Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jr5cWYfuhb5OP4VWyDeQQR_mc_g.roa
File: Jr5cWYfuhb5OP4VWyDeQQR_mc_g.roa (raw, json)
Hash identifier: VkC2ZpdHfiPlpVe5B250XbwhhhRp365qCYNmPzuNROk=
Subject key identifier: 26:BE:5C:59:87:EE:85:BE:4E:3F:85:56:C8:37:90:41:1F:E6:73:F8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01877AA75EBF0A57C733368FDAE11F96CD80
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jr5cWYfuhb5OP4VWyDeQQR_mc_g.roa
Signing time: Thu 13 Apr 2023 12:46:41 +0000
ROA not before: Thu 13 Apr 2023 12:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.248.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
194.4.159.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
192.166.208.0/22 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
185.121.230.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:a7:5e:bf:0a:57:c7:33:36:8f:da:e1:1f:96:cd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 13 12:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26be5c5987ee85be4e3f8556c83790411fe673f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:89:b1:57:53:d7:be:15:da:31:e3:51:b9:
3d:94:e9:47:34:15:17:9c:af:05:80:fa:af:09:a1:
d2:11:0b:52:1b:c9:8e:bd:e0:af:d8:17:b3:14:2d:
b2:fc:59:15:d5:78:28:f6:bd:35:9b:3f:95:45:6e:
d6:62:96:30:38:46:c9:54:f5:be:2c:59:bc:64:6f:
57:6e:14:77:5c:59:5c:09:f2:0b:bf:9c:1d:a1:20:
c4:1c:9b:6d:38:44:92:db:73:83:9f:4c:77:3b:16:
42:dc:34:9a:56:71:c0:c7:c0:fb:36:63:41:84:b7:
1b:df:22:ee:c5:e5:ee:8a:81:79:47:6f:fd:5f:ef:
59:f5:ce:8f:b8:53:82:00:de:8a:f7:9f:40:40:9e:
3f:84:5b:09:5c:f5:31:31:15:be:b5:28:64:c7:88:
b2:a5:c7:5f:5c:31:ab:98:06:8f:e9:e7:0c:59:f8:
de:60:4d:f2:ef:5c:00:b0:84:dd:f5:e6:d9:2e:bf:
6c:ee:e5:40:a1:78:91:15:49:a7:c3:8e:01:b5:c8:
7d:05:4b:26:40:22:40:45:75:46:96:08:0f:33:4a:
e4:50:47:ee:bb:8a:3d:4f:49:41:1c:ee:43:f9:fd:
94:bd:db:8f:4f:9f:f5:a7:8e:e4:45:28:a9:ba:a4:
d4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BE:5C:59:87:EE:85:BE:4E:3F:85:56:C8:37:90:41:1F:E6:73:F8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jr5cWYfuhb5OP4VWyDeQQR_mc_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/24
45.159.154.0/24
62.197.135.0/24
78.142.242.0/23
89.43.208.0/24
178.239.192.0/24
178.239.203.0/24
185.9.54.0/24
185.103.75.0/24
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/24
185.245.237.0/24
192.166.208.0/22
193.19.106.0/24
194.4.159.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3e:2f:be:c6:d8:5f:1b:b5:ee:c7:89:25:26:21:85:e7:24:
77:12:b7:de:ee:db:01:3b:8a:a0:dc:e2:f1:34:4b:a3:75:2f:
ea:da:af:bf:98:68:aa:05:8c:d6:18:d7:df:57:06:e3:4a:4c:
b7:bc:6d:1b:8d:9a:b2:88:14:cb:1f:3d:9b:b1:30:70:2a:14:
f8:ad:20:5a:4e:fa:ba:35:fb:16:4b:7b:ad:7d:c3:a2:62:a4:
4c:8f:39:6a:41:ca:45:fe:d4:5d:b0:5e:b9:bc:8a:83:4d:1f:
64:78:ea:39:bc:27:8e:01:55:92:54:fe:f6:bb:7a:0f:bb:e4:
85:d7:5b:62:79:51:30:f2:02:be:ca:bc:03:68:c7:95:74:fd:
57:e3:b6:20:70:45:01:04:84:ae:19:ae:7f:f6:a5:55:11:92:
d8:12:bf:e1:a0:e9:dd:24:73:40:8d:f3:49:fa:05:71:c3:fd:
16:55:93:c5:ce:ad:b2:28:9d:ee:ba:8d:4b:f8:60:f2:eb:59:
8e:05:5a:33:4b:57:18:59:7c:4b:c4:20:6b:da:99:9b:33:1e:
d7:eb:da:32:4f:56:1a:f8:09:6d:a8:3f:cc:e1:ba:3f:66:66:
9e:e2:3c:17:95:54:c6:34:ca:73:2e:f1:f0:9d:3c:c3:d7:b7:
ff:3d:59:b7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYd6p16/ClfHMzaP2uEfls2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDEzMTI0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmJlNWM1OTg3ZWU4NWJlNGUzZjg1NTZjODM3OTA0MTFmZTY3M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAuJsVdT174V2jHjUbk9lOlHNBUX
nK8FgPqvCaHSEQtSG8mOveCv2BezFC2y/FkV1Xgo9r01mz+VRW7WYpYwOEbJVPW+
LFm8ZG9XbhR3XFlcCfILv5wdoSDEHJttOESS23ODn0x3OxZC3DSaVnHAx8D7NmNB
hLcb3yLuxeXuioF5R2/9X+9Z9c6PuFOCAN6K959AQJ4/hFsJXPUxMRW+tShkx4iy
pcdfXDGrmAaP6ecMWfjeYE3y71wAsITd9ebZLr9s7uVAoXiRFUmnw44Btch9BUsm
QCJARXVGlggPM0rkUEfuu4o9T0lBHO5D+f2UvduPT5/1p47kRSipuqTU2QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCa+XFmH7oW+Tj+FVsg3kEEf5nP4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSnI1Y1dZZnVoYjVPUDRWV3lEZVFRUl9tY19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQALZ+YAwQA
LZ+aAwQAPsWHAwQBTo7yAwQAWSvQAwQAsu/AAwQAsu/LAwQAuQk2AwQAuWdLAwQB
uXnmAwQAueVoAwQAueVqAwQAueb4AwQAufXtAwQCwKbQAwQAwRNqAwQAwgSfMA0G
CSqGSIb3DQEBCwUAA4IBAQBAPi++xthfG7Xux4klJiGF5yR3Erfe7tsBO4qg3OLx
NEujdS/q2q+/mGiqBYzWGNffVwbjSky3vG0bjZqyiBTLHz2bsTBwKhT4rSBaTvq6
NfsWS3utfcOiYqRMjzlqQcpF/tRdsF65vIqDTR9keOo5vCeOAVWSVP72u3oPu+SF
11tieVEw8gK+yrwDaMeVdP1X47YgcEUBBISuGa5/9qVVEZLYEr/hoOndJHNAjfNJ
+gVxw/0WVZPFzq2yKJ3uuo1L+GDy61mOBVozS1cYWXxLxCBr2pmbMx7X69oyT1Ya
+AltqD/M4bo/Zmae4jwXlVTGNMpzLvHwnTzD17f/PVm3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org