Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JAUcHOkmz54IP4tB78LIQat0T7A.roa
File: JAUcHOkmz54IP4tB78LIQat0T7A.roa (raw, json)
Hash identifier: f6gLL+qaXJLw0vC4NXQ0bWWDIv3sZoAD+9u10AC8H8c=
Subject key identifier: 24:05:1C:1C:E9:26:CF:9E:08:3F:8B:41:EF:C2:C8:41:AB:74:4F:B0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01886D7A820A2584EF69BC7DFEE11120998B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JAUcHOkmz54IP4tB78LIQat0T7A.roa
Signing time: Tue 30 May 2023 16:25:25 +0000
ROA not before: Tue 30 May 2023 16:25:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6d:7a:82:0a:25:84:ef:69:bc:7d:fe:e1:11:20:99:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 30 16:25:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24051c1ce926cf9e083f8b41efc2c841ab744fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2b:e8:5c:92:23:b1:91:6d:d2:af:91:ab:4e:
91:c4:2a:ed:d3:ac:00:8b:5e:9f:80:33:21:7a:41:
c9:ea:35:b7:65:e8:5e:62:4e:3a:95:a5:19:58:62:
f9:33:05:9d:fa:a8:21:b0:4f:26:50:70:a8:f3:76:
ed:a0:8f:66:21:39:76:71:2c:b5:40:b4:22:87:2e:
00:53:57:1f:bb:c1:77:d4:59:32:f4:e0:7c:65:c1:
cb:8f:e2:19:38:ee:82:8f:83:b1:35:9a:53:f1:00:
5f:06:fe:e5:d7:3b:1b:a3:ae:1b:7d:fc:fa:83:b0:
f2:45:0e:9b:ac:dc:44:56:e4:ad:fe:28:85:60:ff:
5a:65:27:fc:9a:22:3c:05:1e:9d:8b:5b:0e:69:07:
b4:09:87:5a:c7:d8:1c:0c:ef:b1:da:ec:67:4a:1a:
84:08:c3:81:e4:38:b3:6d:3e:f0:bc:e4:43:ae:88:
3b:7f:9d:89:71:87:2a:3a:6f:87:a3:5b:50:86:bf:
64:df:5e:79:af:57:b0:0b:76:6f:63:11:08:20:23:
22:72:2f:db:67:d3:ef:1c:8a:37:1f:2d:26:53:41:
85:0f:28:1d:5a:ba:ae:eb:8e:aa:b5:32:5c:a4:46:
1b:6a:2b:92:f5:46:26:3f:90:3d:2d:3e:ed:e0:d6:
aa:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:05:1C:1C:E9:26:CF:9E:08:3F:8B:41:EF:C2:C8:41:AB:74:4F:B0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JAUcHOkmz54IP4tB78LIQat0T7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/24
78.142.242.0/23
89.43.208.0/24
89.43.210.0/23
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.200.0/24
178.239.203.0/24
185.9.54.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.228.0/24
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b2:ea:03:fd:06:47:02:8c:5e:68:e9:4c:a4:73:5c:16:ea:
3c:82:36:9a:33:cb:b5:35:a3:bf:24:30:64:bc:46:5a:db:b5:
70:ce:bf:62:4e:fd:1a:1b:23:49:37:5e:cc:10:45:92:06:17:
e2:f7:aa:09:ce:0a:99:aa:4b:25:2c:4a:a7:09:a7:35:2a:67:
73:f0:ba:fa:97:5e:06:92:c5:70:f2:da:99:e7:11:ef:96:89:
d7:94:37:7f:44:d7:2b:4b:df:5a:9a:47:32:ae:7e:a0:0e:89:
7c:65:2e:46:d5:9a:43:c0:a2:0b:b6:af:76:da:8e:14:09:3c:
a6:09:31:61:30:bf:34:92:ab:de:03:1d:22:14:a3:3d:76:f5:
3f:9d:18:d0:2f:95:c6:c4:ca:88:bc:08:a8:2f:cc:ba:4a:af:
d2:fb:2f:b3:58:91:d7:78:d3:7d:0e:16:d7:c5:e0:72:dc:a4:
4a:5c:c4:6c:6c:46:fd:a3:48:db:af:ef:cf:60:07:2b:51:d5:
ea:3d:c8:32:3b:68:36:fc:83:fb:48:41:f4:90:c4:f1:99:e2:
5a:9a:bc:7c:ad:fe:12:49:5f:04:d3:5f:3c:59:ab:19:0c:68:
15:ea:f8:c7:a2:6b:5d:5b:d4:fe:60:b4:d5:c6:e4:37:e5:48:
d5:bd:e6:94
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYhteoIKJYTvabx9/uERIJmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTMwMTYyNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDA1MWMxY2U5MjZjZjllMDgzZjhiNDFlZmMyYzg0MWFiNzQ0ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyvoXJIjsZFt0q+Rq06RxCrt06wA
i16fgDMhekHJ6jW3ZeheYk46laUZWGL5MwWd+qghsE8mUHCo83btoI9mITl2cSy1
QLQihy4AU1cfu8F31Fky9OB8ZcHLj+IZOO6Cj4OxNZpT8QBfBv7l1zsbo64bffz6
g7DyRQ6brNxEVuSt/iiFYP9aZSf8miI8BR6di1sOaQe0CYdax9gcDO+x2uxnShqE
CMOB5DizbT7wvORDrog7f52JcYcqOm+Ho1tQhr9k3155r1ewC3ZvYxEIICMici/b
Z9PvHIo3Hy0mU0GFDygdWrqu646qtTJcpEYbaiuS9UYmP5A9LT7t4NaqdwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFCQFHBzpJs+eCD+LQe/CyEGrdE+wMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSkFVY0hPa216NTRJUDR0Qjc4TElRYXQwVDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQwDAME
Ay2fmAMEAC2fmgMEAD7FhAMEAD7FhwMEAE1LPAMEAE1LPgMEAU6O8gMEAFkr0AME
AVkr0gMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/IAwQAsu/LAwQAuQk2AwQAuWdJ
AwQAuWdLMAwDBAC5c5EDBAC5c5IDBAC5eeQDBAG5eeYDBAK55WgDBAG55vgDBAG5
7D4wDAMEArn17AMEALn17gMEAsCm1AMEAMETagMEAMEqNAMEAcEqNgMEAcIEnAME
AMIEnwMEAMsACAMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAHrLqA/0GRwKMXmjp
TKRzXBbqPII2mjPLtTWjvyQwZLxGWtu1cM6/Yk79GhsjSTdezBBFkgYX4veqCc4K
mapLJSxKpwmnNSpnc/C6+pdeBpLFcPLamecR75aJ15Q3f0TXK0vfWppHMq5+oA6J
fGUuRtWaQ8CiC7avdtqOFAk8pgkxYTC/NJKr3gMdIhSjPXb1P50Y0C+VxsTKiLwI
qC/Mukqv0vsvs1iR13jTfQ4W18XgctykSlzEbGxG/aNI26/vz2AHK1HV6j3IMjto
NvyD+0hB9JDE8ZniWpq8fK3+EklfBNNfPFmrGQxoFer4x6JrXVvU/mC01cbkN+VI
1b3mlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org