Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9ry9cpT3FvQvgs0t7j1kJoB5GCM.roa
File: 9ry9cpT3FvQvgs0t7j1kJoB5GCM.roa (raw, json)
Hash identifier: ZLijUFYqbGN7sUXVnpu/lYixMtVchKsZrgeEvRRoKAg=
Subject key identifier: F6:BC:BD:72:94:F7:16:F4:2F:82:CD:2D:EE:3D:64:26:80:79:18:23
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187DB03F91AEDA2DEDF40A1C57185A1B2F5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9ry9cpT3FvQvgs0t7j1kJoB5GCM.roa
Signing time: Tue 02 May 2023 05:51:23 +0000
ROA not before: Tue 02 May 2023 05:51:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
185.121.230.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:03:f9:1a:ed:a2:de:df:40:a1:c5:71:85:a1:b2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 2 05:51:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6bcbd7294f716f42f82cd2dee3d642680791823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:67:3a:8d:c6:b0:68:5d:bd:79:e3:c4:2b:ae:
89:34:54:c5:f2:7b:16:88:21:89:77:74:e5:23:2c:
b7:62:5d:94:9e:4a:e6:eb:48:5d:6b:47:75:5c:be:
56:3d:09:1e:0e:2f:7d:f9:45:1e:40:1c:62:21:e5:
f7:6d:24:d9:30:12:6b:de:4a:20:12:20:bb:bf:99:
ab:03:f4:32:d5:9b:03:e3:f9:c9:6c:d8:f0:55:e8:
10:03:a2:37:fc:41:df:d6:02:35:06:6c:cf:09:cc:
9a:44:2f:c3:06:cd:b8:d1:21:c5:27:7c:91:3a:c4:
ed:62:6c:f6:c6:e6:f4:e6:aa:99:42:fc:4f:91:ed:
58:18:13:5f:1d:26:58:7e:35:7c:c8:f9:4e:df:79:
95:3a:ad:69:1d:71:80:9b:2e:83:c9:8d:ff:aa:ff:
5c:f5:ab:db:62:22:26:3e:ce:d5:a9:c5:90:ea:98:
ec:88:b9:a0:46:5d:95:8b:42:d1:7c:18:18:5b:63:
3d:7b:db:1b:a7:ae:89:31:ba:9c:ee:de:28:9d:55:
bd:b8:1c:06:53:73:03:78:9a:72:7d:00:ea:0f:e9:
a8:30:ed:f8:85:a9:57:e6:33:39:ab:55:ed:e4:12:
c7:44:8c:c1:32:89:7d:ed:9b:41:17:88:aa:b6:4b:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BC:BD:72:94:F7:16:F4:2F:82:CD:2D:EE:3D:64:26:80:79:18:23
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9ry9cpT3FvQvgs0t7j1kJoB5GCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.135.0/24
78.142.242.0/23
89.43.208.0/24
178.239.192.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.146.0/24
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/23
185.236.62.0/24
185.245.237.0-185.245.238.255
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:dd:5d:85:73:35:7e:4b:3d:fa:81:dc:dd:a9:9e:20:9d:6d:
c3:c5:94:f5:1c:ca:ac:49:01:b5:4a:ae:8b:f4:cf:cd:75:e4:
fc:90:e2:3a:d7:5f:87:3c:40:69:ef:a2:ee:8d:c6:25:17:94:
3e:da:11:b0:aa:e3:ac:c8:1f:c8:c3:d3:ca:07:f3:a3:cd:34:
c6:0a:05:0c:c9:8c:92:a2:6a:b8:aa:64:cd:c6:5a:f2:ed:c6:
7e:65:11:35:d2:fd:1b:d5:cc:00:e6:52:ba:0c:c0:06:d3:aa:
76:37:f2:a1:dd:ca:ee:31:71:23:fa:f9:ca:a3:3d:a2:7d:9d:
51:b2:a4:5c:b5:54:66:ba:58:11:f7:9e:94:7c:ec:3e:49:1a:
21:ac:83:fe:e2:c5:d7:54:b7:08:5e:34:e9:32:34:98:21:b9:
d4:8d:ec:74:c6:c5:46:44:62:7d:31:7e:0f:df:80:3a:83:53:
58:32:a1:71:5e:a7:50:e8:3d:a9:43:03:ec:43:8b:87:1c:0b:
2c:ec:fa:b4:b4:c1:fa:82:8c:7d:fe:a4:78:4d:fd:24:4e:96:
4d:25:9e:f5:c2:99:aa:8d:4b:7e:73:ec:88:d2:2f:f2:b4:0b:
0c:87:d1:18:04:04:d0:ee:a1:ac:07:00:56:a0:17:c3:10:c9:
9c:82:e6:c5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYfbA/ka7aLe30ChxXGFobL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAyMDU1MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmJjYmQ3Mjk0ZjcxNmY0MmY4MmNkMmRlZTNkNjQyNjgwNzkxODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2c6jcawaF29eePEK66JNFTF8nsW
iCGJd3TlIyy3Yl2Unkrm60hda0d1XL5WPQkeDi99+UUeQBxiIeX3bSTZMBJr3kog
EiC7v5mrA/Qy1ZsD4/nJbNjwVegQA6I3/EHf1gI1BmzPCcyaRC/DBs240SHFJ3yR
OsTtYmz2xub05qqZQvxPke1YGBNfHSZYfjV8yPlO33mVOq1pHXGAmy6DyY3/qv9c
9avbYiImPs7VqcWQ6pjsiLmgRl2Vi0LRfBgYW2M9e9sbp66JMbqc7t4onVW9uBwG
U3MDeJpyfQDqD+moMO34halX5jM5q1Xt5BLHRIzBMol97ZtBF4iqtkvAYQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPa8vXKU9xb0L4LNLe49ZCaAeRgjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOXJ5OWNwVDNGdlF2Z3MwdDdqMWtKb0I1R0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQD
LZ+YAwQALZ+aAwQAPsWHAwQBTo7yAwQAWSvQAwQAsu/AAwQAsu/LAwQAuWdJAwQA
uWdLAwQAuXOSAwQBuXnmAwQAueVoAwQAueVqAwQBueb4AwQAuew+MAwDBAC59e0D
BAC59e4DBAHCBJwDBADCBJ8DBADVIPkwDQYJKoZIhvcNAQELBQADggEBAI/dXYVz
NX5LPfqB3N2pniCdbcPFlPUcyqxJAbVKrov0z8115PyQ4jrXX4c8QGnvou6NxiUX
lD7aEbCq46zIH8jD08oH86PNNMYKBQzJjJKiariqZM3GWvLtxn5lETXS/RvVzADm
UroMwAbTqnY38qHdyu4xcSP6+cqjPaJ9nVGypFy1VGa6WBH3npR87D5JGiGsg/7i
xddUtwheNOkyNJghudSN7HTGxUZEYn0xfg/fgDqDU1gyoXFep1DoPalDA+xDi4cc
Cyzs+rS0wfqCjH3+pHhN/SROlk0lnvXCmaqNS35z7IjSL/K0CwyH0RgEBNDuoawH
AFagF8MQyZyC5sU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org