Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CkyV6EiFy96YvxT4YQdiSSzKObI.roa
File: CkyV6EiFy96YvxT4YQdiSSzKObI.roa (raw, json)
Hash identifier: ihw2ela0uNetWjeaTK4RMnoJRkAQVXN5fYctiomOzJI=
Subject key identifier: 0A:4C:95:E8:48:85:CB:DE:98:BF:14:F8:61:07:62:49:2C:CA:39:B2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01868C98E31D3D13877F0976AB29CF4C7D93
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CkyV6EiFy96YvxT4YQdiSSzKObI.roa
Signing time: Sun 26 Feb 2023 07:21:15 +0000
ROA not before: Sun 26 Feb 2023 07:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8c:98:e3:1d:3d:13:87:7f:09:76:ab:29:cf:4c:7d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 26 07:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a4c95e84885cbde98bf14f8610762492cca39b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:97:ce:88:62:8e:7d:15:05:24:e3:bf:92:cc:
51:84:b5:2d:0e:42:bc:c7:d9:0f:53:64:98:63:e7:
54:8d:27:0c:f3:f5:b7:c3:20:88:97:c2:6f:5c:ad:
50:ea:34:cf:84:4c:b1:53:d6:d2:d4:86:bf:56:81:
87:2c:8a:42:59:57:2e:3c:cc:1b:d9:db:1d:70:01:
9d:f5:e0:c5:3b:71:40:45:e3:aa:8f:54:a1:12:71:
f3:39:c8:0b:5b:09:a0:c5:c9:d4:cc:71:a9:24:ef:
b2:44:9a:c2:34:6c:4e:68:b1:4b:8d:34:1a:ad:53:
17:0c:66:b1:ca:23:90:9d:87:fc:25:02:ba:2d:d0:
89:1d:1a:cd:14:44:ec:3f:4d:1f:05:91:84:67:2e:
67:a1:5b:61:47:89:20:ce:c3:1b:df:91:30:de:05:
f1:ed:c6:49:80:ab:3f:18:7e:ac:9a:7f:3c:0e:45:
2a:59:86:16:8e:b4:01:7c:c9:2e:7c:44:25:46:9d:
36:c1:9c:67:d6:03:47:23:ba:d1:6f:df:33:e9:f9:
8f:39:b9:41:8e:80:ef:95:10:d9:fb:86:21:1d:b6:
76:9e:0c:54:21:ee:1f:40:1f:e3:1a:1f:d7:87:db:
68:3d:5c:01:34:88:65:43:98:9b:b7:d4:85:2b:51:
70:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4C:95:E8:48:85:CB:DE:98:BF:14:F8:61:07:62:49:2C:CA:39:B2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CkyV6EiFy96YvxT4YQdiSSzKObI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.128.0/24
62.197.132.0/24
89.43.209.0/24
178.239.200.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
31:95:f3:b5:f2:27:3e:d7:41:f0:ce:01:e1:a0:6e:51:b1:13:
c3:d3:03:4c:81:a0:e7:ab:08:e9:93:19:3c:9f:f4:e7:9c:88:
7f:41:e7:4c:91:64:37:12:1d:23:79:7d:b4:48:78:9d:6b:29:
bf:db:1a:ec:12:9e:c6:e4:78:69:81:7a:98:2c:a5:f5:ae:95:
56:f5:92:23:2b:ca:83:69:2b:cc:0f:78:59:c6:97:71:f1:3c:
37:3e:01:6d:fe:9f:62:7e:48:cc:8b:19:9c:37:61:66:ce:d9:
88:f0:65:07:f6:9d:ba:62:6d:e2:89:34:66:db:49:38:41:be:
ff:c7:b6:48:98:0f:aa:93:10:ff:f9:b8:ec:14:d3:89:b6:54:
e9:fc:fc:b2:52:b4:1e:f2:2f:97:4d:1f:52:f5:8b:d5:47:a7:
9c:32:66:b5:4b:33:f9:40:75:7d:35:1c:97:05:31:9d:4d:7a:
15:93:8f:71:5c:fa:78:a6:17:20:8b:71:54:a5:01:ea:ce:38:
3e:6a:df:c7:cd:f0:67:6f:24:2a:fd:7b:28:89:b0:e4:5b:c0:
c7:d0:d1:c1:98:5c:54:83:c1:72:3c:aa:58:a5:6e:c0:cd:72:
e9:46:df:da:17:9c:e5:fe:a4:1a:17:95:c2:79:b5:9e:b2:3d:
bd:11:f6:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYaMmOMdPROHfwl2qynPTH2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI2MDcyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRjOTVlODQ4ODVjYmRlOThiZjE0Zjg2MTA3NjI0OTJjY2EzOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJfOiGKOfRUFJOO/ksxRhLUtDkK8
x9kPU2SYY+dUjScM8/W3wyCIl8JvXK1Q6jTPhEyxU9bS1Ia/VoGHLIpCWVcuPMwb
2dsdcAGd9eDFO3FAReOqj1ShEnHzOcgLWwmgxcnUzHGpJO+yRJrCNGxOaLFLjTQa
rVMXDGaxyiOQnYf8JQK6LdCJHRrNFETsP00fBZGEZy5noVthR4kgzsMb35Ew3gXx
7cZJgKs/GH6smn88DkUqWYYWjrQBfMkufEQlRp02wZxn1gNHI7rRb98z6fmPOblB
joDvlRDZ+4YhHbZ2ngxUIe4fQB/jGh/Xh9toPVwBNIhlQ5ibt9SFK1FwWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFApMlehIhcvemL8U+GEHYkksyjmyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQ2t5VjZFaUZ5OTZZdnhUNFlRZGlTU3pLT2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPsWAAwQA
PsWEAwQAWSvRAwQAsu/IAwQA3xtyMA0GCSqGSIb3DQEBCwUAA4IBAQAxlfO18ic+
10HwzgHhoG5RsRPD0wNMgaDnqwjpkxk8n/TnnIh/QedMkWQ3Eh0jeX20SHidaym/
2xrsEp7G5HhpgXqYLKX1rpVW9ZIjK8qDaSvMD3hZxpdx8Tw3PgFt/p9ifkjMixmc
N2FmztmI8GUH9p26Ym3iiTRm20k4Qb7/x7ZImA+qkxD/+bjsFNOJtlTp/PyyUrQe
8i+XTR9S9YvVR6ecMma1SzP5QHV9NRyXBTGdTXoVk49xXPp4phcgi3FUpQHqzjg+
at/HzfBnbyQq/XsoibDkW8DH0NHBmFxUg8FyPKpYpW7AzXLpRt/aF5zl/qQaF5XC
ebWesj29EfZE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org