Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S8dSICgvsKRMuHpb9bgK6mPX1Kc.roa
File: S8dSICgvsKRMuHpb9bgK6mPX1Kc.roa (raw, json)
Hash identifier: K9THNzr1sCrPM2vVlF0oCrZm1g/4DBa6x6B2UyFSJVg=
Subject key identifier: 4B:C7:52:20:28:2F:B0:A4:4C:B8:7A:5B:F5:B8:0A:EA:63:D7:D4:A7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186BB2F8A9E4C8C5A8E703FFC0F03C5F7C4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S8dSICgvsKRMuHpb9bgK6mPX1Kc.roa
Signing time: Tue 07 Mar 2023 08:28:20 +0000
ROA not before: Tue 07 Mar 2023 08:28:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.230.251.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:2f:8a:9e:4c:8c:5a:8e:70:3f:fc:0f:03:c5:f7:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 7 08:28:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bc75220282fb0a44cb87a5bf5b80aea63d7d4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f6:e6:28:cc:ae:9d:15:3d:c3:62:6e:2e:84:
7d:98:9c:08:48:08:0b:e2:1f:90:6a:e4:b3:5b:6e:
ca:fc:e5:bf:63:51:8c:28:af:76:4b:a8:03:a5:5f:
9f:c4:3c:6d:a2:5e:38:58:8b:79:76:c9:3b:de:4a:
8f:88:61:8f:f6:d6:37:42:3c:27:da:a3:44:1e:e6:
84:ed:73:14:39:8f:32:af:ff:37:7c:03:3f:e6:72:
cd:a6:e3:0c:fe:d7:6b:83:b8:d1:69:51:ad:38:99:
ca:31:61:bd:30:70:e8:7e:0a:00:96:ad:af:40:6b:
8f:ff:b9:5c:48:8a:3a:9a:88:36:ca:bb:f9:fe:e6:
57:6c:a3:41:9c:5a:50:af:2d:b4:e7:cb:d7:24:10:
8b:e1:c5:0d:8a:f6:11:a3:1f:e9:c5:a6:8a:d5:24:
7e:0e:ab:63:c0:4c:e5:3b:83:0d:8a:2c:ed:f9:32:
c4:89:13:a9:6b:15:65:1c:5b:78:34:88:75:28:09:
6e:36:4d:c6:70:86:32:4d:5f:db:e4:e7:7e:36:49:
ec:76:a1:14:2b:25:cd:0e:9e:ed:2b:48:76:44:4c:
df:03:7b:6e:89:ef:3e:dd:24:ef:84:f7:d5:ac:7e:
83:d6:fe:cc:f8:18:58:34:79:a5:92:2a:37:5b:38:
13:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C7:52:20:28:2F:B0:A4:4C:B8:7A:5B:F5:B8:0A:EA:63:D7:D4:A7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S8dSICgvsKRMuHpb9bgK6mPX1Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.134.0/24
92.114.107.0/24
185.230.251.0/24
185.236.63.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ea:d3:78:b5:f4:1f:59:57:f5:b4:6e:d4:4c:c6:06:99:7d:
f6:eb:a8:d7:17:76:12:1e:29:ba:bd:9c:8f:99:99:0f:63:c4:
4d:03:fe:f7:c6:9e:a6:5f:35:f2:8f:b4:3a:95:aa:b8:07:89:
03:96:5b:4d:8c:21:f4:af:d3:df:74:aa:02:b3:87:94:1f:ae:
8d:63:fb:75:d7:5c:dc:cd:e1:fd:0f:1b:af:7b:8d:46:45:64:
43:c0:c2:ea:29:a8:d4:37:47:52:eb:b7:76:0c:c8:2a:0a:7a:
ee:e3:5e:07:84:dc:33:2d:5a:bf:32:24:e4:b2:aa:1b:1d:90:
6b:b4:fe:4f:70:45:b7:fb:cf:03:41:35:54:eb:06:76:c3:f7:
6a:99:0f:3b:11:b5:02:f2:fe:23:b3:43:64:d8:3a:75:95:5f:
55:80:98:10:98:03:c3:b8:07:82:c6:59:4e:80:8b:90:f4:e2:
b8:03:73:3f:b7:1a:61:90:8e:f9:14:59:6d:52:68:29:f2:1c:
fa:d4:2f:89:13:cf:d6:16:55:c8:ce:2c:47:3f:9f:bc:fa:55:
41:b6:57:24:e2:14:74:bb:24:bb:fc:86:4d:4f:6f:92:ea:66:
ee:1e:77:e9:6b:01:10:62:39:4c:1e:ac:e9:14:71:ba:4e:bf:
89:0d:00:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa7L4qeTIxajnA//A8DxffEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA3MDgyODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmM3NTIyMDI4MmZiMGE0NGNiODdhNWJmNWI4MGFlYTYzZDdkNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfbmKMyunRU9w2JuLoR9mJwISAgL
4h+QauSzW27K/OW/Y1GMKK92S6gDpV+fxDxtol44WIt5dsk73kqPiGGP9tY3Qjwn
2qNEHuaE7XMUOY8yr/83fAM/5nLNpuMM/tdrg7jRaVGtOJnKMWG9MHDofgoAlq2v
QGuP/7lcSIo6mog2yrv5/uZXbKNBnFpQry2058vXJBCL4cUNivYRox/pxaaK1SR+
DqtjwEzlO4MNiizt+TLEiROpaxVlHFt4NIh1KAluNk3GcIYyTV/b5Od+NknsdqEU
KyXNDp7tK0h2REzfA3tuie8+3STvhPfVrH6D1v7M+BhYNHmlkio3WzgTUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEvHUiAoL7CkTLh6W/W4Cupj19SnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUzhkU0lDZ3ZzS1JNdUhwYjliZ0s2bVBYMUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPsWGAwQA
XHJrAwQAueb7AwQAuew/MA0GCSqGSIb3DQEBCwUAA4IBAQBU6tN4tfQfWVf1tG7U
TMYGmX3266jXF3YSHim6vZyPmZkPY8RNA/73xp6mXzXyj7Q6laq4B4kDlltNjCH0
r9PfdKoCs4eUH66NY/t111zczeH9Dxuve41GRWRDwMLqKajUN0dS67d2DMgqCnru
414HhNwzLVq/MiTksqobHZBrtP5PcEW3+88DQTVU6wZ2w/dqmQ87EbUC8v4js0Nk
2Dp1lV9VgJgQmAPDuAeCxllOgIuQ9OK4A3M/txphkI75FFltUmgp8hz61C+JE8/W
FlXIzixHP5+8+lVBtlck4hR0uyS7/IZNT2+S6mbuHnfpawEQYjlMHqzpFHG6Tr+J
DQB8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org