Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/J8vqxNXj9jusaERyjwVx8CLqk7I.roa
File: J8vqxNXj9jusaERyjwVx8CLqk7I.roa (raw, json)
Hash identifier: Opk4DwZrx5tL25qFkdvDwNhJ+ZQ5iTjwiKHtUM6J+4Q=
Subject key identifier: 27:CB:EA:C4:D5:E3:F6:3B:AC:68:44:72:8F:05:71:F0:22:EA:93:B2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187ACAB05024E2F0F30970F5AF70661A9FA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/J8vqxNXj9jusaERyjwVx8CLqk7I.roa
Signing time: Sun 23 Apr 2023 05:51:41 +0000
ROA not before: Sun 23 Apr 2023 05:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
185.121.230.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ac:ab:05:02:4e:2f:0f:30:97:0f:5a:f7:06:61:a9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 23 05:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27cbeac4d5e3f63bac6844728f0571f022ea93b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2a:ea:e3:11:19:2f:de:03:54:25:18:15:1d:
ea:a4:c6:54:18:7b:b5:98:54:72:4d:70:3b:6f:6d:
24:12:75:d0:4b:61:0b:ea:36:77:7c:d2:95:55:2c:
86:c4:c0:79:ea:4f:61:dd:01:3d:6e:57:17:6b:ca:
6c:c4:32:1c:63:c3:37:59:1c:28:4b:06:1a:98:9f:
21:07:70:19:f1:00:15:a0:10:0c:c1:4c:da:ac:7a:
bc:bc:c2:cd:85:97:0d:ed:15:69:47:00:75:9d:a3:
f6:6d:fb:89:05:79:56:52:80:3f:5a:52:0d:60:c4:
e8:04:c3:97:18:6a:37:42:cd:a9:ad:90:43:a1:e9:
62:dc:72:b7:47:df:c5:cb:cc:a9:ac:18:49:3a:56:
1d:5e:01:54:52:a0:bf:a9:25:09:f9:9c:3f:a4:2f:
0f:5d:91:35:6e:43:30:3a:ab:e9:2c:da:e4:4c:08:
79:cd:1f:6b:f6:a5:e0:de:98:24:a6:8a:92:a1:f1:
c8:ba:58:0c:1a:8a:c8:65:ef:15:9d:2d:39:c3:f2:
45:45:0b:8d:a5:c5:65:31:7e:b5:14:38:0c:ad:0a:
48:57:6e:f9:40:1c:b0:2c:bd:f5:f1:09:c7:6c:a9:
f8:1b:8b:a9:97:70:08:f9:b5:22:a0:5b:33:7f:23:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CB:EA:C4:D5:E3:F6:3B:AC:68:44:72:8F:05:71:F0:22:EA:93:B2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/J8vqxNXj9jusaERyjwVx8CLqk7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/24
45.159.154.0/24
62.197.135.0/24
78.142.242.0/23
89.43.208.0/24
178.239.192.0/24
178.239.203.0/24
185.9.54.0/24
185.103.75.0/24
185.115.146.0/24
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/23
185.245.237.0-185.245.238.255
188.214.27.0/24
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5b:15:85:ec:4a:21:21:e5:97:83:09:01:83:c3:1e:07:8a:
e1:c3:e1:9f:fd:89:99:7c:39:c8:8b:67:86:ab:c9:0b:97:a0:
63:db:2d:9b:65:eb:d7:13:b0:d1:25:cc:f1:10:6f:48:0f:da:
f3:a6:b2:82:44:f9:a5:74:dd:e4:0c:e5:35:c2:27:66:ec:4a:
ef:05:d3:9a:6b:aa:50:25:8d:28:f1:0c:8f:ab:f2:df:ed:49:
9b:32:bb:53:e8:15:2c:2f:29:42:4c:85:f6:50:da:10:f8:51:
c2:50:2a:9f:98:21:d2:64:37:f1:5d:22:72:63:43:42:66:c3:
a3:9f:64:38:ed:ec:f3:fd:58:e1:84:d4:20:3e:a1:26:c8:77:
16:68:a6:c5:73:93:f0:8f:23:79:8b:4f:94:2c:39:36:5f:de:
35:88:a4:01:f5:9e:d4:cf:ee:66:e8:8d:00:4a:20:1d:b5:45:
9f:e3:37:97:df:0a:ec:d5:20:e3:78:81:d0:fa:09:d8:a1:ac:
25:a3:41:fd:c5:92:53:53:c4:0e:c5:84:68:31:73:5d:44:58:
7f:b7:57:f8:ba:a2:21:05:b3:58:16:d9:25:27:23:96:f8:ce:
35:31:67:50:42:6e:6c:d3:7b:fe:44:2f:eb:71:9b:90:a1:c2:
4b:ce:b3:86
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYesqwUCTi8PMJcPWvcGYan6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDIzMDU1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NiZWFjNGQ1ZTNmNjNiYWM2ODQ0NzI4ZjA1NzFmMDIyZWE5M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSrq4xEZL94DVCUYFR3qpMZUGHu1
mFRyTXA7b20kEnXQS2EL6jZ3fNKVVSyGxMB56k9h3QE9blcXa8psxDIcY8M3WRwo
SwYamJ8hB3AZ8QAVoBAMwUzarHq8vMLNhZcN7RVpRwB1naP2bfuJBXlWUoA/WlIN
YMToBMOXGGo3Qs2prZBDoeli3HK3R9/Fy8yprBhJOlYdXgFUUqC/qSUJ+Zw/pC8P
XZE1bkMwOqvpLNrkTAh5zR9r9qXg3pgkpoqSofHIulgMGorIZe8VnS05w/JFRQuN
pcVlMX61FDgMrQpIV275QBywLL318QnHbKn4G4upl3AI+bUioFszfyOqfwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFCfL6sTV4/Y7rGhEco8FcfAi6pOyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSjh2cXhOWGo5anVzYUVSeWp3Vng4Q0xxazdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC2f
mAMEAC2fmgMEAD7FhwMEAU6O8gMEAFkr0AMEALLvwAMEALLvywMEALkJNgMEALln
SwMEALlzkgMEAbl55gMEALnlaAMEALnlagMEAbnm+DAMAwQAufXtAwQAufXuAwQA
vNYbAwQBwgScAwQAwgSfAwQA1SD5MA0GCSqGSIb3DQEBCwUAA4IBAQB5WxWF7Eoh
IeWXgwkBg8MeB4rhw+Gf/YmZfDnIi2eGq8kLl6Bj2y2bZevXE7DRJczxEG9ID9rz
prKCRPmldN3kDOU1widm7ErvBdOaa6pQJY0o8QyPq/Lf7UmbMrtT6BUsLylCTIX2
UNoQ+FHCUCqfmCHSZDfxXSJyY0NCZsOjn2Q47ezz/VjhhNQgPqEmyHcWaKbFc5Pw
jyN5i0+ULDk2X941iKQB9Z7Uz+5m6I0ASiAdtUWf4zeX3wrs1SDjeIHQ+gnYoawl
o0H9xZJTU8QOxYRoMXNdRFh/t1f4uqIhBbNYFtklJyOW+M41MWdQQm5s03v+RC/r
cZuQocJLzrOG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org