Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VhiTHCz7Upu9xR9ZVd2eOGUBpvQ.roa
File: VhiTHCz7Upu9xR9ZVd2eOGUBpvQ.roa (raw, json)
Hash identifier: 3GARuvSBF0qk5XW0au9C/EuCVEpZNjPqQ9iJu6s7hkY=
Subject key identifier: 56:18:93:1C:2C:FB:52:9B:BD:C5:1F:59:55:DD:9E:38:65:01:A6:F4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189816636B42A06B50F2A0DCE18D5AFB9C3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VhiTHCz7Upu9xR9ZVd2eOGUBpvQ.roa
Signing time: Sun 23 Jul 2023 06:18:26 +0000
ROA not before: Sun 23 Jul 2023 06:18:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.251.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:81:66:36:b4:2a:06:b5:0f:2a:0d:ce:18:d5:af:b9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 06:18:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5618931c2cfb529bbdc51f5955dd9e386501a6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:06:2e:e7:4a:0a:e0:da:8f:a0:d7:46:34:0f:
4e:05:b5:3b:3e:4e:4b:b5:48:67:9b:4b:d2:e8:0c:
92:c4:cb:50:d0:6b:6a:fd:da:ff:ac:7c:6d:4b:1f:
a6:ca:1f:45:a6:fd:48:94:31:67:b5:42:f7:b1:a0:
8a:a6:f1:1e:01:4c:d9:01:4f:9a:30:92:29:ed:48:
b9:7a:45:1c:30:1c:f0:9a:8f:d5:ee:75:9f:1b:5e:
d6:24:17:c3:f4:dc:a2:2a:96:b0:e6:78:48:f3:d6:
32:f9:13:c9:ca:7c:d8:f4:88:d1:5a:56:28:d8:0e:
95:42:2b:cc:74:fc:24:96:d1:6d:70:c8:ff:e9:ea:
fd:14:97:a5:6e:1b:aa:6c:16:d8:94:fd:91:65:71:
6c:5a:48:43:5f:fc:ef:86:d0:d8:4f:78:be:ea:bb:
3f:40:01:be:c4:2e:f7:2b:f9:c8:1c:e7:93:3f:14:
75:bc:4e:52:9e:0d:ef:ee:f8:ac:e1:2a:74:4c:4b:
15:ce:6a:7c:ca:ca:3e:1c:be:01:29:9d:50:49:52:
35:98:5e:48:41:7b:7a:b1:49:a6:21:5f:27:a3:57:
11:75:1a:88:00:13:52:84:79:51:cb:81:42:a7:4c:
5b:9c:7f:c6:2a:3a:4a:a3:30:96:ef:07:18:25:53:
a6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:18:93:1C:2C:FB:52:9B:BD:C5:1F:59:55:DD:9E:38:65:01:A6:F4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VhiTHCz7Upu9xR9ZVd2eOGUBpvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.134.0/23
77.75.60.0/24
77.75.62.0/23
78.142.242.0/23
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.43.208.0/24
89.43.210.0/23
89.47.89.0/24
93.114.246.0/24
103.205.25.0-103.205.27.255
103.212.82.0/24
178.239.192.0-178.239.194.255
178.239.200.0/23
178.239.203.0/24
185.9.54.0/24
185.103.72.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.62.0/23
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/22
203.0.8.0/24
213.32.248.0/23
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
