Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P8FF2b1pXvdDVT_aDMUrVv5ezj8.roa
File: P8FF2b1pXvdDVT_aDMUrVv5ezj8.roa (raw, json)
Hash identifier: oAFpZNHGZu19hhdIdjipsblbM2Hcne1PrwwX7rL3Qkk=
Subject key identifier: 3F:C1:45:D9:BD:69:5E:F7:43:55:3F:DA:0C:C5:2B:56:FE:5E:CE:3F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187F9AF4303F17378CD3CCF7D931F300B94
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P8FF2b1pXvdDVT_aDMUrVv5ezj8.roa
Signing time: Mon 08 May 2023 04:47:05 +0000
ROA not before: Mon 08 May 2023 04:47:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f9:af:43:03:f1:73:78:cd:3c:cf:7d:93:1f:30:0b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 8 04:47:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fc145d9bd695ef743553fda0cc52b56fe5ece3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:57:9f:41:3b:65:10:73:72:0a:3a:0c:75:
3f:75:b5:e5:01:8e:fb:c8:bc:7c:76:05:20:99:02:
8b:48:ef:53:be:01:b6:ff:31:0f:10:04:6f:ef:70:
28:65:92:99:a5:b0:44:3f:81:e0:fc:90:21:24:b6:
83:87:e0:b5:52:07:aa:fb:29:87:82:68:9b:da:93:
19:b0:d3:ff:56:68:30:83:7e:af:fd:50:16:8e:85:
54:30:af:b1:c3:5a:e9:d0:6d:5f:01:34:25:52:1f:
83:9a:e6:0f:fc:28:48:57:dc:02:cb:86:ea:62:eb:
f3:36:a9:e3:52:7d:2f:15:5d:87:51:a2:af:ab:08:
51:60:07:52:1d:5c:f6:fb:99:f2:55:06:16:2b:55:
c2:21:13:bd:34:03:58:5e:8b:25:c1:1e:20:21:cc:
0d:89:df:cb:48:8a:ba:bf:f1:98:72:6e:49:f1:ef:
2d:8f:12:f3:d3:e2:8d:84:d1:42:45:97:d3:51:81:
3b:60:66:4f:85:ef:ed:4f:00:77:d5:f3:a5:6a:b9:
23:2d:ad:cb:96:0a:13:3c:ac:bf:cb:00:76:a6:9e:
3c:9a:09:0d:71:77:34:ad:c0:f6:84:ce:b3:dc:fa:
e1:84:a6:1c:7e:71:f5:88:b4:43:ac:06:55:5a:d3:
da:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C1:45:D9:BD:69:5E:F7:43:55:3F:DA:0C:C5:2B:56:FE:5E:CE:3F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P8FF2b1pXvdDVT_aDMUrVv5ezj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.128.0/24
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
91.209.12.0/24
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/24
185.245.236.0-185.245.238.255
192.166.212.0/22
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f1:62:58:cd:0c:56:0b:7b:be:58:b8:2b:16:73:3d:86:dd:
78:90:7c:a0:23:8e:c1:5c:09:f4:6b:03:a6:01:7f:86:88:08:
e4:5a:97:fe:45:a0:f1:7a:91:0e:d4:e7:08:d7:e0:1a:88:8b:
f4:73:7a:b3:f7:10:dc:84:e3:32:e0:64:cc:03:c3:ae:b4:d8:
d0:0b:9a:88:f7:41:73:38:3d:00:0b:cc:24:35:bb:66:a7:31:
ef:90:2a:d3:e7:27:c1:9d:c9:25:f5:1b:2b:a3:8c:0a:ee:c2:
47:57:b4:8c:89:31:4b:a9:cd:2b:a8:c4:a8:9b:e1:92:dd:a5:
50:26:81:c1:23:01:16:9c:50:88:6c:d9:14:d3:bf:16:55:6e:
58:c1:d1:c0:7b:93:b0:9f:6e:55:70:07:e3:ce:98:6f:40:9e:
24:8a:43:21:e5:44:31:34:04:ea:1a:87:23:b3:a4:85:5b:46:
7f:74:d9:a2:d0:fd:bc:b8:f9:c7:14:93:51:d2:0b:0a:15:d3:
f6:b9:06:e3:c7:18:5d:fe:39:5f:5f:b9:1f:df:73:e0:ec:9d:
5c:86:95:16:e5:c7:22:0b:11:f8:d1:ef:21:30:e2:db:c6:d7:
a9:86:05:1a:c3:11:01:43:34:c5:bc:e0:f2:57:67:27:d9:31:
b7:2a:e3:d3
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYf5r0MD8XN4zTzPfZMfMAuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA4MDQ0NzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmMxNDVkOWJkNjk1ZWY3NDM1NTNmZGEwY2M1MmI1NmZlNWVjZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNhXn0E7ZRBzcgo6DHU/dbXlAY77
yLx8dgUgmQKLSO9TvgG2/zEPEARv73AoZZKZpbBEP4Hg/JAhJLaDh+C1Ugeq+ymH
gmib2pMZsNP/Vmgwg36v/VAWjoVUMK+xw1rp0G1fATQlUh+DmuYP/ChIV9wCy4bq
YuvzNqnjUn0vFV2HUaKvqwhRYAdSHVz2+5nyVQYWK1XCIRO9NANYXoslwR4gIcwN
id/LSIq6v/GYcm5J8e8tjxLz0+KNhNFCRZfTUYE7YGZPhe/tTwB31fOlarkjLa3L
lgoTPKy/ywB2pp48mgkNcXc0rcD2hM6z3PrhhKYcfnH1iLRDrAZVWtPawQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFD/BRdm9aV73Q1U/2gzFK1b+Xs4/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUDhGRjJiMXBYdmREVlRfYURNVXJWdjVlemo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaowDAME
Ay2fmAMEAC2fmgMEAD7FgAMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gME
AFvRDAMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/LAwQAuWdJAwQAuWdLMAwDBAC5
c5EDBAC5c5IDBAG5eeYDBAK55WgDBAG55vgDBAC57D4wDAMEArn17AMEALn17gME
AsCm1AMEAcIEnAMEAMIEnwMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAHPFiWM0M
Vgt7vli4KxZzPYbdeJB8oCOOwVwJ9GsDpgF/hogI5FqX/kWg8XqRDtTnCNfgGoiL
9HN6s/cQ3ITjMuBkzAPDrrTY0AuaiPdBczg9AAvMJDW7Zqcx75Aq0+cnwZ3JJfUb
K6OMCu7CR1e0jIkxS6nNK6jEqJvhkt2lUCaBwSMBFpxQiGzZFNO/FlVuWMHRwHuT
sJ9uVXAH486Yb0CeJIpDIeVEMTQE6hqHI7OkhVtGf3TZotD9vLj5xxSTUdILChXT
9rkG48cYXf45X1+5H99z4OydXIaVFuXHIgsR+NHvITDi28bXqYYFGsMRAUM0xbzg
8ldnJ9kxtyrj0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org