Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SuU3B-MUFx3VjGeWetxJTYEG-Cw.roa
File: SuU3B-MUFx3VjGeWetxJTYEG-Cw.roa (raw, json)
Hash identifier: JXZ5aCOBVTQESo4W3eW5yAXyKE8BOo2BPayWDl7T5jQ=
Subject key identifier: 4A:E5:37:07:E3:14:17:1D:D5:8C:67:96:7A:DC:49:4D:81:06:F8:2C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188A9825AADE52122BC71D44941161A39A0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SuU3B-MUFx3VjGeWetxJTYEG-Cw.roa
Signing time: Sun 11 Jun 2023 08:11:12 +0000
ROA not before: Sun 11 Jun 2023 08:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 178.239.202.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:82:5a:ad:e5:21:22:bc:71:d4:49:41:16:1a:39:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 11 08:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ae53707e314171dd58c67967adc494d8106f82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:72:67:af:3d:f2:92:99:11:b3:76:65:94:50:
3d:eb:7e:48:2f:e4:36:10:cd:d7:c5:dd:2a:71:74:
38:48:01:f6:9f:b3:93:b3:0f:3e:3a:97:62:66:e2:
98:59:ca:e8:64:ce:c1:99:6b:37:09:ab:08:49:85:
27:b4:17:63:e7:bb:e0:6b:6e:77:8f:c1:b5:7f:36:
11:bb:ef:69:1a:e9:77:33:ee:bb:55:f7:8f:e6:8d:
47:07:af:a1:ab:8a:42:bd:5a:49:f9:7f:f0:8c:8d:
a1:4a:99:a8:35:9a:34:f6:51:d7:03:15:60:6a:41:
49:5b:48:23:79:37:ec:82:45:d1:cb:fd:c0:ab:61:
e1:5f:ef:ee:13:47:44:e5:54:77:30:e0:90:81:55:
00:0e:d4:6e:10:27:93:4f:85:e1:99:dc:33:bc:2f:
f8:bf:8c:1c:4f:e0:b1:54:c8:15:76:fc:71:1c:55:
ca:a4:d9:96:d7:fb:d3:ec:ef:af:1f:55:94:46:d6:
fd:97:17:17:44:fa:13:16:49:8b:7a:76:83:af:30:
13:ec:36:ce:0e:4f:47:05:a3:c2:51:7b:7d:8b:38:
70:c4:2e:7d:84:4c:73:c3:74:bd:d6:24:dd:65:e7:
f4:6e:a2:fc:85:50:5c:a9:d5:3b:75:e7:40:e5:63:
3c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E5:37:07:E3:14:17:1D:D5:8C:67:96:7A:DC:49:4D:81:06:F8:2C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SuU3B-MUFx3VjGeWetxJTYEG-Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.209.0/24
89.46.92.0/24
93.114.195.0/24
178.239.202.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c4:8e:4b:4e:20:a1:ab:43:7c:88:4c:99:80:0b:6d:4f:68:
d4:50:fe:e3:d4:40:1a:7f:ea:aa:d2:f1:03:87:57:1a:dc:1e:
a0:9e:0a:90:78:90:10:bb:e6:6c:93:35:c2:5a:f0:4b:26:3f:
04:0a:9e:a2:ce:c3:3b:c0:7a:4a:b0:f9:d1:71:89:88:fc:e7:
6d:42:c6:72:e4:c6:3f:ea:de:bc:eb:61:03:32:a2:42:66:fa:
50:b9:49:94:ff:ef:30:66:44:1e:5d:3b:4f:79:01:72:1a:4a:
03:d5:d5:26:63:a4:0e:8b:5d:21:bb:a4:65:1f:75:e5:21:42:
19:e7:20:5b:a6:b1:7e:ac:13:69:5d:19:b8:35:eb:cd:c8:4a:
12:a3:ca:86:4c:6a:66:e7:c7:08:46:20:00:c0:e7:1d:b6:78:
69:e3:28:fd:2e:89:cb:88:3e:66:1f:21:54:92:cb:6c:1c:54:
b9:95:47:1c:a2:de:7e:e8:d6:72:02:7d:a9:d6:b2:e1:69:9b:
d7:2c:9d:99:56:b0:11:c4:68:0e:97:39:36:2d:91:25:73:d0:
fa:d2:bd:0c:8c:04:e0:3f:fc:80:0a:5d:b0:13:cf:f6:39:9e:
ae:08:f4:d1:4b:9b:55:08:a7:7f:a4:56:a0:30:82:e8:c4:7f:
72:08:69:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYipglqt5SEivHHUSUEWGjmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjExMDgxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU1MzcwN2UzMTQxNzFkZDU4YzY3OTY3YWRjNDk0ZDgxMDZmODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XJnrz3ykpkRs3ZllFA9635IL+Q2
EM3Xxd0qcXQ4SAH2n7OTsw8+OpdiZuKYWcroZM7BmWs3CasISYUntBdj57vga253
j8G1fzYRu+9pGul3M+67VfeP5o1HB6+hq4pCvVpJ+X/wjI2hSpmoNZo09lHXAxVg
akFJW0gjeTfsgkXRy/3Aq2HhX+/uE0dE5VR3MOCQgVUADtRuECeTT4XhmdwzvC/4
v4wcT+CxVMgVdvxxHFXKpNmW1/vT7O+vH1WURtb9lxcXRPoTFkmLenaDrzAT7DbO
Dk9HBaPCUXt9izhwxC59hExzw3S91iTdZef0bqL8hVBcqdU7dedA5WM8FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFErlNwfjFBcd1YxnlnrcSU2BBvgsMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU3VVM0ItTVVGeDNWakdlV2V0eEpUWUVHLUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSvRAwQA
WS5cAwQAXXLDAwQAsu/KMA0GCSqGSIb3DQEBCwUAA4IBAQAExI5LTiChq0N8iEyZ
gAttT2jUUP7j1EAaf+qq0vEDh1ca3B6gngqQeJAQu+ZskzXCWvBLJj8ECp6izsM7
wHpKsPnRcYmI/OdtQsZy5MY/6t6862EDMqJCZvpQuUmU/+8wZkQeXTtPeQFyGkoD
1dUmY6QOi10hu6RlH3XlIUIZ5yBbprF+rBNpXRm4NevNyEoSo8qGTGpm58cIRiAA
wOcdtnhp4yj9LonLiD5mHyFUkstsHFS5lUccot5+6NZyAn2p1rLhaZvXLJ2ZVrAR
xGgOlzk2LZElc9D60r0MjATgP/yACl2wE8/2OZ6uCPTRS5tVCKd/pFagMILoxH9y
CGna
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org