Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aMs28ABQ5ak3GYPuS0lceBO07Uk.roa
File: aMs28ABQ5ak3GYPuS0lceBO07Uk.roa (raw, json)
Hash identifier: c8MKehm/oDyr1czN7TEReaTQVwotelc2cvRn/kyv5VQ=
Subject key identifier: 68:CB:36:F0:00:50:E5:A9:37:19:83:EE:4B:49:5C:78:13:B4:ED:49
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187E64E6DB9BF61D688F8383A825EFF1A39
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aMs28ABQ5ak3GYPuS0lceBO07Uk.roa
Signing time: Thu 04 May 2023 10:28:32 +0000
ROA not before: Thu 04 May 2023 10:28:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:4e:6d:b9:bf:61:d6:88:f8:38:3a:82:5e:ff:1a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 4 10:28:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68cb36f00050e5a9371983ee4b495c7813b4ed49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ea:e6:f2:5c:b0:7d:c4:07:df:3e:c3:8f:bf:
b9:df:6a:43:5d:2d:4e:36:3d:27:05:27:8c:d6:26:
4c:eb:99:a0:d2:f2:29:8a:32:fe:8f:16:59:ac:c7:
00:6e:90:69:b8:1e:0a:ba:7c:f6:87:fd:b7:5c:1b:
a7:0e:9f:5e:58:70:36:27:ed:30:3d:82:54:82:ec:
ba:a3:1e:ad:56:5b:4b:1c:1b:b5:75:6e:9e:52:ce:
2b:da:d4:db:20:4d:28:8b:1b:58:e8:df:7c:73:23:
47:da:7e:b4:ce:ea:e3:df:ad:2d:60:ef:b8:32:be:
be:d8:d4:7d:3f:2a:dc:c7:5d:97:17:01:57:c4:ed:
ad:08:8f:da:f3:f7:7d:ba:c6:3f:10:a9:25:aa:af:
07:89:e5:dc:76:26:a1:e1:24:32:ff:65:dc:c7:41:
c2:54:0f:81:7f:8d:e7:4a:48:67:b7:60:94:45:b4:
5c:32:cf:31:96:fd:00:41:2a:03:c7:29:72:03:ab:
7d:c0:61:b9:20:8e:83:ec:f0:f0:60:e3:31:70:fe:
e9:42:17:5a:6d:e6:15:88:1c:fc:33:7a:1c:1a:16:
df:8a:35:4a:e7:b1:80:5e:05:d4:2f:a0:1e:01:45:
f5:0f:f6:8e:a9:2d:f6:df:7c:ac:e4:71:46:c4:50:
81:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CB:36:F0:00:50:E5:A9:37:19:83:EE:4B:49:5C:78:13:B4:ED:49
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aMs28ABQ5ak3GYPuS0lceBO07Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.128.0/24
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
91.209.12.0/24
178.239.192.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0-185.229.106.255
185.230.248.0/23
185.236.62.0/24
185.245.236.0-185.245.238.255
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0f:5b:a2:ae:14:5f:cd:ce:65:cd:18:46:87:6f:55:a8:55:
58:2f:e6:ce:f2:51:46:53:ea:e2:cd:f8:28:83:0a:cd:49:c1:
29:cf:72:2a:8c:c2:a9:46:62:58:cc:ab:4f:d8:b3:c3:b5:9d:
44:8d:1e:9d:66:50:4a:0d:cb:3c:34:4c:6f:eb:6d:0c:32:03:
fb:e7:8a:cd:a6:46:dd:89:99:fc:c2:d0:96:2d:bb:8c:30:13:
1c:87:3c:9a:a6:11:55:53:53:34:5e:d4:6a:7f:26:85:7a:eb:
14:13:4b:57:69:8a:0b:9f:28:74:32:99:4f:28:67:11:58:24:
6a:49:cc:4f:e8:4c:33:00:12:33:7f:ed:e5:2a:8d:b2:19:d2:
8d:e0:34:e6:29:9c:01:4f:c1:d8:34:b5:cc:50:11:5f:70:c3:
0b:c3:d6:a5:fc:66:45:f7:79:af:15:14:28:03:24:4d:3f:b8:
d2:a7:16:d4:4e:9e:87:7b:49:8f:87:3d:c5:8a:0a:d4:66:03:
10:50:f1:71:cd:8f:a2:3b:ca:1c:ef:3e:60:35:7d:af:38:78:
6b:20:74:a5:09:7a:73:66:a4:18:19:82:d6:c6:3a:74:ca:0f:
d2:24:55:12:50:2c:37:4e:66:85:ab:91:e1:10:2c:13:9f:ed:
b9:b9:ef:c5
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYfmTm25v2HWiPg4OoJe/xo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA0MTAyODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNiMzZmMDAwNTBlNWE5MzcxOTgzZWU0YjQ5NWM3ODEzYjRlZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmerm8lywfcQH3z7Dj7+532pDXS1O
Nj0nBSeM1iZM65mg0vIpijL+jxZZrMcAbpBpuB4Kunz2h/23XBunDp9eWHA2J+0w
PYJUguy6ox6tVltLHBu1dW6eUs4r2tTbIE0oixtY6N98cyNH2n60zurj360tYO+4
Mr6+2NR9Pyrcx12XFwFXxO2tCI/a8/d9usY/EKklqq8HieXcdiah4SQy/2Xcx0HC
VA+Bf43nSkhnt2CURbRcMs8xlv0AQSoDxylyA6t9wGG5II6D7PDwYOMxcP7pQhda
beYViBz8M3ocGhbfijVK57GAXgXUL6AeAUX1D/aOqS3233ys5HFGxFCB3wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFGjLNvAAUOWpNxmD7ktJXHgTtO1JMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYU1zMjhBQlE1YWszR1lQdVMwbGNlQk8wN1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4wDAME
Ay2fmAMEAC2fmgMEAD7FgAMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gME
AFvRDAMEALLvwAMEALLvywMEALlnSQMEALlnSzAMAwQAuXORAwQAuXOSAwQBuXnm
MAwDBAO55WgDBAC55WoDBAG55vgDBAC57D4wDAMEArn17AMEALn17gMEAcIEnAME
AMIEnwMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAlw9boq4UX83OZc0YRodvVahV
WC/mzvJRRlPq4s34KIMKzUnBKc9yKozCqUZiWMyrT9izw7WdRI0enWZQSg3LPDRM
b+ttDDID++eKzaZG3YmZ/MLQli27jDATHIc8mqYRVVNTNF7Uan8mhXrrFBNLV2mK
C58odDKZTyhnEVgkaknMT+hMMwASM3/t5SqNshnSjeA05imcAU/B2DS1zFARX3DD
C8PWpfxmRfd5rxUUKAMkTT+40qcW1E6eh3tJj4c9xYoK1GYDEFDxcc2PojvKHO8+
YDV9rzh4ayB0pQl6c2akGBmC1sY6dMoP0iRVElAsN05mhauR4RAsE5/tubnvxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org