Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jhUomXrOUMZ7MMY3l1TZzOZ-82I.roa
File: jhUomXrOUMZ7MMY3l1TZzOZ-82I.roa (raw, json)
Hash identifier: fEb/wAkx7s0VzQiE4JY2+t3b0Z56JOTkjC38v1HZgaM=
Subject key identifier: 8E:15:28:99:7A:CE:50:C6:7B:30:C6:37:97:54:D9:CC:E6:7E:F3:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01885C30D915DF10DEDBDD20D9261F152590
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jhUomXrOUMZ7MMY3l1TZzOZ-82I.roa
Signing time: Sat 27 May 2023 07:51:25 +0000
ROA not before: Sat 27 May 2023 07:51:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5c:30:d9:15:df:10:de:db:dd:20:d9:26:1f:15:25:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 27 07:51:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e1528997ace50c67b30c6379754d9cce67ef362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:aa:a0:65:6b:4f:c5:d3:9b:a6:3c:53:99:38:
04:96:21:48:2f:99:c8:a3:62:4d:97:d1:d6:9e:68:
05:04:b8:b4:90:d5:f3:17:2a:10:c4:2b:00:27:02:
11:15:fd:b1:79:68:ca:42:78:a2:de:de:05:76:79:
ab:bb:37:0a:95:2c:15:fe:d4:10:66:4c:99:76:d5:
f4:39:f5:4b:b2:b2:49:0d:d5:cf:8f:88:9e:9b:75:
a8:a6:87:d9:53:0f:4c:37:1e:ea:cf:a7:1a:e4:8b:
a6:9a:7c:d4:31:5b:37:4e:11:97:0a:a5:13:ce:dd:
da:1a:a4:99:3f:bb:67:f8:fe:46:93:27:d4:8a:20:
74:51:31:ec:98:e7:66:e9:b3:95:81:c3:71:37:6e:
18:32:f7:4b:dd:64:e6:db:d8:bf:91:3e:d4:57:84:
a7:35:11:ab:7f:36:8f:8d:a0:b7:5c:2a:4e:0d:92:
cc:67:e4:9f:f9:aa:c6:85:5c:17:fb:54:47:b9:1e:
e8:a7:6b:02:51:33:5d:fe:f3:b9:fb:5f:96:de:25:
9c:7b:38:3e:7b:ed:1b:63:ff:61:8d:71:8e:b7:02:
0c:f2:6f:35:04:49:5b:5c:8c:0a:08:4b:23:be:ce:
a0:48:b2:93:af:5b:ad:07:63:db:c7:28:84:c7:ed:
65:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:15:28:99:7A:CE:50:C6:7B:30:C6:37:97:54:D9:CC:E6:7E:F3:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jhUomXrOUMZ7MMY3l1TZzOZ-82I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/24
78.142.242.0/23
89.43.208.0/24
89.43.210.0/23
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.200.0/24
178.239.203.0/24
185.103.73.0/24
185.103.75.0/24
185.115.145.0-185.115.146.255
185.121.228.0/24
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:e2:fa:29:15:25:b1:1b:04:9e:f9:f3:d1:1e:dd:43:9b:63:
9e:b2:bb:66:b8:44:b3:de:6c:61:b1:ec:c0:42:7a:5e:0a:fc:
da:48:f4:a8:6d:5c:d7:65:7a:d8:8e:a6:11:a2:2b:6c:93:28:
6c:a9:96:90:15:a0:bf:c7:80:b8:94:cd:93:5e:f9:22:11:e2:
d5:b2:74:b0:be:08:c8:4e:56:b2:72:bb:d2:92:33:47:aa:68:
3e:04:53:97:2c:ad:e9:99:27:6e:a2:a6:18:46:bc:37:98:c4:
99:ef:70:da:7a:df:76:14:da:90:51:a3:35:97:6e:d5:0d:f3:
2b:88:e3:c3:09:9f:01:11:70:82:5c:7a:da:2f:5d:f8:0d:c7:
6d:39:f4:6b:07:fe:f5:a1:7b:a5:c1:54:55:4c:d9:73:fd:54:
e5:72:4f:23:c4:d3:6a:54:49:e0:02:e4:c9:56:1f:6d:21:1e:
5e:c5:5b:d2:b3:88:1d:d8:c2:d5:da:f9:b7:fb:df:6b:c4:66:
f7:8f:52:19:b0:a9:cd:55:e3:00:f3:5a:61:5e:3c:92:fc:e7:
84:37:e6:99:9a:e4:c1:7e:3b:67:7a:d3:37:68:6a:e9:78:24:
6c:75:d1:bd:99:15:40:8d:d8:35:43:b5:e1:62:2f:56:90:05:
14:de:42:e0
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYhcMNkV3xDe290g2SYfFSWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTI3MDc1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE1Mjg5OTdhY2U1MGM2N2IzMGM2Mzc5NzU0ZDljY2U2N2VmMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqqgZWtPxdObpjxTmTgEliFIL5nI
o2JNl9HWnmgFBLi0kNXzFyoQxCsAJwIRFf2xeWjKQnii3t4FdnmruzcKlSwV/tQQ
ZkyZdtX0OfVLsrJJDdXPj4iem3WopofZUw9MNx7qz6ca5IummnzUMVs3ThGXCqUT
zt3aGqSZP7tn+P5GkyfUiiB0UTHsmOdm6bOVgcNxN24YMvdL3WTm29i/kT7UV4Sn
NRGrfzaPjaC3XCpODZLMZ+Sf+arGhVwX+1RHuR7op2sCUTNd/vO5+1+W3iWcezg+
e+0bY/9hjXGOtwIM8m81BElbXIwKCEsjvs6gSLKTr1utB2PbxyiEx+1luQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFI4VKJl6zlDGezDGN5dU2czmfvNiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvamhVb21Yck9VTVo3TU1ZM2wxVFp6T1otODJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4wDAME
Ay2fmAMEAC2fmgMEAD7FhAMEAD7FhwMEAE1LPAMEAE1LPgMEAU6O8gMEAFkr0AME
AVkr0gMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/IAwQAsu/LAwQAuWdJAwQAuWdL
MAwDBAC5c5EDBAC5c5IDBAC5eeQDBAG5eeYDBAK55WgDBAG55vgDBAG57D4wDAME
Arn17AMEALn17gMEAsCm1AMEAMETagMEAMEqNAMEAcEqNgMEAcIEnAMEAMIEnwME
AMsACAMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAPOL6KRUlsRsEnvnz0R7dQ5tj
nrK7ZrhEs95sYbHswEJ6Xgr82kj0qG1c12V62I6mEaIrbJMobKmWkBWgv8eAuJTN
k175IhHi1bJ0sL4IyE5WsnK70pIzR6poPgRTlyyt6ZknbqKmGEa8N5jEme9w2nrf
dhTakFGjNZdu1Q3zK4jjwwmfARFwglx62i9d+A3HbTn0awf+9aF7pcFUVUzZc/1U
5XJPI8TTalRJ4ALkyVYfbSEeXsVb0rOIHdjC1dr5t/vfa8Rm949SGbCpzVXjAPNa
YV48kvznhDfmmZrkwX47Z3rTN2hq6XgkbHXRvZkVQI3YNUO14WIvVpAFFN5C4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org