Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDK6INEmyW5nH2PtUmnnD28Z_ug.roa
File: SDK6INEmyW5nH2PtUmnnD28Z_ug.roa (raw, json)
Hash identifier: pahKeY6GRoZJRo3medG3j3RaB1gHBLeoeolexFwSJW0=
Subject key identifier: 48:32:BA:20:D1:26:C9:6E:67:1F:63:ED:52:69:E7:0F:6F:19:FE:E8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185ECBE592B6BF1879FA6DB3749ABCD9EA6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDK6INEmyW5nH2PtUmnnD28Z_ug.roa
Signing time: Thu 26 Jan 2023 06:22:55 +0000
ROA not before: Thu 26 Jan 2023 06:22:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.121.228.0/23 maxlen: 24
185.121.230.0/23 maxlen: 24
77.75.62.0/23 maxlen: 24
194.4.158.0/23 maxlen: 24
213.32.248.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ec:be:59:2b:6b:f1:87:9f:a6:db:37:49:ab:cd:9e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 26 06:22:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4832ba20d126c96e671f63ed5269e70f6f19fee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:a0:2c:c7:4a:23:1a:99:43:71:13:fb:ef:
f4:a1:52:65:a2:d0:08:00:f8:13:47:1a:32:d2:aa:
cc:64:6f:b3:25:18:7e:1b:9c:7c:1f:d5:9f:0a:68:
de:08:e1:32:8c:30:29:62:1a:ea:14:7e:5d:34:4a:
73:34:36:fa:35:51:0c:7c:d2:83:c6:ae:33:77:b4:
d6:e6:6f:21:de:14:31:12:63:7c:50:db:89:b7:d3:
d3:b1:e1:1b:6e:71:ba:0c:28:d8:e9:94:37:a3:79:
f4:e8:0a:de:95:33:c7:d3:79:68:74:ca:3c:d8:e8:
ba:fc:c1:09:de:13:c2:ec:37:3f:a5:c3:92:41:d2:
d5:ff:9d:ef:2b:9d:a7:86:ce:66:8b:57:b9:23:61:
4b:e1:07:93:20:10:c8:54:24:7b:ef:9f:ad:86:2e:
64:c2:e5:5b:2b:c0:bc:5f:bd:0d:0e:3e:34:48:1f:
6c:a0:1c:5b:95:2d:02:29:7a:bf:0a:d2:63:ea:47:
8e:fa:22:84:66:94:34:99:1c:0a:31:1d:18:98:ee:
00:4b:90:c1:e4:24:10:ab:08:ef:92:f7:4d:ec:01:
78:b1:90:44:89:4d:02:18:4c:0b:8a:bd:9b:54:42:
3f:2b:e5:26:8c:0d:01:38:6e:1b:6e:51:ff:70:be:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:32:BA:20:D1:26:C9:6E:67:1F:63:ED:52:69:E7:0F:6F:19:FE:E8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDK6INEmyW5nH2PtUmnnD28Z_ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.62.0/23
185.121.228.0/22
194.4.158.0/23
213.32.248.0/23
Signature Algorithm: sha256WithRSAEncryption
49:3d:b7:11:3b:6a:c0:cf:c6:c0:b4:ec:a8:03:54:5c:07:86:
2e:fd:a6:e9:0c:c3:fa:a9:1e:ea:97:4a:ae:f9:be:df:dc:ca:
7b:1a:72:e7:06:08:a3:57:10:41:51:6a:b1:cc:e8:c3:f5:df:
01:1b:04:6d:cb:ed:3b:b0:46:46:d1:97:81:90:db:e1:e6:e8:
24:68:5f:c9:2d:5f:ba:a2:04:54:1c:33:8b:9b:ed:47:b5:77:
38:50:15:9b:04:8b:d0:49:40:7e:31:83:b2:d9:23:a5:d3:5a:
26:8e:e9:ad:ac:74:00:13:56:4f:45:36:4a:d5:1d:d1:0a:80:
52:a2:b7:51:6b:87:88:ad:d2:fb:54:71:90:3b:b2:ab:ba:db:
ee:a9:de:43:8a:52:02:d8:1b:7c:b9:bb:b9:04:00:79:bf:08:
ca:11:f1:7e:2e:c5:53:b3:a8:00:5e:e6:63:c2:28:6f:89:17:
d6:b1:d9:64:dc:fe:26:ff:bc:75:39:01:89:65:85:a9:d9:41:
db:5e:8b:97:da:15:25:52:5c:4f:61:36:81:e7:ef:c7:d6:b7:
70:26:e2:87:7f:45:3f:0f:79:33:99:5f:b6:33:17:cd:ad:b9:
44:2f:7d:40:15:2d:31:1d:a2:3d:98:16:74:eb:fb:d5:c0:bf:
ff:12:43:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXsvlkra/GHn6bbN0mrzZ6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI2MDYyMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMyYmEyMGQxMjZjOTZlNjcxZjYzZWQ1MjY5ZTcwZjZmMTlmZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+egLMdKIxqZQ3ET++/0oVJlotAI
APgTRxoy0qrMZG+zJRh+G5x8H9WfCmjeCOEyjDApYhrqFH5dNEpzNDb6NVEMfNKD
xq4zd7TW5m8h3hQxEmN8UNuJt9PTseEbbnG6DCjY6ZQ3o3n06ArelTPH03lodMo8
2Oi6/MEJ3hPC7Dc/pcOSQdLV/53vK52nhs5mi1e5I2FL4QeTIBDIVCR775+thi5k
wuVbK8C8X70NDj40SB9soBxblS0CKXq/CtJj6keO+iKEZpQ0mRwKMR0YmO4AS5DB
5CQQqwjvkvdN7AF4sZBEiU0CGEwLir2bVEI/K+UmjA0BOG4bblH/cL4WHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEgyuiDRJsluZx9j7VJp5w9vGf7oMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU0RLNklORW15VzVuSDJQdFVtbm5EMjhaX3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTUs+AwQC
uXnkAwQBwgSeAwQB1SD4MA0GCSqGSIb3DQEBCwUAA4IBAQBJPbcRO2rAz8bAtOyo
A1RcB4Yu/abpDMP6qR7ql0qu+b7f3Mp7GnLnBgijVxBBUWqxzOjD9d8BGwRty+07
sEZG0ZeBkNvh5ugkaF/JLV+6ogRUHDOLm+1HtXc4UBWbBIvQSUB+MYOy2SOl01om
jumtrHQAE1ZPRTZK1R3RCoBSordRa4eIrdL7VHGQO7Krutvuqd5DilIC2Bt8ubu5
BAB5vwjKEfF+LsVTs6gAXuZjwihviRfWsdlk3P4m/7x1OQGJZYWp2UHbXouX2hUl
UlxPYTaB5+/H1rdwJuKHf0U/D3kzmV+2MxfNrblEL31AFS0xHaI9mBZ06/vVwL//
EkMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org