Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/G_haizSOr0ZqNA_5pUcba8iYBeA.roa
File: G_haizSOr0ZqNA_5pUcba8iYBeA.roa (raw, json)
Hash identifier: XPqylrE4yFm4NtSFtbr//mNHgoEuXEc67pI4nrtsUwk=
Subject key identifier: 1B:F8:5A:8B:34:8E:AF:46:6A:34:0F:F9:A5:47:1B:6B:C8:98:05:E0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018820C60A8EC8ED3F5C6F942E89822087F0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/G_haizSOr0ZqNA_5pUcba8iYBeA.roa
Signing time: Mon 15 May 2023 18:57:09 +0000
ROA not before: Mon 15 May 2023 18:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:c6:0a:8e:c8:ed:3f:5c:6f:94:2e:89:82:20:87:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 15 18:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bf85a8b348eaf466a340ff9a5471b6bc89805e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:73:e9:af:90:e7:c2:31:0d:70:b2:68:7b:78:
d9:48:66:d3:5e:b7:78:07:7d:13:f3:ef:da:40:45:
f6:d4:6a:67:83:03:c6:fb:a3:43:49:8c:a1:2b:1f:
db:a8:af:e2:35:47:4f:7a:38:77:fd:5e:06:d5:c8:
85:ae:89:ea:5d:db:90:ee:3e:d1:a5:02:09:5c:a3:
47:7a:e8:d0:4a:8c:28:95:3a:4c:80:ff:d7:9e:8b:
e3:0d:8c:2c:b5:bd:58:f8:db:48:c3:5e:8c:b1:ef:
d0:95:19:3b:c9:a5:5a:6c:b0:21:ec:37:cf:2e:e8:
77:8b:e8:e2:0a:81:33:f7:be:fe:97:bd:16:c8:99:
46:13:6a:9d:bb:93:d0:07:3c:8f:3e:c8:f8:a3:10:
a9:db:34:bf:a0:5e:c0:8c:bc:f7:b2:06:c8:e1:67:
47:2b:dd:90:dd:00:51:6b:e7:39:33:b5:74:31:f8:
c9:1d:e8:a6:0d:67:b6:be:f7:6d:ec:ff:91:e0:0e:
25:15:2b:3b:53:f2:f4:d3:87:43:b4:89:7a:7c:dd:
45:af:38:bf:63:f5:94:f7:ea:d6:a1:33:97:be:36:
4d:9c:41:8e:14:e7:68:b2:4e:ea:3c:2a:c7:09:18:
9e:30:e5:23:2d:12:cd:88:32:6a:43:b8:c4:fa:96:
98:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F8:5A:8B:34:8E:AF:46:6A:34:0F:F9:A5:47:1B:6B:C8:98:05:E0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/G_haizSOr0ZqNA_5pUcba8iYBeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
78.142.242.0/23
89.43.208.0/24
89.43.210.0/23
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.200.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c8:cc:94:bd:e8:e2:dd:69:08:b3:1b:90:80:b4:2e:25:e2:
93:3a:b6:a1:94:4a:38:94:f5:4a:62:40:8d:54:bd:b4:94:1c:
9f:54:17:79:71:c9:6c:ca:78:85:c6:d0:71:ce:35:a9:ed:3f:
0f:9a:40:b4:6e:20:78:6c:66:ae:ef:f4:78:2f:4c:77:cb:fd:
4d:ac:21:7f:96:97:59:c7:fe:ec:db:ae:c8:1e:68:81:3e:cb:
b2:48:8b:de:55:3e:d5:66:7e:e1:a9:df:87:c9:bb:2e:45:6b:
a0:db:cd:3c:68:c7:39:e1:7b:d7:f5:9e:76:94:8f:d4:1a:42:
0a:52:a1:a3:6b:91:df:14:a0:31:53:c6:8c:8d:3f:34:da:d3:
72:2c:99:9b:6b:b1:7e:3f:2f:ce:68:dc:f4:a8:a6:58:40:d4:
06:9e:95:22:2c:4a:05:b6:9b:13:11:64:0c:5a:cb:5d:fe:df:
c1:83:18:d2:7f:66:05:f7:09:81:86:8b:a6:37:17:6c:c2:87:
0b:a8:a0:7d:e7:96:d4:b8:59:9d:71:22:d2:0e:bd:21:a1:e1:
e7:99:fa:d6:55:22:0c:5e:fd:80:f2:d4:d3:62:f8:f9:d4:7a:
5c:e2:be:ff:b8:d7:7f:85:0b:3b:e2:fd:dc:68:67:9a:a8:bc:
4a:ff:8c:79
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYggxgqOyO0/XG+ULomCIIfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTE1MTg1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY4NWE4YjM0OGVhZjQ2NmEzNDBmZjlhNTQ3MWI2YmM4OTgwNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HPpr5DnwjENcLJoe3jZSGbTXrd4
B30T8+/aQEX21GpngwPG+6NDSYyhKx/bqK/iNUdPejh3/V4G1ciFronqXduQ7j7R
pQIJXKNHeujQSowolTpMgP/XnovjDYwstb1Y+NtIw16Mse/QlRk7yaVabLAh7DfP
Luh3i+jiCoEz977+l70WyJlGE2qdu5PQBzyPPsj4oxCp2zS/oF7AjLz3sgbI4WdH
K92Q3QBRa+c5M7V0MfjJHeimDWe2vvdt7P+R4A4lFSs7U/L004dDtIl6fN1Frzi/
Y/WU9+rWoTOXvjZNnEGOFOdosk7qPCrHCRieMOUjLRLNiDJqQ7jE+paY+wIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFBv4Wos0jq9GajQP+aVHG2vImAXgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvR19oYWl6U09yMFpxTkFfNXBVY2JhOGlZQmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaowDAME
Ay2fmAMEAC2fmgMEAD7FhAMEAD7FhwMEAU6O8gMEAFkr0AMEAVkr0gMEAGfNGTAM
AwQGsu/AAwQAsu/CAwQAsu/IAwQAsu/LAwQAuWdJAwQAuWdLMAwDBAC5c5EDBAC5
c5IDBAG5eeYDBAK55WgDBAG55vgDBAG57D4wDAMEArn17AMEALn17gMEAsCm1AME
AcIEnAMEAMIEnwMEAMsACAMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAYMjMlL3o
4t1pCLMbkIC0LiXikzq2oZRKOJT1SmJAjVS9tJQcn1QXeXHJbMp4hcbQcc41qe0/
D5pAtG4geGxmru/0eC9Md8v9Tawhf5aXWcf+7NuuyB5ogT7LskiL3lU+1WZ+4anf
h8m7LkVroNvNPGjHOeF71/WedpSP1BpCClKho2uR3xSgMVPGjI0/NNrTciyZm2ux
fj8vzmjc9KimWEDUBp6VIixKBbabExFkDFrLXf7fwYMY0n9mBfcJgYaLpjcXbMKH
C6igfeeW1LhZnXEi0g69IaHh55n61lUiDF79gPLU02L4+dR6XOK+/7jXf4ULO+L9
3Ghnmqi8Sv+MeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org