Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eAUeaOem8183Nw30u3NZ_FhGfDQ.roa
File: eAUeaOem8183Nw30u3NZ_FhGfDQ.roa (raw, json)
Hash identifier: aFjv06pTyzhW4PvqauUFffg+N4MA7iZpHp80i20jiOI=
Subject key identifier: 78:05:1E:68:E7:A6:F3:5F:37:37:0D:F4:BB:73:59:FC:58:46:7C:34
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187FB51B83ADE63923150E5556AF57FF985
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eAUeaOem8183Nw30u3NZ_FhGfDQ.roa
Signing time: Mon 08 May 2023 12:24:09 +0000
ROA not before: Mon 08 May 2023 12:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
89.38.136.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:51:b8:3a:de:63:92:31:50:e5:55:6a:f5:7f:f9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 8 12:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78051e68e7a6f35f37370df4bb7359fc58467c34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:54:26:66:c3:80:1d:18:b4:69:b3:63:27:24:
84:73:04:57:fe:02:ea:07:d7:ad:a5:0a:24:b3:a0:
19:b5:3c:bb:30:3e:2f:cc:33:b2:ca:08:d5:f4:bb:
9c:72:d6:ed:41:be:c5:6b:4b:19:08:a8:aa:ee:c2:
9f:37:63:d6:62:a0:7e:a9:82:b4:94:44:b2:d9:3c:
01:3e:b8:f8:ba:64:be:de:5a:34:ab:8a:18:37:fe:
0f:fc:68:43:7e:ac:27:3c:e5:40:61:cd:3c:b8:b6:
64:d3:e8:48:5b:bb:12:51:e4:d3:64:99:4c:c3:a8:
6e:d6:ed:67:c3:32:8a:ec:15:3a:6a:43:09:47:9b:
fa:9c:7f:e6:bf:73:ae:74:e2:b0:5e:dd:40:86:7e:
99:6e:78:d7:9b:ed:12:09:74:53:59:ab:3c:f6:86:
b9:4a:c7:a3:c6:24:e3:14:8e:05:f6:3f:d0:bb:04:
3e:ee:a1:d9:1b:c3:75:b8:c5:ff:95:c9:23:c4:84:
75:72:2d:11:a0:8b:ca:ab:dc:a5:80:1a:1b:6b:e3:
55:d1:3b:1b:4d:55:1e:53:51:29:ae:06:4e:2a:0d:
d6:b1:5d:7d:4a:cd:95:c7:26:cc:4c:d4:c1:54:15:
45:13:e9:09:93:02:1c:c2:c7:76:28:48:86:ec:85:
b2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:05:1E:68:E7:A6:F3:5F:37:37:0D:F4:BB:73:59:FC:58:46:7C:34
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eAUeaOem8183Nw30u3NZ_FhGfDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.128.0/24
62.197.135.0/24
78.142.242.0/23
89.38.136.0/24
89.43.208.0/24
89.43.210.0/23
91.209.12.0/24
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
194.4.156.0/23
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
55:57:1a:bb:16:59:73:a8:fd:34:a6:a6:5b:61:55:72:1b:c2:
52:57:b9:2a:10:79:dc:e0:b1:ca:d8:09:52:44:dc:66:f3:69:
16:57:6a:e4:26:ce:9a:5c:c3:c9:16:fe:ff:d9:95:0f:31:8e:
e9:4f:0b:7c:a5:97:3d:da:a9:f4:93:d5:90:bc:23:29:71:a7:
5d:cc:44:b7:08:e9:96:28:6e:74:1e:66:c5:cf:2b:34:a5:b9:
c5:4d:79:96:92:c6:5e:91:ad:53:01:96:54:74:74:4c:df:e9:
1c:01:b9:0e:c9:f5:32:38:4a:da:44:41:24:7a:82:c2:46:4d:
24:69:ab:87:8d:be:33:e4:d4:24:1d:69:0c:59:91:16:f3:0a:
62:98:19:5f:5f:76:fd:85:28:2e:80:03:e5:50:9d:11:30:0f:
d4:59:ee:c1:e0:5b:ef:97:fb:a8:62:a2:67:09:2c:12:92:99:
71:37:2a:05:2f:08:38:b9:ff:09:24:98:90:a1:c0:c3:c8:7e:
9f:45:d0:b6:e3:ea:28:f7:ec:34:e5:56:32:c3:7c:89:e7:e0:
bf:8d:26:fc:7d:41:99:d7:7a:3f:c6:24:db:ed:96:da:50:7d:
0f:f3:fa:46:f0:16:65:5d:0b:90:3c:96:b4:d6:62:7a:2b:99:
04:ce:3d:a1
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYf7Ubg63mOSMVDlVWr1f/mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA4MTIyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODA1MWU2OGU3YTZmMzVmMzczNzBkZjRiYjczNTlmYzU4NDY3YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFQmZsOAHRi0abNjJySEcwRX/gLq
B9etpQoks6AZtTy7MD4vzDOyygjV9LucctbtQb7Fa0sZCKiq7sKfN2PWYqB+qYK0
lESy2TwBPrj4umS+3lo0q4oYN/4P/GhDfqwnPOVAYc08uLZk0+hIW7sSUeTTZJlM
w6hu1u1nwzKK7BU6akMJR5v6nH/mv3OudOKwXt1Ahn6ZbnjXm+0SCXRTWas89oa5
SsejxiTjFI4F9j/QuwQ+7qHZG8N1uMX/lckjxIR1ci0RoIvKq9ylgBoba+NV0Tsb
TVUeU1EprgZOKg3WsV19Ss2VxybMTNTBVBVFE+kJkwIcwsd2KEiG7IWy7QIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFHgFHmjnpvNfNzcN9LtzWfxYRnw0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZUFVZWFPZW04MTgzTnczMHUzTlpfRmhHZkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaowDAME
Ay2fmAMEAC2fmgMEAD7FgAMEAD7FhwMEAU6O8gMEAFkmiAMEAFkr0AMEAVkr0gME
AFvRDAMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/LAwQAuWdJAwQAuWdLMAwDBAC5
c5EDBAC5c5IDBAG5eeYDBAK55WgDBAG55vgDBAG57D4wDAMEArn17AMEALn17gME
AsCm1AMEAcIEnAMEAMIEnwMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAVVcauxZZ
c6j9NKamW2FVchvCUle5KhB53OCxytgJUkTcZvNpFldq5CbOmlzDyRb+/9mVDzGO
6U8LfKWXPdqp9JPVkLwjKXGnXcxEtwjplihudB5mxc8rNKW5xU15lpLGXpGtUwGW
VHR0TN/pHAG5Dsn1MjhK2kRBJHqCwkZNJGmrh42+M+TUJB1pDFmRFvMKYpgZX192
/YUoLoAD5VCdETAP1FnuweBb75f7qGKiZwksEpKZcTcqBS8IOLn/CSSYkKHAw8h+
n0XQtuPqKPfsNOVWMsN8iefgv40m/H1Bmdd6P8Yk2+2W2lB9D/P6RvAWZV0LkDyW
tNZieiuZBM49oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org