Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Uv4iVc9hxYzYRBijFQpEkbf12ds.roa
File: Uv4iVc9hxYzYRBijFQpEkbf12ds.roa (raw, json)
Hash identifier: ojaVA5BDiJg58Dz9rSUbckar6eb+w+fRnyMpMct40S4=
Subject key identifier: 52:FE:22:55:CF:61:C5:8C:D8:44:18:A3:15:0A:44:91:B7:F5:D9:DB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018682C7C43A6DD28AAD8424C82BEDF7519E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Uv4iVc9hxYzYRBijFQpEkbf12ds.roa
Signing time: Fri 24 Feb 2023 09:36:15 +0000
ROA not before: Fri 24 Feb 2023 09:36:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.121.228.0/23 maxlen: 24
185.121.230.0/23 maxlen: 24
77.75.62.0/23 maxlen: 24
194.4.158.0/23 maxlen: 24
89.43.212.0/22 maxlen: 24
213.32.248.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:c7:c4:3a:6d:d2:8a:ad:84:24:c8:2b:ed:f7:51:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 24 09:36:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52fe2255cf61c58cd84418a3150a4491b7f5d9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c2:b6:bb:42:bc:1a:b4:59:31:b0:dc:ea:7e:
20:b4:86:46:ec:3e:7d:31:77:e6:05:7b:80:8a:0e:
89:f9:77:2d:a7:c3:5c:50:a5:87:06:ae:8a:b4:ad:
a7:22:26:9c:9e:63:42:57:0a:a9:64:e3:b3:f3:31:
fe:05:32:68:38:9c:8f:ac:ef:9d:66:25:13:74:da:
85:09:e6:cd:98:71:a7:4d:75:29:5e:58:d6:d6:8a:
5e:0d:88:43:78:7b:95:e1:61:f3:6e:ca:aa:44:1f:
28:26:60:85:18:f9:62:47:0f:f2:99:4c:16:e9:08:
55:94:68:b2:b0:26:d3:32:d2:69:b1:b3:a7:07:bb:
be:8c:79:56:2a:c0:3b:03:a6:3c:64:b4:5e:f7:77:
0c:30:60:60:48:0b:45:41:55:10:5f:00:08:d8:90:
33:08:66:f5:a8:3d:9a:f7:7c:24:b1:b1:c3:65:5a:
be:fe:68:e5:ae:f1:87:c7:17:92:60:29:bb:cd:bd:
d2:ea:a7:a2:62:f7:04:6d:8d:ee:ab:27:06:01:9b:
41:ca:da:45:d6:5f:1f:f3:b6:77:ee:14:58:91:c7:
a0:0e:cc:15:aa:0d:b5:7a:b3:d5:a6:78:0a:70:05:
2c:1c:a1:a9:bf:8f:f0:ef:69:93:ac:d7:b3:8e:4f:
73:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FE:22:55:CF:61:C5:8C:D8:44:18:A3:15:0A:44:91:B7:F5:D9:DB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Uv4iVc9hxYzYRBijFQpEkbf12ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.62.0/23
89.43.212.0/22
185.121.228.0/22
194.4.158.0/23
213.32.248.0/23
Signature Algorithm: sha256WithRSAEncryption
68:e1:ee:fb:53:06:a7:71:0e:2d:76:8e:6a:3a:d5:9e:6d:76:
9d:14:cf:f9:88:e0:f2:12:b5:c3:85:81:7e:31:41:cc:38:57:
1c:2d:14:0d:bf:d6:36:b7:41:6f:b5:db:c5:05:bd:63:72:d8:
b5:22:5c:38:63:1a:f4:b4:41:7c:40:f2:10:aa:fa:81:e1:46:
67:a6:57:e7:70:23:1f:bc:20:6b:ee:a5:a4:80:31:fa:a8:4f:
65:e3:67:99:a6:bf:70:eb:0c:73:6f:48:38:14:1f:18:c7:99:
3b:32:18:1e:83:59:0a:89:1e:ff:df:d3:49:7f:11:ed:b1:33:
10:a8:26:c6:6c:c0:cd:7c:57:bc:83:be:b1:49:cb:a6:03:5c:
94:01:5a:ad:cb:ca:72:77:8d:73:8b:b5:bb:4a:4b:da:15:95:
16:c9:aa:e7:6d:b8:1d:19:b7:db:80:2f:93:2b:a8:94:9c:08:
5e:63:f8:48:db:80:a4:4b:db:00:98:f6:72:5b:18:85:46:05:
71:60:04:73:be:da:67:39:5c:76:7e:f3:a0:1a:f2:18:e6:e5:
5e:8d:88:e4:c4:ee:60:a8:3d:b8:7d:33:20:5c:00:e9:22:51:
52:26:3e:ba:88:92:b9:b2:a6:8c:a2:07:07:95:16:b0:5a:44:
fa:d5:41:54
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYaCx8Q6bdKKrYQkyCvt91GeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI0MDkzNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZlMjI1NWNmNjFjNThjZDg0NDE4YTMxNTBhNDQ5MWI3ZjVkOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsK2u0K8GrRZMbDc6n4gtIZG7D59
MXfmBXuAig6J+Xctp8NcUKWHBq6KtK2nIiacnmNCVwqpZOOz8zH+BTJoOJyPrO+d
ZiUTdNqFCebNmHGnTXUpXljW1opeDYhDeHuV4WHzbsqqRB8oJmCFGPliRw/ymUwW
6QhVlGiysCbTMtJpsbOnB7u+jHlWKsA7A6Y8ZLRe93cMMGBgSAtFQVUQXwAI2JAz
CGb1qD2a93wksbHDZVq+/mjlrvGHxxeSYCm7zb3S6qeiYvcEbY3uqycGAZtBytpF
1l8f87Z37hRYkcegDswVqg21erPVpngKcAUsHKGpv4/w72mTrNezjk9z7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFL+IlXPYcWM2EQYoxUKRJG39dnbMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVXY0aVZjOWh4WXpZUkJpakZRcEVrYmYxMmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTUs+AwQC
WSvUAwQCuXnkAwQBwgSeAwQB1SD4MA0GCSqGSIb3DQEBCwUAA4IBAQBo4e77Uwan
cQ4tdo5qOtWebXadFM/5iODyErXDhYF+MUHMOFccLRQNv9Y2t0FvtdvFBb1jcti1
Ilw4Yxr0tEF8QPIQqvqB4UZnplfncCMfvCBr7qWkgDH6qE9l42eZpr9w6wxzb0g4
FB8Yx5k7Mhgeg1kKiR7/39NJfxHtsTMQqCbGbMDNfFe8g76xScumA1yUAVqty8py
d41zi7W7SkvaFZUWyarnbbgdGbfbgC+TK6iUnAheY/hI24CkS9sAmPZyWxiFRgVx
YARzvtpnOVx2fvOgGvIY5uVejYjkxO5gqD24fTMgXADpIlFSJj66iJK5sqaMogcH
lRawWkT61UFU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org