Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fxsKt1F67Qe7K87NQqbCTUU0gzo.roa
File: fxsKt1F67Qe7K87NQqbCTUU0gzo.roa (raw, json)
Hash identifier: /ayN3XeP83/jQLB7hYjwFeAzxWHMbGKplu1NFx8KpLQ=
Subject key identifier: 7F:1B:0A:B7:51:7A:ED:07:BB:2B:CE:CD:42:A6:C2:4D:45:34:83:3A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018673FB5AABB55A953357937E9671E25CDE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fxsKt1F67Qe7K87NQqbCTUU0gzo.roa
Signing time: Tue 21 Feb 2023 12:38:17 +0000
ROA not before: Tue 21 Feb 2023 12:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 178.239.204.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
193.42.53.0/24 maxlen: 24
103.212.81.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:fb:5a:ab:b5:5a:95:33:57:93:7e:96:71:e2:5c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 21 12:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f1b0ab7517aed07bb2bcecd42a6c24d4534833a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:20:10:a8:80:34:c2:5d:5f:2f:73:28:6a:89:
65:24:81:27:4f:fd:1f:0c:a2:a8:ec:59:6c:d4:d6:
83:21:82:c7:e5:7a:6e:6a:65:85:4c:da:49:50:1f:
f1:b2:b1:37:9e:e7:ed:45:ec:a2:bc:e8:64:a7:11:
c4:38:80:3e:39:a6:48:a9:b5:bc:c3:10:72:4a:28:
35:1c:9d:9a:f3:3e:fa:0a:bf:41:93:f8:c9:37:55:
a2:81:5e:a1:9a:e3:d2:8b:63:a8:cd:24:5f:44:a1:
aa:f8:4e:76:e7:14:a2:54:63:bf:60:11:9f:f9:ae:
3d:c8:ca:da:35:75:e2:99:24:33:39:3b:a2:63:fe:
08:b4:a1:af:34:d9:c8:5d:0e:da:cc:63:02:8e:bc:
16:77:5b:47:a1:9f:13:89:fe:d4:5f:d2:17:39:55:
fa:8f:6d:a8:0d:ed:8c:02:e5:a5:50:66:44:f1:dc:
c9:7c:6c:dd:1e:a6:0f:03:81:5d:47:40:fc:c3:b4:
5c:20:61:00:df:32:22:68:f7:7f:c6:e1:b4:9c:1f:
e7:e7:65:5e:50:1b:90:76:4b:11:dc:a4:dd:49:dd:
ca:42:cd:3d:fb:51:73:8f:58:de:74:db:40:e7:28:
16:0a:86:84:f3:76:a6:65:0d:0d:d0:6b:b8:12:be:
03:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1B:0A:B7:51:7A:ED:07:BB:2B:CE:CD:42:A6:C2:4D:45:34:83:3A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fxsKt1F67Qe7K87NQqbCTUU0gzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.212.81.0/24
178.239.201.0/24
178.239.204.0/24
185.103.75.0/24
193.42.53.0-193.42.55.255
Signature Algorithm: sha256WithRSAEncryption
01:fa:61:47:0f:08:d0:0f:be:0f:81:33:3b:d1:5e:f2:b1:43:
c9:0d:bd:47:ba:f5:28:a6:0c:f2:d0:a6:2b:16:e3:d8:57:68:
c8:12:78:82:ed:ce:1a:d2:b0:26:d6:e6:33:58:13:35:f6:d6:
99:6c:ee:8e:d3:24:bc:f2:19:09:71:38:d3:c8:69:3c:6a:7a:
2b:cf:4b:0c:32:d2:7f:53:bb:93:45:30:fc:b3:cb:e2:9a:3d:
91:8e:40:28:72:40:59:3a:fa:8b:4d:4e:bb:9c:d0:5c:5b:5d:
01:2a:db:a6:e3:5f:f1:0d:a8:36:52:ba:f4:57:87:b0:e1:03:
40:5b:1b:7a:6e:1f:a5:62:a9:d6:f3:3a:39:60:c4:f0:ca:c3:
1a:02:3b:e2:90:7a:9c:eb:4f:b8:87:5b:0c:c3:ba:1d:24:c0:
68:19:98:77:3e:b6:59:c6:89:6d:22:c1:2c:58:5b:54:43:1a:
7d:fd:9d:6a:5e:7c:99:a7:54:5f:4a:bd:2f:c4:f1:3a:70:71:
6c:21:99:09:00:2e:47:9a:23:43:50:ce:0e:e6:e4:b5:0a:b7:
88:94:ea:ca:3a:2c:10:d5:f0:76:f8:f1:bf:13:70:88:2e:a2:
0a:07:5a:28:8a:53:1d:f7:0c:06:f6:8e:18:c9:7c:9a:0f:d2:
e9:7b:1c:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYZz+1qrtVqVM1eTfpZx4lzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIxMTIzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFiMGFiNzUxN2FlZDA3YmIyYmNlY2Q0MmE2YzI0ZDQ1MzQ4MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCAQqIA0wl1fL3MoaollJIEnT/0f
DKKo7Fls1NaDIYLH5XpuamWFTNpJUB/xsrE3nuftReyivOhkpxHEOIA+OaZIqbW8
wxBySig1HJ2a8z76Cr9Bk/jJN1WigV6hmuPSi2OozSRfRKGq+E525xSiVGO/YBGf
+a49yMraNXXimSQzOTuiY/4ItKGvNNnIXQ7azGMCjrwWd1tHoZ8Tif7UX9IXOVX6
j22oDe2MAuWlUGZE8dzJfGzdHqYPA4FdR0D8w7RcIGEA3zIiaPd/xuG0nB/n52Ve
UBuQdksR3KTdSd3KQs09+1Fzj1jedNtA5ygWCoaE83amZQ0N0Gu4Er4D8QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFH8bCrdReu0HuyvOzUKmwk1FNIM6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZnhzS3QxRjY3UWU3Szg3TlFxYkNUVVUwZ3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAZ9RRAwQA
su/JAwQAsu/MAwQAuWdLMAwDBADBKjUDBAPBKjAwDQYJKoZIhvcNAQELBQADggEB
AAH6YUcPCNAPvg+BMzvRXvKxQ8kNvUe69SimDPLQpisW49hXaMgSeILtzhrSsCbW
5jNYEzX21pls7o7TJLzyGQlxONPIaTxqeivPSwwy0n9Tu5NFMPyzy+KaPZGOQChy
QFk6+otNTruc0FxbXQEq26bjX/ENqDZSuvRXh7DhA0BbG3puH6ViqdbzOjlgxPDK
wxoCO+KQepzrT7iHWwzDuh0kwGgZmHc+tlnGiW0iwSxYW1RDGn39nWpefJmnVF9K
vS/E8TpwcWwhmQkALkeaI0NQzg7m5LUKt4iU6so6LBDV8Hb48b8TcIguogoHWiiK
Ux33DAb2jhjJfJoP0ul7HAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org