94:27:d4:e3:80:ff:98:65:76:6a:ae:51:a9:52:29:51:1f:ec:
94:76:f8:b9:2f:51:14:98:1b:27:d6:47:94:89:32:75:6a:10:
e6:9f:88:ba:c6:92:85:4e:d7:2e:73:9b:cd:86:bb:37:f1:8c:
1b:c7:b6:d2:83:60:89:d1:b2:94:9b:d3:ae:83:a4:81:9d:44:
c0:68:74:65:05:13:27:60:c4:bd:6e:98:c4:35:2c:3b:1f:dd:
31:97:0d:3f:8a:49:b1:90:87:51:77:a5:ab:d4:59:79:7e:46:
5a:68:7d:6b:b3:85:67:2b:2f:07:eb:76:aa:70:2f:7d:cf:94:
a2:69:65:5d:d6:b6:68:96:d1:f4:e8:92:04:49:80:35:a0:7d:
45:de:cb:b4:9c:64:30:bd:aa:d9:6b:f2:20:42:17:0a:52:bd:
89:4e:b9:94:58:28:76:81:18:d6:92:56:76:7b:99:4b:57:47:
1b:47:eb:54:d9:96:fb:f7:51:49:e1:e6:79:ca:1c:20:d3:90:
fe:ab:c4:c8:5c:02:72:ba:4c:39:cf:26:3d:25:bc:d4:b2:9d:
ed:e8:cb:72:83:4d:da:2d:bb:8b:3d:45:65:84:7b:2b:34:bd:
0e:7f:58:ff:6a:2a:55:05:98:f6:6d:0a:c4:6f:2b:f5:44:18:
98:04:10:27
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYmBZja0Kga1DyoNzhjVr7nDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMDYxODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE4OTMxYzJjZmI1MjliYmRjNTFmNTk1NWRkOWUzODY1MDFhNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgYu50oK4NqPoNdGNA9OBbU7Pk5L
tUhnm0vS6AySxMtQ0Gtq/dr/rHxtSx+myh9Fpv1IlDFntUL3saCKpvEeAUzZAU+a
MJIp7Ui5ekUcMBzwmo/V7nWfG17WJBfD9NyiKpaw5nhI89Yy+RPJynzY9IjRWlYo
2A6VQivMdPwkltFtcMj/6er9FJelbhuqbBbYlP2RZXFsWkhDX/zvhtDYT3i+6rs/
QAG+xC73K/nIHOeTPxR1vE5Sng3v7vis4Sp0TEsVzmp8yso+HL4BKZ1QSVI1mF5I
QXt6sUmmIV8no1cRdRqIABNShHlRy4FCp0xbnH/GKjpKozCW7wcYJVOmUQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFFYYkxws+1KbvcUfWVXdnjhlAab0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVmhpVEhDejdVcHU5eFI5WlZkMmVPR1VCcHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyMAwD
BAMtn5gDBAAtn5oDBAA+xYQDBAE+xYYDBABNSzwDBAFNSz4DBAFOjvIDBABZIQ4D
BABZJmUDBABZKKADBABZK9ADBAFZK9IDBABZL1kDBABdcvYwDAMEAGfNGQMEAmfN
GAMEAGfUUjAMAwQGsu/AAwQAsu/CAwQBsu/IAwQAsu/LAwQAuQk2MAwDBAO5Z0gD
BAC5Z0oDBAK5c5ADBAK5eeQDBAK55WgDBAK55vgDBAG57D4DBAK59ewDBAC81hsD
BALAptQDBADBE2oDBADBKjQDBAHBKjYDBALCBJwDBADLAAgDBAHVIPgDBADfG3Aw
DQYJKoZIhvcNAQELBQADggEBAJQn1OOA/5hldmquUalSKVEf7JR2+LkvURSYGyfW
R5SJMnVqEOafiLrGkoVO1y5zm82GuzfxjBvHttKDYInRspSb066DpIGdRMBodGUF
EydgxL1umMQ1LDsf3TGXDT+KSbGQh1F3pavUWXl+RlpofWuzhWcrLwfrdqpwL33P
lKJpZV3WtmiW0fTokgRJgDWgfUXey7ScZDC9qtlr8iBCFwpSvYlOuZRYKHaBGNaS
VnZ7mUtXRxtH61TZlvv3UUnh5nnKHCDTkP6rxMhcAnK6TDnPJj0lvNSyne3oy3KD
Tdotu4s9RWWEeys0vQ5/WP9qKlUFmPZtCsRvK/VEGJgEECc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org