Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OYG1d96HOVCXQAJdGIFkof4UNqo.roa
File: OYG1d96HOVCXQAJdGIFkof4UNqo.roa (raw, json)
Hash identifier: pp+GO7hjRnTS9UO9Pod5LLtrLhpf6THEp8Wm7up0aag=
Subject key identifier: 39:81:B5:77:DE:87:39:50:97:40:02:5D:18:81:64:A1:FE:14:36:AA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188B82BE26FFA097B3D779E26046C388114
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OYG1d96HOVCXQAJdGIFkof4UNqo.roa
Signing time: Wed 14 Jun 2023 04:31:03 +0000
ROA not before: Wed 14 Jun 2023 04:31:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:2b:e2:6f:fa:09:7b:3d:77:9e:26:04:6c:38:81:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 14 04:31:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3981b577de8739509740025d188164a1fe1436aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:40:62:d5:79:35:14:60:3f:5b:71:e4:0e:
76:34:95:eb:69:f5:bd:30:ca:c2:1c:a7:15:c1:fc:
b4:24:b0:2d:f0:85:29:44:f1:ba:92:93:6b:83:70:
7f:69:58:ad:a4:95:42:dd:21:c1:f5:ea:18:3b:7a:
57:81:d8:aa:33:66:04:fa:ce:73:41:14:0d:00:7e:
64:fc:1b:cd:0c:d5:a5:ab:20:fd:8d:67:bb:b3:07:
f2:fd:cc:22:e7:85:e6:d5:4c:e2:c4:a1:29:69:40:
95:8b:91:1d:fc:63:ab:85:fe:4f:f6:cf:a1:b6:17:
9a:99:7f:c6:42:e3:cb:47:c8:66:a4:0b:6d:92:1e:
ae:9e:e5:27:d9:99:de:fb:06:50:40:74:12:81:44:
a0:88:28:94:3e:a1:3b:7c:fa:5c:2f:f8:9a:47:b2:
8d:78:01:cb:3b:d9:5b:55:37:1c:09:ca:5f:c8:9f:
4f:69:f1:36:51:b0:4d:c5:8f:cc:c7:49:e4:56:6c:
f6:1b:b3:ef:14:96:b7:cf:08:56:95:78:f6:27:6e:
13:2e:77:e4:f9:03:08:c4:ef:df:70:b0:c5:21:e7:
6d:38:22:ce:bd:f6:a4:84:09:98:30:76:c1:dd:c9:
52:10:cb:d9:ed:42:fb:06:81:94:09:a2:aa:15:ee:
2d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:81:B5:77:DE:87:39:50:97:40:02:5D:18:81:64:A1:FE:14:36:AA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OYG1d96HOVCXQAJdGIFkof4UNqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.85.0/24
89.35.155.0/24
89.37.63.0/24
91.188.204.0/24
91.188.207.0/24
93.115.254.0/23
185.103.72.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.169.0-185.255.170.255
188.212.132.0/23
188.212.158.0/24
188.213.203.0/24
188.240.230.0/24
188.240.232.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2e:1a:73:58:fe:7b:a0:55:0e:97:83:87:cc:27:cd:48:df:
94:c1:2e:0d:5c:49:5a:ea:20:9f:eb:fc:42:4e:66:33:1a:02:
f4:c4:9e:c9:b8:14:5a:a9:19:8a:71:87:18:8c:08:fd:b1:13:
24:89:3a:c6:93:d6:f7:03:fa:2a:74:26:37:09:25:91:0e:b3:
ae:96:9e:33:23:26:7e:e6:e5:ee:46:5c:13:bd:ef:00:b3:6c:
e6:07:8f:1b:0b:7e:e9:c8:4a:d4:67:f1:cc:72:a6:0c:7c:6a:
7e:71:28:ed:82:2f:0c:df:1a:39:7f:cd:85:6d:63:8b:09:30:
71:4b:ae:d8:98:5a:e3:bc:51:5b:6e:2b:21:dd:90:e1:51:ba:
28:0f:95:ef:64:a4:cd:c2:7a:30:a6:0d:de:5d:99:87:b2:dd:
72:1b:07:28:19:1b:58:d4:54:a0:ef:c7:ba:fa:58:fd:1b:27:
66:c9:63:a3:65:64:fb:7d:b1:ae:ed:f7:0d:0f:6f:7c:6c:85:
ef:29:49:80:64:82:21:ac:60:35:31:e5:f3:c5:41:15:1e:82:
8e:a5:fa:7c:3f:b0:7e:48:f8:a2:6c:1e:b6:a0:b5:29:c8:de:
b3:a1:50:43:3c:a5:0f:a6:55:73:04:41:6a:45:40:21:a6:e7:
1a:e4:aa:cf
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYi4K+Jv+gl7PXeeJgRsOIEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjE0MDQzMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTgxYjU3N2RlODczOTUwOTc0MDAyNWQxODgxNjRhMWZlMTQzNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8dAYtV5NRRgP1tx5A52NJXrafW9
MMrCHKcVwfy0JLAt8IUpRPG6kpNrg3B/aVitpJVC3SHB9eoYO3pXgdiqM2YE+s5z
QRQNAH5k/BvNDNWlqyD9jWe7swfy/cwi54Xm1UzixKEpaUCVi5Ed/GOrhf5P9s+h
theamX/GQuPLR8hmpAttkh6unuUn2Zne+wZQQHQSgUSgiCiUPqE7fPpcL/iaR7KN
eAHLO9lbVTccCcpfyJ9PafE2UbBNxY/Mx0nkVmz2G7PvFJa3zwhWlXj2J24TLnfk
+QMIxO/fcLDFIedtOCLOvfakhAmYMHbB3clSEMvZ7UL7BoGUCaKqFe4tNQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFDmBtXfehzlQl0ACXRiBZKH+FDaqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT1lHMWQ5NkhPVkNYUUFKZEdJRmtvZjRVTnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAt
nJ0DBAAtnJ8DBAJX95QDBABZIVUDBABZI5sDBABZJT8DBABbvMwDBABbvM8DBAFd
c/4DBAC5Z0gDBAC5h48DBAC57goDBAG58dIwDAMEALn/qQMEALn/qgMEAbzUhAME
ALzUngMEALzVywMEALzw5gMEALzw6AMEALzx1jANBgkqhkiG9w0BAQsFAAOCAQEA
Si4ac1j+e6BVDpeDh8wnzUjflMEuDVxJWuogn+v8Qk5mMxoC9MSeybgUWqkZinGH
GIwI/bETJIk6xpPW9wP6KnQmNwklkQ6zrpaeMyMmfubl7kZcE73vALNs5gePGwt+
6chK1GfxzHKmDHxqfnEo7YIvDN8aOX/NhW1jiwkwcUuu2Jha47xRW24rId2Q4VG6
KA+V72SkzcJ6MKYN3l2Zh7LdchsHKBkbWNRUoO/HuvpY/RsnZsljo2Vk+32xru33
DQ9vfGyF7ylJgGSCIaxgNTHl88VBFR6CjqX6fD+wfkj4omwetqC1Kcjes6FQQzyl
D6ZVcwRBakVAIabnGuSqzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org