktJFP7ZGoR6cKkhG0270xNy
18u6GrXkWN5dI5nQAa7SRDWpmTE2garRuEl/M/O7zeT7la8j59mrxgi+fCNf33cW
fXDEqYW9KC0Zx0OManHeTh+YE4kYOScj2eOQsaWK2XLBNR3Ny+s6Ii4hnL1ZipH/
Ir2CP109bcqC87xrnFvtbXGJJPPhAUNt1v2A6rhBFYX5X+DzBx0qAOAm5u7U0rhA
vUz+DrVm3/W9HwBa304glZXKesj3IoTBit7NBHodK4WFOBfPGDX/uOluQYPVh8l3
k+LuAMU88aMmvZCfOD+SsXtaByWIbcrnIqGUO8FORRVbmx6fxg2pULnGxQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFPS70Jgjjuu6kyK0fW3tg97cdZrtMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOUx2UW1DT082N3FUSXJSOWJlMkQzdHgxbXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwwDAME
Ay2fmAMEAC2fmgMEAD7FgAMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gME
AFvRDAMEAGfNGQMEALLvwAMEALLvywMEALlnSQMEALlnSzAMAwQAuXORAwQAuXOS
AwQBuXnmAwQCueVoAwQBueb4AwQAuew+MAwDBAK59ewDBAC59e4DBAHCBJwDBADC
BJ8DBADVIPkwDQYJKoZIhvcNAQELBQADggEBAIBl7N0oXXBKwIYqyM4YiH1deQD0
Co5vm6j17yK1qwga99WWAolFnYsAz5/Ts7OsaIQs8lzQAO8XQSUu/SM/zsbBL3po
0WnX6Rhx4POr+YRdsKmWDYni+HTWyhvf47f/kFyE5QNJMNUgl9UZMrAsZCyOyXVq
cBm4F8QJNt+V/yaMjRZoOBC6Jsn7Lysh7evKrUr+felQkUqhqEzHXuXTJq4OKk0c
R96iPwU5rWKQpQYvUnBMqn0WwH6AbXOaq1g6MjHTFEj76ZUxc8duaw5whqWMnqDY
F45wHba0DAimxdheobS+oXtIRaIU7A0sYVg1sds9izWw1W+D+ANtbs+UF5c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org