Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Nnlc8H98Oj6diD0M0OAGZ_z6Xf4.roa
File: Nnlc8H98Oj6diD0M0OAGZ_z6Xf4.roa (raw, json)
Hash identifier: upjIAtnF5RZubFhXYFiHqvXV96SThV0b/TL/oCZ65CY=
Subject key identifier: 36:79:5C:F0:7F:7C:3A:3E:9D:88:3D:0C:D0:E0:06:67:FC:FA:5D:FE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185F38D669DAA83053EB63D3E06406A4B90
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Nnlc8H98Oj6diD0M0OAGZ_z6Xf4.roa
Signing time: Fri 27 Jan 2023 14:06:48 +0000
ROA not before: Fri 27 Jan 2023 14:06:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 185.103.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:8d:66:9d:aa:83:05:3e:b6:3d:3e:06:40:6a:4b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 27 14:06:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36795cf07f7c3a3e9d883d0cd0e00667fcfa5dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:47:ab:0d:70:d0:8f:2e:22:8c:5e:36:4a:
be:dd:8c:3c:e8:59:f6:2e:64:4c:c2:98:da:e3:e1:
55:84:6e:7f:e9:b2:b3:79:3f:19:b6:70:c6:a5:88:
3f:59:93:56:f2:c6:67:80:8e:7c:8d:da:24:c0:37:
c9:b0:8b:ec:af:fd:f2:68:d7:72:96:bd:3e:ab:43:
c3:05:80:d3:7a:e4:6d:ba:26:35:6d:b4:4f:e6:94:
8e:e3:f4:3f:56:7d:86:ea:ff:6e:f3:f7:02:bc:66:
f8:c9:2f:d4:6d:5a:c4:88:ca:4b:5b:f8:b9:bd:25:
5c:da:9a:9b:9b:77:e7:54:dc:e6:b6:6c:50:9e:7c:
78:16:0a:4a:ac:06:db:e7:5e:b6:e9:3e:3f:d9:7c:
3a:c9:22:6e:89:cb:86:f5:71:9b:82:71:d1:5b:20:
5f:12:c8:1f:2c:b7:bd:d9:9c:66:b6:53:82:ca:73:
62:ad:4e:7d:d4:33:14:65:8d:d0:bf:e4:ff:8b:1a:
a3:9d:c5:f8:c6:7d:8d:48:4a:7f:c3:a5:98:25:e5:
ba:76:ff:47:5e:f1:4b:fa:d9:d6:7e:46:25:4f:31:
d8:86:63:8c:92:66:ec:8a:b2:78:9c:1c:47:58:42:
38:0a:cb:ee:a3:98:69:2e:d4:28:56:ce:fd:15:33:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:79:5C:F0:7F:7C:3A:3E:9D:88:3D:0C:D0:E0:06:67:FC:FA:5D:FE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Nnlc8H98Oj6diD0M0OAGZ_z6Xf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.72.0/24
Signature Algorithm: sha256WithRSAEncryption
96:79:d9:7f:16:4e:0f:8a:b7:e7:31:8a:0d:ad:30:51:b9:70:
77:db:08:bc:48:90:b5:72:c3:e3:b1:a1:4e:2d:08:12:72:eb:
d4:7a:19:22:9d:1c:5c:34:86:4c:ba:2f:8e:0a:af:4a:1a:2d:
6c:9a:b7:3d:3a:62:14:e0:76:73:ca:d3:2e:0b:f1:84:91:fb:
85:2f:54:f8:13:06:92:b8:1c:84:74:a3:94:fa:fa:02:93:2d:
97:2b:b9:a7:07:95:66:a2:b1:ef:ac:0e:6e:45:bc:75:2b:55:
f2:95:d4:3a:bd:0c:19:b1:bb:d8:2a:43:01:8b:e3:00:52:70:
7f:21:9a:4f:03:a2:6b:a8:ae:59:56:ba:1c:6f:a6:c8:ca:89:
e3:dd:bb:d0:59:9f:77:fb:22:64:a6:67:9c:f7:45:f6:04:62:
c7:5e:53:df:94:10:e8:b7:d2:54:d0:e9:45:01:6a:e1:33:60:
bc:3a:55:a7:87:4d:13:e7:d1:79:74:ef:50:89:53:ae:6e:12:
e7:f2:13:99:de:8c:3c:ff:3c:ed:d4:32:6d:3f:c2:93:fe:58:
ac:56:b0:6e:32:c5:e1:77:98:62:9f:4f:ad:77:5c:94:55:51:
3d:79:5e:1a:0f:44:d5:fe:da:b2:fb:97:b2:4c:49:7c:2f:f8:
44:3a:3e:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXzjWadqoMFPrY9PgZAakuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MTQwNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc5NWNmMDdmN2MzYTNlOWQ4ODNkMGNkMGUwMDY2N2ZjZmE1ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu5Hqw1w0I8uIoxeNkq+3Yw86Fn2
LmRMwpja4+FVhG5/6bKzeT8ZtnDGpYg/WZNW8sZngI58jdokwDfJsIvsr/3yaNdy
lr0+q0PDBYDTeuRtuiY1bbRP5pSO4/Q/Vn2G6v9u8/cCvGb4yS/UbVrEiMpLW/i5
vSVc2pqbm3fnVNzmtmxQnnx4FgpKrAbb51626T4/2Xw6ySJuicuG9XGbgnHRWyBf
EsgfLLe92ZxmtlOCynNirU591DMUZY3Qv+T/ixqjncX4xn2NSEp/w6WYJeW6dv9H
XvFL+tnWfkYlTzHYhmOMkmbsirJ4nBxHWEI4Csvuo5hpLtQoVs79FTN53QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZ5XPB/fDo+nYg9DNDgBmf8+l3+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTm5sYzhIOThPajZkaUQwTTBPQUdaX3o2WGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWdIMA0G
CSqGSIb3DQEBCwUAA4IBAQCWedl/Fk4PirfnMYoNrTBRuXB32wi8SJC1csPjsaFO
LQgScuvUehkinRxcNIZMui+OCq9KGi1smrc9OmIU4HZzytMuC/GEkfuFL1T4EwaS
uByEdKOU+voCky2XK7mnB5VmorHvrA5uRbx1K1XyldQ6vQwZsbvYKkMBi+MAUnB/
IZpPA6JrqK5ZVrocb6bIyonj3bvQWZ93+yJkpmec90X2BGLHXlPflBDot9JU0OlF
AWrhM2C8OlWnh00T59F5dO9QiVOubhLn8hOZ3ow8/zzt1DJtP8KT/lisVrBuMsXh
d5hin0+td1yUVVE9eV4aD0TV/tqy+5eyTEl8L/hEOj5i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org