Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l77RAQz7DUIY0ieyqjnbpVd8k8Y.roa
File: l77RAQz7DUIY0ieyqjnbpVd8k8Y.roa (raw, json)
Hash identifier: M4kKZ93NpGMZDmBoD+yub0Q0jk/ITK+gGeoslxaZ8sc=
Subject key identifier: 97:BE:D1:01:0C:FB:0D:42:18:D2:27:B2:AA:39:DB:A5:57:7C:93:C6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185E9040978EABF7BB1AA0EC9D62C375497
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l77RAQz7DUIY0ieyqjnbpVd8k8Y.roa
Signing time: Wed 25 Jan 2023 13:00:33 +0000
ROA not before: Wed 25 Jan 2023 13:00:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150670
IP address blocks: 213.32.250.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:04:09:78:ea:bf:7b:b1:aa:0e:c9:d6:2c:37:54:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 25 13:00:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97bed1010cfb0d4218d227b2aa39dba5577c93c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:62:db:71:e3:95:4a:40:19:e0:ab:83:f8:6e:
af:05:82:c3:7c:19:70:ee:9f:37:8a:45:8c:fa:19:
7f:95:e1:f2:63:21:ad:32:52:46:89:ac:8d:a3:6f:
c0:52:27:2e:ae:bb:28:77:64:21:0f:8c:84:19:4a:
8c:c1:06:fe:00:73:1e:3c:da:ee:d7:b1:aa:41:97:
08:99:38:01:5e:c9:23:c0:b6:4f:f9:86:b8:65:24:
2b:d5:4e:d7:20:8a:06:48:f4:67:bb:8d:0c:e6:03:
86:c0:38:b8:ad:e3:fd:63:46:37:b3:ce:3c:0a:78:
c9:73:9a:77:c5:82:6f:ac:2f:9e:ab:a2:8f:db:1d:
a3:a7:81:94:e9:66:b1:06:5c:f9:61:67:71:51:1d:
10:d4:e8:a9:0d:04:d6:57:01:47:f3:2f:67:0b:96:
8b:46:d9:1d:ef:f4:d7:37:4d:0b:a0:a4:06:45:c7:
1d:14:37:26:6a:0a:c8:de:75:95:83:0c:99:2a:33:
e3:35:44:9b:9a:31:7d:a9:cf:f5:e8:96:63:ee:49:
9d:c9:3e:6c:7c:d0:7a:40:1c:02:15:61:d0:13:c2:
56:77:a1:60:4d:80:90:c3:cb:38:b3:5a:ce:ee:c1:
ec:ab:79:f2:c0:4a:c2:8c:11:09:37:20:89:da:4c:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BE:D1:01:0C:FB:0D:42:18:D2:27:B2:AA:39:DB:A5:57:7C:93:C6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l77RAQz7DUIY0ieyqjnbpVd8k8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.144.0/24
213.32.250.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4f:6f:43:86:bb:31:23:dd:f6:af:e6:f7:c8:85:7f:b1:2b:
64:12:29:9d:de:be:41:87:19:35:c0:57:8a:e3:9c:41:fb:83:
66:ae:9b:ad:c3:97:81:58:46:e8:56:ea:1d:18:25:2b:b1:76:
7f:69:77:49:09:ee:27:5b:fa:a9:f3:cf:02:a1:ef:65:57:e4:
f5:0a:27:a5:8b:70:fe:d8:d6:b2:d1:81:cb:57:a8:7b:55:2b:
f0:4a:9c:72:98:44:86:bf:f0:25:73:2f:f7:ea:e6:8b:b8:91:
db:f1:4e:f5:e2:9f:fd:e3:f3:fd:b7:a0:1d:ad:72:af:fc:ec:
56:82:de:ac:df:11:d4:af:ca:6b:0b:43:49:f7:cc:9f:b8:83:
e5:73:a4:00:0a:fa:98:76:7e:c2:af:d8:6b:b0:c8:00:b5:3a:
c5:b4:3b:7d:12:54:f3:59:69:5a:17:21:c7:6c:18:45:7e:40:
90:19:e7:1b:96:8a:8a:8c:ef:5b:74:c9:cc:cb:ac:f7:c0:a7:
bd:3a:a1:61:f3:c9:e0:11:01:bf:00:3e:16:3b:7a:3e:43:36:
32:6e:87:5b:00:87:4e:61:7d:35:11:5a:4d:20:a7:26:f5:19:
6f:fb:b3:5c:db:68:53:71:ee:bb:de:b0:53:cf:aa:18:2f:5b:
2b:b6:7b:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXpBAl46r97saoOydYsN1SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI1MTMwMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JlZDEwMTBjZmIwZDQyMThkMjI3YjJhYTM5ZGJhNTU3N2M5M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWLbceOVSkAZ4KuD+G6vBYLDfBlw
7p83ikWM+hl/leHyYyGtMlJGiayNo2/AUicurrsod2QhD4yEGUqMwQb+AHMePNru
17GqQZcImTgBXskjwLZP+Ya4ZSQr1U7XIIoGSPRnu40M5gOGwDi4reP9Y0Y3s848
CnjJc5p3xYJvrC+eq6KP2x2jp4GU6WaxBlz5YWdxUR0Q1OipDQTWVwFH8y9nC5aL
Rtkd7/TXN00LoKQGRccdFDcmagrI3nWVgwyZKjPjNUSbmjF9qc/16JZj7kmdyT5s
fNB6QBwCFWHQE8JWd6FgTYCQw8s4s1rO7sHsq3nywErCjBEJNyCJ2ky+twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJe+0QEM+w1CGNInsqo526VXfJPGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbDc3UkFRejdEVUlZMGlleXFqbmJwVmQ4azhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXOQAwQA
1SD6MA0GCSqGSIb3DQEBCwUAA4IBAQCJT29DhrsxI932r+b3yIV/sStkEimd3r5B
hxk1wFeK45xB+4Nmrputw5eBWEboVuodGCUrsXZ/aXdJCe4nW/qp888Coe9lV+T1
Cieli3D+2Nay0YHLV6h7VSvwSpxymESGv/Alcy/36uaLuJHb8U714p/94/P9t6Ad
rXKv/OxWgt6s3xHUr8prC0NJ98yfuIPlc6QACvqYdn7Cr9hrsMgAtTrFtDt9ElTz
WWlaFyHHbBhFfkCQGecbloqKjO9bdMnMy6z3wKe9OqFh88ngEQG/AD4WO3o+QzYy
bodbAIdOYX01EVpNIKcm9Rlv+7Nc22hTce673rBTz6oYL1srtntG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org