Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BBC_CiNQMOEsspjcCRGpxaDB2bM.roa
File: BBC_CiNQMOEsspjcCRGpxaDB2bM.roa (raw, json)
Hash identifier: Fk1cYNhz17C0U5Erngiub0D89rmkCo0c7kdL76VH96Q=
Subject key identifier: 04:10:BF:0A:23:50:30:E1:2C:B2:98:DC:09:11:A9:C5:A0:C1:D9:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187173823EA54AE0E9CAA47FC1BC1DB529E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BBC_CiNQMOEsspjcCRGpxaDB2bM.roa
Signing time: Sat 25 Mar 2023 05:22:47 +0000
ROA not before: Sat 25 Mar 2023 05:22:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 91.209.12.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:38:23:ea:54:ae:0e:9c:aa:47:fc:1b:c1:db:52:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 25 05:22:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0410bf0a235030e12cb298dc0911a9c5a0c1d9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c6:32:16:2d:b6:c6:e9:d2:67:dd:67:b7:bf:
48:cc:d1:f4:d0:ba:84:6d:52:af:06:78:f4:11:45:
9c:56:d0:b6:1b:28:f3:a2:ee:62:26:00:76:6a:23:
81:c4:2f:97:1b:4e:f0:17:cb:79:f0:0d:1e:a8:3f:
db:53:e8:7f:0a:ad:04:4d:fc:45:75:dd:0b:0c:76:
dc:82:83:51:ad:f8:76:cb:52:81:0a:7c:51:11:14:
8c:1d:30:f4:94:a5:d5:1c:97:c6:91:91:58:e6:8f:
41:38:28:75:93:74:bf:6e:39:0b:d3:bd:ce:3c:4d:
82:de:23:1f:05:92:2f:c7:3b:bf:27:3a:18:9f:ee:
a2:09:4e:37:60:9c:30:bc:61:bc:06:75:37:3b:8e:
91:0c:6c:a1:8f:3b:d8:73:92:24:4a:cc:5f:12:6a:
4b:1d:9f:79:1b:f6:eb:76:db:c4:6e:f5:65:59:5c:
91:7c:51:71:55:95:71:2d:c1:c2:19:59:29:1f:c7:
f3:4e:5d:08:2f:14:c4:a6:a7:fa:69:fd:48:2d:16:
42:63:ba:8a:a4:31:b6:bd:f7:49:d9:13:5f:ad:53:
68:a3:90:31:af:af:ba:81:1d:1d:4c:8b:63:ff:6a:
8d:dd:84:68:5f:92:19:5c:4d:44:fa:b7:13:a4:12:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:10:BF:0A:23:50:30:E1:2C:B2:98:DC:09:11:A9:C5:A0:C1:D9:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BBC_CiNQMOEsspjcCRGpxaDB2bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.153.0/24
62.197.128.0/24
62.197.132.0/24
89.43.211.0/24
91.209.12.0/24
103.205.25.0/24
103.205.27.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
185.229.105.0/24
185.245.236.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
83:10:3e:7f:27:66:20:d0:aa:2a:13:30:43:65:bc:ce:8e:b2:
a2:6c:cc:0d:6d:a8:d6:80:b1:ac:3c:29:05:ba:16:2f:ab:66:
18:7a:d8:98:8c:a7:72:97:24:2c:93:c6:94:60:93:6d:68:ac:
9b:2b:40:7d:9d:24:6b:cb:19:04:95:f1:33:38:63:28:9f:ad:
e4:7e:4f:b6:1a:6f:c6:49:e9:e6:91:7d:02:08:d0:59:45:a9:
b3:fe:ac:11:13:23:a2:d3:c7:fb:93:3d:c4:3e:73:16:e9:43:
83:9e:91:c2:33:f0:c2:ad:18:60:6b:15:99:b7:a6:c2:57:45:
af:3a:72:0b:87:18:c7:ee:c9:11:ff:3f:fa:b2:22:8f:09:71:
96:ba:77:15:38:12:b2:8c:09:38:fa:a0:c8:76:2b:ba:8e:40:
35:23:a3:8d:9e:9b:a2:73:53:73:0e:23:25:ae:47:8b:5e:bc:
69:8d:68:5a:2f:a4:d4:a8:00:1a:49:6e:fd:35:2f:45:d9:93:
57:cf:9f:87:54:c9:8f:92:86:cc:7b:ce:d8:25:2a:cf:7b:27:
f2:22:b0:7a:2e:5c:62:e8:d8:13:d8:51:6a:2c:a1:ee:fb:65:
db:7b:4c:7c:c1:38:08:af:03:01:d4:99:90:2d:e3:bd:3a:95:
36:77:e5:56
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYcXOCPqVK4OnKpH/BvB21KeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI1MDUyMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDEwYmYwYTIzNTAzMGUxMmNiMjk4ZGMwOTExYTljNWEwYzFkOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MYyFi22xunSZ91nt79IzNH00LqE
bVKvBnj0EUWcVtC2Gyjzou5iJgB2aiOBxC+XG07wF8t58A0eqD/bU+h/Cq0ETfxF
dd0LDHbcgoNRrfh2y1KBCnxRERSMHTD0lKXVHJfGkZFY5o9BOCh1k3S/bjkL073O
PE2C3iMfBZIvxzu/JzoYn+6iCU43YJwwvGG8BnU3O46RDGyhjzvYc5IkSsxfEmpL
HZ95G/brdtvEbvVlWVyRfFFxVZVxLcHCGVkpH8fzTl0ILxTEpqf6af1ILRZCY7qK
pDG2vfdJ2RNfrVNoo5Axr6+6gR0dTItj/2qN3YRoX5IZXE1E+rcTpBI0uwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAQQvwojUDDhLLKY3AkRqcWgwdmzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQkJDX0NpTlFNT0Vzc3BqY0NSR3B4YURCMmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZ+ZAwQA
PsWAAwQAPsWEAwQAWSvTAwQAW9EMAwQAZ80ZAwQAZ80bMAwDBACy78EDBACy78ID
BACy78gDBAC55WkDBAC59ewDBADfG3IwDQYJKoZIhvcNAQELBQADggEBAIMQPn8n
ZiDQqioTMENlvM6OsqJszA1tqNaAsaw8KQW6Fi+rZhh62JiMp3KXJCyTxpRgk21o
rJsrQH2dJGvLGQSV8TM4YyifreR+T7Yab8ZJ6eaRfQII0FlFqbP+rBETI6LTx/uT
PcQ+cxbpQ4OekcIz8MKtGGBrFZm3psJXRa86cguHGMfuyRH/P/qyIo8JcZa6dxU4
ErKMCTj6oMh2K7qOQDUjo42em6JzU3MOIyWuR4tevGmNaFovpNSoABpJbv01L0XZ
k1fPn4dUyY+Shsx7ztglKs97J/IisHouXGLo2BPYUWosoe77Zdt7THzBOAivAwHU
mZAt4706lTZ35VY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org