Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dq4OV18AlJkUqMbHoY0t6NjLZak.roa
File: Dq4OV18AlJkUqMbHoY0t6NjLZak.roa (raw, json)
Hash identifier: OvOMY+Id9iJaTWSLl2ARtNb+CzQoWQCl35X1uPijg4E=
Subject key identifier: 0E:AE:0E:57:5F:00:94:99:14:A8:C6:C7:A1:8D:2D:E8:D8:CB:65:A9
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187DE62650993062ADAE3D89BBC88E84990
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dq4OV18AlJkUqMbHoY0t6NjLZak.roa
Signing time: Tue 02 May 2023 21:33:22 +0000
ROA not before: Tue 02 May 2023 21:33:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:de:62:65:09:93:06:2a:da:e3:d8:9b:bc:88:e8:49:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 2 21:33:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eae0e575f00949914a8c6c7a18d2de8d8cb65a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:be:8f:33:b0:8a:32:e9:c4:c6:65:7c:c1:cc:
db:3c:ec:70:7a:7b:dc:0b:9e:e6:fc:13:29:b6:67:
c9:46:2e:70:82:64:97:54:1f:b8:e7:54:87:bb:fc:
fc:d8:e7:91:b2:2b:ed:21:06:06:2e:06:04:91:5e:
37:94:9b:72:6c:c3:a7:16:39:5c:87:b5:76:75:d8:
5c:f3:55:67:6f:74:8a:24:7a:34:60:69:b9:85:02:
81:e1:a5:0f:f9:38:64:1b:9d:aa:84:da:83:80:5b:
0d:90:bc:fd:4f:7d:a8:1e:38:7e:79:71:c7:5b:93:
fd:88:cc:f4:58:17:82:e0:65:af:04:a5:53:7e:cf:
fc:2f:8a:e0:b1:f2:7a:1d:e6:31:40:a8:1b:37:99:
a5:d9:96:88:ef:55:4a:35:51:a4:6c:0d:a4:c1:60:
16:f0:8f:dc:6a:67:d6:9c:f9:d2:16:bb:5c:7d:2c:
0c:f4:c2:48:c8:81:77:85:ec:24:37:21:83:69:6c:
ae:a9:95:02:39:a6:f7:1b:3e:b6:29:f8:ac:5c:b7:
22:6b:27:cb:b1:4d:36:ee:fd:25:ef:51:2a:0e:70:
ef:4b:e8:40:00:20:2d:98:5f:63:4c:87:a1:5d:0f:
0a:d8:5f:b1:95:10:3c:ef:46:fe:7c:51:ee:de:29:
41:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AE:0E:57:5F:00:94:99:14:A8:C6:C7:A1:8D:2D:E8:D8:CB:65:A9
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Dq4OV18AlJkUqMbHoY0t6NjLZak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
178.239.192.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/23
185.236.62.0/24
185.245.237.0-185.245.238.255
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
92:3b:9d:0b:76:29:19:8d:c6:30:5d:92:a7:db:5c:5e:1d:9c:
b2:d7:27:3b:72:67:a9:c0:d1:94:6f:84:22:0c:81:b7:d2:29:
db:d8:83:b8:f1:4a:8d:7b:21:06:1a:a8:4c:9e:63:d2:c9:4a:
61:6d:e2:5b:ee:4c:1e:d4:95:06:2b:d3:ea:e6:38:6f:63:08:
e9:9c:fc:bf:b6:ce:c2:32:54:0d:1a:8e:cc:d1:cb:ca:29:3d:
5e:44:7e:28:da:b3:f4:69:88:ae:1d:b3:0b:9d:ca:41:d7:ab:
ad:0a:07:70:27:2a:8d:d5:04:dc:ab:dc:9d:fa:47:2f:4b:5e:
19:1b:02:e1:46:56:fb:a5:c5:73:a7:d4:08:ef:14:a6:e5:c3:
6e:e5:3e:32:e0:04:25:bf:5b:4f:3e:b3:c2:9a:a8:56:b3:95:
2f:28:75:d8:1b:1e:f5:34:29:2c:9b:5b:de:e6:b1:c2:70:0e:
a7:80:d5:27:11:c6:37:4e:67:02:a8:36:63:0e:4b:4c:a6:25:
a3:d2:a4:71:70:ac:1e:e7:8b:2e:38:69:b4:2f:0f:fb:7e:9e:
75:4a:d0:56:a5:85:ca:f1:ba:49:5b:b1:51:b2:af:56:16:9c:
8b:bc:6d:09:7d:c0:cf:b8:cc:1e:7d:9c:c3:ff:2b:fd:d3:b5:
04:84:1a:dd
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYfeYmUJkwYq2uPYm7yI6EmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAyMjEzMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFlMGU1NzVmMDA5NDk5MTRhOGM2YzdhMThkMmRlOGQ4Y2I2NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb6PM7CKMunExmV8wczbPOxwenvc
C57m/BMptmfJRi5wgmSXVB+451SHu/z82OeRsivtIQYGLgYEkV43lJtybMOnFjlc
h7V2ddhc81Vnb3SKJHo0YGm5hQKB4aUP+ThkG52qhNqDgFsNkLz9T32oHjh+eXHH
W5P9iMz0WBeC4GWvBKVTfs/8L4rgsfJ6HeYxQKgbN5ml2ZaI71VKNVGkbA2kwWAW
8I/camfWnPnSFrtcfSwM9MJIyIF3hewkNyGDaWyuqZUCOab3Gz62KfisXLciayfL
sU027v0l71EqDnDvS+hAACAtmF9jTIehXQ8K2F+xlRA870b+fFHu3ilBZQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFA6uDldfAJSZFKjGx6GNLejYy2WpMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRHE0T1YxOEFsSmtVcU1iSG9ZMHQ2TmpMWmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZAwDAME
Ay2fmAMEAC2fmgMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gMEALLvwAME
ALLvywMEALlnSQMEALlnSzAMAwQAuXORAwQAuXOSAwQBuXnmAwQAueVoAwQAueVq
AwQBueb4AwQAuew+MAwDBAC59e0DBAC59e4DBAHCBJwDBADCBJ8DBADVIPkwDQYJ
KoZIhvcNAQELBQADggEBAJI7nQt2KRmNxjBdkqfbXF4dnLLXJztyZ6nA0ZRvhCIM
gbfSKdvYg7jxSo17IQYaqEyeY9LJSmFt4lvuTB7UlQYr0+rmOG9jCOmc/L+2zsIy
VA0ajszRy8opPV5Efijas/RpiK4dswudykHXq60KB3AnKo3VBNyr3J36Ry9LXhkb
AuFGVvulxXOn1AjvFKblw27lPjLgBCW/W08+s8KaqFazlS8oddgbHvU0KSybW97m
scJwDqeA1ScRxjdOZwKoNmMOS0ymJaPSpHFwrB7niy44abQvD/t+nnVK0Falhcrx
uklbsVGyr1YWnIu8bQl9wM+4zB59nMP/K/3TtQSEGt0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org