Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m7k8vUddndGFl142vd2d3swiF4o.roa
File: m7k8vUddndGFl142vd2d3swiF4o.roa (raw, json)
Hash identifier: LgNPBexK9OltCof1NNo6DBJbArZPV7ZIzzULjf/4mEU=
Subject key identifier: 9B:B9:3C:BD:47:5D:9D:D1:85:97:5E:36:BD:DD:9D:DE:CC:22:17:8A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186AB3EBDDF7691C6F55A0A8B49830A667C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m7k8vUddndGFl142vd2d3swiF4o.roa
Signing time: Sat 04 Mar 2023 06:11:01 +0000
ROA not before: Sat 04 Mar 2023 06:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 93.115.254.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
193.42.52.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
91.188.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ab:3e:bd:df:76:91:c6:f5:5a:0a:8b:49:83:0a:66:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 4 06:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bb93cbd475d9dd185975e36bddd9ddecc22178a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:7f:a7:7f:51:72:9e:4b:3b:24:0a:51:47:
18:6d:93:d1:a1:55:47:04:af:9f:6a:f1:52:33:68:
db:45:f7:13:c0:3e:bd:b0:02:64:87:54:5d:ea:be:
39:20:14:66:01:dc:43:e1:66:6f:1f:26:0a:8e:e3:
cd:bf:7a:55:fa:1d:8a:07:3a:76:fb:23:f6:0b:ca:
24:76:7d:bd:eb:ef:3f:cd:11:ae:bf:5a:bb:d9:38:
7a:c7:fe:e2:d4:be:4d:48:7b:46:64:1f:92:3c:93:
da:72:f6:67:b8:ad:28:c0:79:b4:2e:c2:63:9f:de:
c4:f0:da:c9:8c:8b:62:a7:ee:15:cd:2b:7d:f4:f6:
45:ea:e7:11:fa:3a:1d:d6:84:d1:3b:aa:10:dc:4d:
09:7a:7a:b2:22:fb:e2:08:bb:f0:47:51:db:b0:67:
a9:72:c3:a5:a2:84:f1:d7:7c:f4:05:bf:ea:95:4f:
9b:03:30:a1:f6:7e:18:7f:14:49:4a:ab:88:9e:6f:
fe:a7:3e:59:e4:b6:4e:36:c3:2c:9b:9e:f8:3e:ec:
fc:9a:e9:72:b9:a6:43:dd:4b:83:48:77:a4:3f:53:
66:62:19:56:53:55:78:64:7b:76:22:58:be:07:0f:
80:1e:07:2c:10:57:f3:ec:42:c2:e2:e0:c1:b7:99:
8c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B9:3C:BD:47:5D:9D:D1:85:97:5E:36:BD:DD:9D:DE:CC:22:17:8A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m7k8vUddndGFl142vd2d3swiF4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/24
89.40.76.0/24
91.188.204.0/24
93.115.254.0/23
94.176.110.0/24
185.103.72.0/24
185.238.10.0/24
185.241.210.0/23
185.255.169.0-185.255.171.255
188.212.133.0/24
193.42.52.0/24
Signature Algorithm: sha256WithRSAEncryption
06:d3:4d:aa:7f:b1:de:85:b3:d6:ef:82:1e:8b:6c:c8:45:b4:
61:c1:66:7f:71:e8:a2:2f:2e:28:63:fa:0b:a7:84:d4:48:90:
a5:38:cc:d9:aa:fc:b2:b7:6d:fa:bd:e2:b3:49:e7:57:6e:d0:
8b:b8:3e:f5:6c:34:08:58:18:3f:86:5d:10:26:08:1d:46:28:
cb:75:7d:c5:75:f2:3a:c3:a6:09:74:0b:54:38:1e:d2:1e:7f:
19:a4:66:64:e9:18:4d:94:83:87:3e:ad:af:75:df:02:bb:0f:
a4:bb:b8:01:ea:6c:51:e3:b6:2e:b5:43:e8:17:26:3f:ca:65:
ad:2f:aa:19:bc:b3:0a:46:85:15:e4:11:dc:e6:fb:bd:67:59:
39:0e:be:89:92:4b:1b:2c:67:5e:77:21:2a:da:d7:94:aa:a1:
8c:8c:6e:06:08:9d:e0:f4:9b:ce:7f:1f:48:0f:2c:e4:c1:ba:
06:d4:e9:b0:83:0f:84:c4:66:12:4c:ab:9c:dd:8c:52:26:8b:
62:90:db:ae:17:46:f1:0a:f3:75:47:72:da:26:c4:f1:d7:2d:
dc:0e:3d:bc:8d:b0:fa:38:49:dd:16:33:02:ee:40:c7:20:ac:
5d:b0:83:b5:c7:62:c9:01:bd:7c:55:04:d6:13:0c:db:9f:38:
f2:36:f9:25
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYarPr3fdpHG9VoKi0mDCmZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA0MDYxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI5M2NiZDQ3NWQ5ZGQxODU5NzVlMzZiZGRkOWRkZWNjMjIxNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8t/p39Rcp5LOyQKUUcYbZPRoVVH
BK+favFSM2jbRfcTwD69sAJkh1Rd6r45IBRmAdxD4WZvHyYKjuPNv3pV+h2KBzp2
+yP2C8okdn296+8/zRGuv1q72Th6x/7i1L5NSHtGZB+SPJPacvZnuK0owHm0LsJj
n97E8NrJjItip+4VzSt99PZF6ucR+jod1oTRO6oQ3E0JenqyIvviCLvwR1HbsGep
csOlooTx13z0Bb/qlU+bAzCh9n4YfxRJSquInm/+pz5Z5LZONsMsm574Puz8muly
uaZD3UuDSHekP1NmYhlWU1V4ZHt2Ili+Bw+AHgcsEFfz7ELC4uDBt5mMMwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJu5PL1HXZ3RhZdeNr3dnd7MIheKMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbTdrOHZVZGRuZEdGbDE0MnZkMmQzc3dpRjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAV/eUAwQA
WShMAwQAW7zMAwQBXXP+AwQAXrBuAwQAuWdIAwQAue4KAwQBufHSMAwDBAC5/6kD
BAK5/6gDBAC81IUDBADBKjQwDQYJKoZIhvcNAQELBQADggEBAAbTTap/sd6Fs9bv
gh6LbMhFtGHBZn9x6KIvLihj+gunhNRIkKU4zNmq/LK3bfq94rNJ51du0Iu4PvVs
NAhYGD+GXRAmCB1GKMt1fcV18jrDpgl0C1Q4HtIefxmkZmTpGE2Ug4c+ra913wK7
D6S7uAHqbFHjti61Q+gXJj/KZa0vqhm8swpGhRXkEdzm+71nWTkOvomSSxssZ153
ISra15SqoYyMbgYIneD0m85/H0gPLOTBugbU6bCDD4TEZhJMq5zdjFImi2KQ264X
RvEK83VHctomxPHXLdwOPbyNsPo4Sd0WMwLuQMcgrF2wg7XHYskBvXxVBNYTDNuf
OPI2+SU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org