Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CC09--KRbsVKUk9gZyX7P_8lHJ8.roa
File: CC09--KRbsVKUk9gZyX7P_8lHJ8.roa (raw, json)
Hash identifier: bL5+cJR2q3nP20tHxJPGKvO/yk5P13bRGrGqJqjvmsw=
Subject key identifier: 08:2D:3D:FB:E2:91:6E:C5:4A:52:4F:60:67:25:FB:3F:FF:25:1C:9F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018779E8F2B0A91A63F360B53E6819D119DF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CC09--KRbsVKUk9gZyX7P_8lHJ8.roa
Signing time: Thu 13 Apr 2023 09:18:42 +0000
ROA not before: Thu 13 Apr 2023 09:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 103.205.24.0/24 maxlen: 24
185.236.61.0/24 maxlen: 24
193.42.53.0/24 maxlen: 24
89.44.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:e8:f2:b0:a9:1a:63:f3:60:b5:3e:68:19:d1:19:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 13 09:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=082d3dfbe2916ec54a524f606725fb3fff251c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f0:a3:49:3d:97:0d:80:ad:e8:9a:3e:b1:a1:
13:6c:af:14:a5:c5:fd:6a:f8:b8:14:dd:c0:de:d4:
ce:cb:e8:e5:8d:0a:e5:a1:97:18:65:b1:52:d7:1f:
45:f3:61:cd:a6:e6:b5:75:f0:94:9b:fa:22:78:6a:
5a:60:7d:98:c5:b6:ca:dd:28:37:e0:39:fb:47:ca:
85:1d:2b:45:c3:03:e1:9a:ef:3e:ab:0b:ee:1f:13:
ea:2f:b1:0b:34:4c:8d:e9:01:65:ec:87:f7:29:e2:
fe:63:e2:7d:cd:df:cf:6a:4b:2e:bc:79:a9:1f:4b:
de:86:0e:de:4d:c8:96:d6:26:81:d6:65:0c:e8:ed:
5b:e8:ea:cf:a3:b7:65:91:61:f4:96:38:d2:74:93:
98:c2:b8:2d:df:d6:6c:b9:88:d2:95:dc:66:96:02:
7b:c5:a2:62:1f:95:20:68:af:92:ec:60:af:7f:75:
1f:25:0b:79:9a:4e:99:30:b2:ce:4d:99:22:74:f9:
ab:61:b6:0a:75:62:99:5d:c3:8f:f8:ec:e4:6a:c4:
3a:e9:e6:71:46:42:5c:6b:2d:de:9c:42:85:5a:39:
12:e8:6b:30:c6:e4:f5:6a:31:47:1f:6d:46:f8:c2:
9d:39:46:a3:d6:55:b0:35:13:ed:88:d9:73:58:d0:
f8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2D:3D:FB:E2:91:6E:C5:4A:52:4F:60:67:25:FB:3F:FF:25:1C:9F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CC09--KRbsVKUk9gZyX7P_8lHJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.207.0/24
103.205.24.0/24
185.236.61.0/24
193.42.53.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:fc:dc:2b:46:22:ef:a4:2c:8f:af:58:44:86:d6:66:17:49:
33:2f:fd:6b:8c:f0:4e:82:55:f6:fa:c6:e0:a9:11:db:33:b6:
a5:80:d6:b8:40:bf:79:b7:05:29:b0:c0:3a:76:5a:dc:1f:a6:
96:49:b2:db:58:8a:13:5a:79:cc:f4:a4:ea:2b:3b:2e:09:d6:
43:1c:cc:11:d6:3f:96:56:45:ca:b9:75:35:c5:97:b9:ff:05:
67:72:92:51:e2:d7:3d:fc:ad:a9:27:90:b1:14:3a:d2:f6:b8:
fc:38:d2:80:7c:96:7c:33:fb:7d:f6:12:f0:33:96:d5:17:8e:
76:3d:73:7e:b2:b3:41:d8:b2:80:75:0e:da:0a:f8:77:9a:4e:
f2:68:ac:49:37:70:e2:d7:ad:3a:32:5e:e5:c2:fb:d9:c6:ba:
7e:17:45:7e:23:1a:75:cf:eb:f5:c7:f8:b9:3d:ee:5a:05:a0:
4b:ba:07:da:61:ee:c4:3a:16:39:71:e5:ff:fd:48:89:f0:cc:
94:1b:96:ea:3b:ba:68:8d:49:b7:80:07:95:67:9d:f0:2f:de:
59:b9:40:88:99:92:2f:c4:16:df:bc:5d:11:5f:85:5e:5c:9b:
75:2c:0d:ff:ee:06:55:1a:ab:c0:e2:a1:17:e9:fe:ed:74:4f:
cb:df:47:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd56PKwqRpj82C1PmgZ0RnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDEzMDkxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODJkM2RmYmUyOTE2ZWM1NGE1MjRmNjA2NzI1ZmIzZmZmMjUxYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPCjST2XDYCt6Jo+saETbK8UpcX9
avi4FN3A3tTOy+jljQrloZcYZbFS1x9F82HNpua1dfCUm/oieGpaYH2YxbbK3Sg3
4Dn7R8qFHStFwwPhmu8+qwvuHxPqL7ELNEyN6QFl7If3KeL+Y+J9zd/PaksuvHmp
H0vehg7eTciW1iaB1mUM6O1b6OrPo7dlkWH0ljjSdJOYwrgt39ZsuYjSldxmlgJ7
xaJiH5UgaK+S7GCvf3UfJQt5mk6ZMLLOTZkidPmrYbYKdWKZXcOP+OzkasQ66eZx
RkJcay3enEKFWjkS6GswxuT1ajFHH21G+MKdOUaj1lWwNRPtiNlzWND41wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAgtPfvikW7FSlJPYGcl+z//JRyfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQ0MwOS0tS1Jic1ZLVWs5Z1p5WDdQXzhsSEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSzPAwQA
Z80YAwQAuew9AwQAwSo1MA0GCSqGSIb3DQEBCwUAA4IBAQB6/NwrRiLvpCyPr1hE
htZmF0kzL/1rjPBOglX2+sbgqRHbM7algNa4QL95twUpsMA6dlrcH6aWSbLbWIoT
WnnM9KTqKzsuCdZDHMwR1j+WVkXKuXU1xZe5/wVncpJR4tc9/K2pJ5CxFDrS9rj8
ONKAfJZ8M/t99hLwM5bVF452PXN+srNB2LKAdQ7aCvh3mk7yaKxJN3Di1606Ml7l
wvvZxrp+F0V+Ixp1z+v1x/i5Pe5aBaBLugfaYe7EOhY5ceX//UiJ8MyUG5bqO7po
jUm3gAeVZ53wL95ZuUCImZIvxBbfvF0RX4VeXJt1LA3/7gZVGqvA4qEX6f7tdE/L
30c8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org