Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jWTmnCNQmmyEET8rlKNIpbiw540.roa
File: jWTmnCNQmmyEET8rlKNIpbiw540.roa (raw, json)
Hash identifier: 7f5cUUQyyywaOkXP16Az1mED5Vvkd/fked8QAIGBHoQ=
Subject key identifier: 8D:64:E6:9C:23:50:9A:6C:84:11:3F:2B:94:A3:48:A5:B8:B0:E7:8D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187E64E6E4E59B08D7339AB18DFF66A8DB8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jWTmnCNQmmyEET8rlKNIpbiw540.roa
Signing time: Thu 04 May 2023 10:28:32 +0000
ROA not before: Thu 04 May 2023 10:28:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:4e:6e:4e:59:b0:8d:73:39:ab:18:df:f6:6a:8d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 4 10:28:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d64e69c23509a6c84113f2b94a348a5b8b0e78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:23:02:e1:97:35:26:f7:f8:9a:4c:eb:e1:b2:
6f:9a:46:57:92:36:f8:ca:11:d9:1a:6d:a5:1b:b8:
a4:08:9c:79:3a:5a:18:b9:41:f2:6b:26:dd:a0:08:
c6:26:1c:c6:0d:40:51:8b:ad:27:52:05:0b:cc:a2:
c3:fb:ca:ff:7c:80:43:17:40:ec:16:45:e8:bf:86:
33:b7:88:9a:d0:4e:9f:58:2e:78:6a:26:30:55:1d:
bb:dd:c7:49:bd:7a:17:d7:08:e3:dc:9a:f5:ee:e3:
18:eb:9d:1c:e1:06:3a:a1:fd:96:17:80:f9:36:e0:
75:24:04:84:e8:e2:cc:8a:77:ac:ad:42:10:e4:a8:
68:cf:9b:55:bd:22:ba:02:ec:90:4f:8d:28:29:77:
16:1d:0e:da:25:b3:3a:6a:60:69:29:67:89:b2:96:
b5:63:21:c9:81:64:f9:49:35:45:44:0d:2a:26:be:
e9:3b:03:e1:f7:1f:29:0d:93:12:9e:41:da:78:d6:
c8:46:73:65:9d:0f:dd:2c:d5:da:1a:47:9d:6b:80:
bd:61:27:57:97:8a:30:2a:7d:23:99:06:ee:dd:37:
bf:95:60:d3:f3:2c:1c:23:7c:5c:67:7c:ae:3e:7e:
c9:22:78:f4:e5:ce:1f:83:6d:67:48:b0:29:a5:e5:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:64:E6:9C:23:50:9A:6C:84:11:3F:2B:94:A3:48:A5:B8:B0:E7:8D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jWTmnCNQmmyEET8rlKNIpbiw540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.132.0/24
103.205.25.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ba:ae:54:8a:00:a8:41:ec:dd:4b:0f:79:48:2f:0d:97:3c:
3c:5f:98:75:07:82:79:03:f3:87:12:84:33:6e:2e:da:82:7c:
b7:ba:3e:c5:9f:11:ce:70:ce:2c:0e:19:6b:00:1c:be:e8:ee:
8c:1f:8f:96:e8:d7:06:8d:fc:d3:a0:25:07:92:e8:cf:3c:05:
97:91:05:39:e6:a6:b9:72:d2:e6:ad:1d:fa:46:00:46:c1:7e:
5c:23:48:1e:98:71:b0:6f:0c:62:bb:f2:c1:7c:9f:63:5b:4e:
b5:e4:96:10:38:f9:1c:5b:a3:eb:11:67:68:fd:ac:70:37:c5:
61:e8:41:2f:d8:36:d0:17:fe:9d:79:a8:6b:c6:26:9e:86:b4:
62:b4:2f:23:10:ba:2d:bf:1e:4b:35:98:3f:cd:8e:0a:b8:2e:
4c:4a:62:dc:88:49:be:c9:96:50:e6:a4:e5:cf:2f:e6:20:04:
63:52:96:b6:46:1d:e1:ba:df:0f:30:e0:c6:b8:9d:1f:4e:52:
f7:63:ca:c6:03:bf:5d:2d:8e:81:b0:45:30:9b:d0:4a:8f:58:
99:e8:7e:02:80:03:b8:07:a3:bf:16:63:ca:4f:97:f2:6d:05:
8d:ba:76:5b:2e:8d:b4:38:52:5b:42:e3:7d:4a:4e:ab:45:75:
a0:cb:17:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYfmTm5OWbCNczmrGN/2ao24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA0MTAyODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDY0ZTY5YzIzNTA5YTZjODQxMTNmMmI5NGEzNDhhNWI4YjBlNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyMC4Zc1Jvf4mkzr4bJvmkZXkjb4
yhHZGm2lG7ikCJx5OloYuUHyaybdoAjGJhzGDUBRi60nUgULzKLD+8r/fIBDF0Ds
FkXov4Yzt4ia0E6fWC54aiYwVR273cdJvXoX1wjj3Jr17uMY650c4QY6of2WF4D5
NuB1JASE6OLMinesrUIQ5Khoz5tVvSK6AuyQT40oKXcWHQ7aJbM6amBpKWeJspa1
YyHJgWT5STVFRA0qJr7pOwPh9x8pDZMSnkHaeNbIRnNlnQ/dLNXaGkeda4C9YSdX
l4owKn0jmQbu3Te/lWDT8ywcI3xcZ3yuPn7JInj05c4fg21nSLAppeV+jQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI1k5pwjUJpshBE/K5SjSKW4sOeNMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaldUbW5DTlFtbXlFRVQ4cmxLTklwYml3NTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAPsWEAwQA
Z80ZMAwDBACy78EDBACy78IDBACy78gwDQYJKoZIhvcNAQELBQADggEBAE26rlSK
AKhB7N1LD3lILw2XPDxfmHUHgnkD84cShDNuLtqCfLe6PsWfEc5wziwOGWsAHL7o
7owfj5bo1waN/NOgJQeS6M88BZeRBTnmprly0uatHfpGAEbBflwjSB6YcbBvDGK7
8sF8n2NbTrXklhA4+Rxbo+sRZ2j9rHA3xWHoQS/YNtAX/p15qGvGJp6GtGK0LyMQ
ui2/Hks1mD/Njgq4LkxKYtyISb7JllDmpOXPL+YgBGNSlrZGHeG63w8w4Ma4nR9O
UvdjysYDv10tjoGwRTCb0EqPWJnofgKAA7gHo78WY8pPl/JtBY26dlsujbQ4UltC
431KTqtFdaDLF8w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org