Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o90htlOzPW_Y5xas6JzvlyZhq-w.roa
File: o90htlOzPW_Y5xas6JzvlyZhq-w.roa (raw, json)
Hash identifier: phG5HbGdG69t2rSjYKIj92MC3n03WLxpVRprIywifuk=
Subject key identifier: A3:DD:21:B6:53:B3:3D:6F:D8:E7:16:AC:E8:9C:EF:97:26:61:AB:EC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CEFC026
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o90htlOzPW_Y5xas6JzvlyZhq-w.roa
Signing time: Thu 13 Jan 2022 09:15:30 +0000
ROA not before: Thu 13 Jan 2022 09:15:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.198.241.0/24 maxlen: 24
185.198.243.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
45.80.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217038886 (0xcefc026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 13 09:15:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3dd21b653b33d6fd8e716ace89cef972661abec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e8:42:e9:b2:fa:9d:21:9b:2f:4a:f4:f2:a6:
f5:e3:56:48:49:18:d7:96:53:f3:5c:cd:58:39:e0:
bc:03:76:0c:00:6e:19:6c:fc:9f:46:89:7d:9b:9a:
a0:73:b8:57:b3:74:5f:10:9e:1e:e3:51:c5:5f:a3:
d7:15:79:46:50:06:3b:63:3f:54:26:3d:c2:71:01:
67:23:13:1a:13:22:3d:0a:76:f2:0e:60:31:5f:d5:
da:10:ab:63:99:69:65:fa:5a:9d:ab:ee:cd:c0:7d:
15:2f:9a:26:26:1c:f6:6e:94:f2:57:50:fb:ec:3f:
c0:ff:5b:7b:4f:6c:2f:2e:03:44:d8:1e:65:0a:87:
ee:ca:f0:83:17:76:03:2c:21:4f:d1:ba:7b:13:31:
1d:a0:e8:93:5c:31:19:c4:99:32:d8:58:00:e4:b7:
17:fe:a8:88:a0:35:0a:4b:77:98:70:31:6b:ce:04:
0b:55:84:b8:5a:f9:ec:f3:f0:5c:e0:7e:fb:ba:1b:
9f:8a:7b:ce:59:f7:63:39:c3:69:8a:d3:65:b3:bf:
9c:4b:6f:1d:79:89:b8:b8:81:66:ba:7a:3e:3b:7a:
eb:48:24:73:27:af:b8:0d:94:7a:1f:2e:b8:85:75:
b7:b4:6e:7f:61:5f:a1:62:49:60:e0:d1:94:76:12:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DD:21:B6:53:B3:3D:6F:D8:E7:16:AC:E8:9C:EF:97:26:61:AB:EC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o90htlOzPW_Y5xas6JzvlyZhq-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.192.69.0/24
185.198.241.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3f:6e:9b:2b:07:43:3e:b2:07:2b:62:5a:2f:8c:e2:19:8a:
44:5b:db:43:16:e9:b4:bd:59:0f:bb:44:89:1f:e1:a3:b3:bc:
53:a4:32:a5:7f:4a:d1:9d:64:11:21:e2:c9:85:d7:a5:6f:d9:
89:ac:26:50:06:a7:3f:a2:d0:9a:49:1e:5f:3d:4a:e5:9e:b9:
a7:a9:17:9e:02:8e:d4:27:3c:fb:ca:44:a0:de:20:1b:bd:91:
85:19:84:9b:90:5d:12:e4:97:28:30:83:29:7a:27:fc:70:67:
21:c4:66:08:4a:c4:1e:ef:6d:59:11:e1:5a:e0:f9:1a:8d:4f:
b8:4b:d4:9d:12:9e:5e:11:d5:ac:2f:5f:b3:23:82:2d:66:c8:
5c:aa:e7:dc:f5:82:8c:77:22:c0:39:13:67:9e:d0:da:17:31:
cc:c9:d1:b6:3e:85:2c:60:b8:cf:61:c8:c0:af:81:f1:92:32:
df:20:b2:0c:14:e3:ca:41:47:68:c9:19:ff:86:fc:28:cd:9d:
1f:7b:98:fd:22:8d:1c:29:0a:57:5d:05:c0:f2:00:83:6e:48:
a7:ab:15:d3:ad:18:70:07:7a:bf:b9:40:4a:78:ce:42:03:00:
62:5f:e9:38:88:8a:b8:eb:64:8b:85:3d:5a:f9:51:d5:54:fc:
63:a5:35:f9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDO/AJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEx
MzA5MTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNkZDIxYjY1M2Iz
M2Q2ZmQ4ZTcxNmFjZTg5Y2VmOTcyNjYxYWJlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPoQumy+p0hmy9K9PKm9eNWSEkY15ZT81zNWDngvAN2DABu
GWz8n0aJfZuaoHO4V7N0XxCeHuNRxV+j1xV5RlAGO2M/VCY9wnEBZyMTGhMiPQp2
8g5gMV/V2hCrY5lpZfpanavuzcB9FS+aJiYc9m6U8ldQ++w/wP9be09sLy4DRNge
ZQqH7srwgxd2AywhT9G6exMxHaDok1wxGcSZMthYAOS3F/6oiKA1Ckt3mHAxa84E
C1WEuFr57PPwXOB++7obn4p7zln3YznDaYrTZbO/nEtvHXmJuLiBZrp6Pjt660gk
cyevuA2Ueh8uuIV1t7Ruf2FfoWJJYODRlHYSonsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSj3SG2U7M9b9jnFqzonO+XJmGr7DAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L285MGh0bE96UFdfWTV4YXM2Snp2bHlaaHEtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1QnQMEALnARQMEALnG8QMEALnG
8wMEALnZdTANBgkqhkiG9w0BAQsFAAOCAQEAOT9umysHQz6yBytiWi+M4hmKRFvb
QxbptL1ZD7tEiR/ho7O8U6QypX9K0Z1kESHiyYXXpW/ZiawmUAanP6LQmkkeXz1K
5Z65p6kXngKO1Cc8+8pEoN4gG72RhRmEm5BdEuSXKDCDKXon/HBnIcRmCErEHu9t
WRHhWuD5Go1PuEvUnRKeXhHVrC9fsyOCLWbIXKrn3PWCjHciwDkTZ57Q2hcxzMnR
tj6FLGC4z2HIwK+B8ZIy3yCyDBTjykFHaMkZ/4b8KM2dH3uY/SKNHCkKV10FwPIA
g25Ip6sV060YcAd6v7lASnjOQgMAYl/pOIiKuOtki4U9WvlR1VT8Y6U1+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org