Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X-8q6TPvWP1aF6NtUTnWXp5w4oI.roa
File: X-8q6TPvWP1aF6NtUTnWXp5w4oI.roa (raw, json)
Hash identifier: o1KV6G0r5JA8dm1Tqgvth7sUuOpTT4Imq4u4opZGGuU=
Subject key identifier: 5F:EF:2A:E9:33:EF:58:FD:5A:17:A3:6D:51:39:D6:5E:9E:70:E2:82
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185F290B6069C2BE57C788BA8AB7D46FEC3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X-8q6TPvWP1aF6NtUTnWXp5w4oI.roa
Signing time: Fri 27 Jan 2023 09:30:48 +0000
ROA not before: Fri 27 Jan 2023 09:30:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 193.42.52.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:90:b6:06:9c:2b:e5:7c:78:8b:a8:ab:7d:46:fe:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 27 09:30:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fef2ae933ef58fd5a17a36d5139d65e9e70e282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b3:45:59:5f:64:e2:51:56:e3:46:9d:e7:79:
63:02:39:fe:44:1e:eb:94:70:60:6d:61:69:c2:56:
6f:b6:e4:f7:2a:7b:7f:6b:1b:2f:51:8a:58:97:ef:
74:d6:d0:6b:26:8b:18:13:4e:3f:d5:73:e7:62:dc:
38:e9:24:fd:e9:bb:d9:15:40:61:6e:13:c3:9a:35:
01:73:36:03:94:2f:85:47:e9:22:34:38:19:f8:ef:
13:7b:47:80:36:7f:54:5f:a6:2f:22:cf:13:45:f1:
4d:4d:70:2b:ba:5a:4b:60:7c:a8:86:68:8a:c1:d5:
34:12:e0:3e:d8:66:be:b1:3d:9a:5b:82:f2:2b:5d:
9b:f7:e5:52:9a:8b:a1:82:11:94:99:21:4f:df:3b:
fd:03:c3:e3:fc:4a:3b:d8:76:8a:7f:05:36:aa:79:
c5:24:84:a1:ca:ce:75:f0:6d:36:1e:3d:ef:46:22:
26:e3:45:3c:e5:b8:44:13:72:c8:ee:6d:e6:f8:b3:
f8:bd:c8:4b:8c:01:92:e8:93:fb:a1:bb:c0:7f:46:
06:c6:dd:d8:52:b5:76:a9:2d:41:65:24:35:bd:43:
ee:1b:8d:f7:a8:a7:60:ff:99:50:86:5d:c5:94:54:
b1:57:36:ea:47:37:83:3d:60:c1:5b:15:cd:7d:59:
1f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:EF:2A:E9:33:EF:58:FD:5A:17:A3:6D:51:39:D6:5E:9E:70:E2:82
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X-8q6TPvWP1aF6NtUTnWXp5w4oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.73.0-185.103.74.255
193.42.52.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e5:c1:b4:f0:6d:54:9a:d8:66:34:26:21:3f:23:33:d9:c1:
b1:e1:c8:b3:88:37:85:ce:ba:6b:37:c2:72:c7:13:fd:af:5d:
f5:44:b2:d8:f3:f2:1f:4d:6d:77:d5:ba:c1:31:b6:d8:e3:61:
4a:21:df:42:25:db:52:2f:d9:f7:ac:cc:d8:d4:ae:c4:00:76:
ef:ca:8a:f8:a6:f5:ba:b6:c4:d9:74:6e:85:6c:bb:f8:e1:f6:
5d:d2:05:bb:80:64:77:9e:12:9a:60:0c:e4:f9:20:88:82:27:
d1:a8:e7:18:ad:2d:0b:05:98:71:70:7c:ac:8c:2f:a6:3e:4b:
6e:50:2f:65:53:c1:14:7a:81:00:79:61:ff:25:70:a3:57:1d:
13:e8:bb:f6:a3:ce:14:91:87:77:0e:49:ff:8d:65:9c:37:d8:
aa:da:b7:01:12:97:09:04:d0:6c:e7:a1:8e:00:8d:19:b6:4f:
67:14:f5:dd:b7:57:62:52:5e:a6:d3:8b:03:50:41:3e:0a:5d:
27:0a:cc:09:fc:65:fc:63:d6:e0:2e:72:18:ac:ef:97:79:f7:
7e:83:69:c2:05:05:dc:66:fc:64:b6:29:79:b8:02:e3:38:fc:
da:95:9a:42:4c:e8:42:41:54:e7:05:62:1f:5c:20:2f:c7:64:
94:06:8b:de
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXykLYGnCvlfHiLqKt9Rv7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDkzMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmVmMmFlOTMzZWY1OGZkNWExN2EzNmQ1MTM5ZDY1ZTllNzBlMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rNFWV9k4lFW40ad53ljAjn+RB7r
lHBgbWFpwlZvtuT3Knt/axsvUYpYl+901tBrJosYE04/1XPnYtw46ST96bvZFUBh
bhPDmjUBczYDlC+FR+kiNDgZ+O8Te0eANn9UX6YvIs8TRfFNTXArulpLYHyohmiK
wdU0EuA+2Ga+sT2aW4LyK12b9+VSmouhghGUmSFP3zv9A8Pj/Eo72HaKfwU2qnnF
JIShys518G02Hj3vRiIm40U85bhEE3LI7m3m+LP4vchLjAGS6JP7obvAf0YGxt3Y
UrV2qS1BZSQ1vUPuG433qKdg/5lQhl3FlFSxVzbqRzeDPWDBWxXNfVkfVQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF/vKukz71j9WhejbVE51l6ecOKCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWC04cTZUUHZXUDFhRjZOdFVUbldYcDV3NG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5Z0kD
BAC5Z0oDBADBKjQwDQYJKoZIhvcNAQELBQADggEBAJPlwbTwbVSa2GY0JiE/IzPZ
wbHhyLOIN4XOums3wnLHE/2vXfVEstjz8h9NbXfVusExttjjYUoh30Il21Iv2fes
zNjUrsQAdu/Kivim9bq2xNl0boVsu/jh9l3SBbuAZHeeEppgDOT5IIiCJ9Go5xit
LQsFmHFwfKyML6Y+S25QL2VTwRR6gQB5Yf8lcKNXHRPou/ajzhSRh3cOSf+NZZw3
2KratwESlwkE0GznoY4AjRm2T2cU9d23V2JSXqbTiwNQQT4KXScKzAn8Zfxj1uAu
chis75d5936DacIFBdxm/GS2KXm4AuM4/NqVmkJM6EJBVOcFYh9cIC/HZJQGi94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org