Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/q3K26qufL0msb2HOSIidXMy_A4Q.roa
File: q3K26qufL0msb2HOSIidXMy_A4Q.roa (raw, json)
Hash identifier: V1bNs6gRcdRsZAok8GFOofheiksRSX9Mba/zS3VE3/Q=
Subject key identifier: AB:72:B6:EA:AB:9F:2F:49:AC:6F:61:CE:48:88:9D:5C:CC:BF:03:84
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01893627E35CBF268ECD13F6AB98AA15EAD7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/q3K26qufL0msb2HOSIidXMy_A4Q.roa
Signing time: Sat 08 Jul 2023 15:38:51 +0000
ROA not before: Sat 08 Jul 2023 15:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:36:27:e3:5c:bf:26:8e:cd:13:f6:ab:98:aa:15:ea:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 8 15:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab72b6eaab9f2f49ac6f61ce48889d5cccbf0384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d0:f5:58:cc:fd:09:3c:b8:21:05:5b:b3:46:
11:a7:8b:62:40:21:9c:a9:de:53:db:85:1e:72:7f:
f1:64:1e:17:23:99:9c:e0:91:0d:22:7d:87:59:88:
71:c5:0c:18:42:ba:d0:e1:53:15:25:e0:31:fd:e5:
f7:73:01:04:40:e5:90:14:02:36:19:1c:68:a0:45:
33:5f:c4:3b:fa:f9:58:14:ea:d4:49:d8:27:ca:3b:
0c:a8:45:fc:f3:b1:88:6b:6f:2e:18:22:22:3d:6b:
ab:d5:6d:d6:9e:8c:e9:27:34:66:5c:a4:da:44:c8:
f4:d2:db:31:11:66:39:c1:61:3a:2d:fe:4d:7a:30:
e2:37:23:03:81:ea:da:d8:27:0d:0d:ab:77:eb:c6:
f2:85:26:02:67:c9:14:6d:93:46:dc:a3:fb:46:a5:
b9:16:73:36:2b:84:44:7b:22:29:9a:c5:2c:89:5f:
e4:a6:cf:94:87:bf:e6:67:87:d5:1e:40:3e:04:a0:
a7:0e:a2:38:84:68:18:89:e8:37:79:12:e2:45:f4:
da:67:3e:c2:e2:4e:26:a2:9b:7e:29:6d:ee:03:90:
ec:e0:ae:5e:2d:53:05:f7:3d:2c:bf:07:e3:05:12:
e0:d0:83:f1:18:22:f4:23:4a:b6:9d:51:21:ab:36:
c1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:72:B6:EA:AB:9F:2F:49:AC:6F:61:CE:48:88:9D:5C:CC:BF:03:84
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/q3K26qufL0msb2HOSIidXMy_A4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.214.0/24
193.23.128.0/23
213.232.92.0/23
Signature Algorithm: sha256WithRSAEncryption
23:33:57:d8:4e:db:25:3d:bb:85:ed:1a:e1:4a:8d:33:f5:b5:
f6:bc:b2:e1:02:50:21:6b:63:33:7e:b4:ac:04:01:1e:61:50:
6f:5b:b6:ca:f1:5a:06:81:0d:aa:ad:80:fa:75:e8:aa:40:c3:
51:c2:62:f1:44:36:d7:41:16:0e:33:cd:8b:00:c1:36:4a:c5:
11:90:1e:8d:77:ff:96:4c:42:28:9a:6d:db:73:5a:c6:9f:7d:
18:d0:ec:7a:56:a3:d2:25:71:11:02:d5:4b:99:a1:2d:cc:3c:
53:ff:19:b0:6d:68:da:cc:f2:03:47:a9:90:90:95:4f:97:86:
4d:22:07:ba:d2:0f:06:5d:cf:03:03:0b:33:95:8b:0b:61:86:
37:9e:46:ec:d9:d4:5c:d1:06:5a:16:0b:6d:50:1d:cf:e9:e8:
29:44:f5:3d:82:e2:b4:28:9d:50:75:d6:ba:a6:30:fb:da:16:
ec:2b:e1:81:5e:2d:a8:f1:50:47:f7:6c:e4:65:da:ea:9d:55:
4c:57:a1:fe:0c:21:03:76:6b:d1:79:74:99:7a:c8:7e:5d:41:
09:5e:78:19:a1:4e:3e:7a:d2:e7:11:e3:0b:0c:58:4e:d4:ce:
cb:38:b1:d5:8b:f2:81:0d:c6:ad:aa:e3:05:b9:f3:56:d2:4a:
db:09:4c:5f
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYk2J+NcvyaOzRP2q5iqFerXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA4MTUzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjcyYjZlYWFiOWYyZjQ5YWM2ZjYxY2U0ODg4OWQ1Y2NjYmYwMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9tD1WMz9CTy4IQVbs0YRp4tiQCGc
qd5T24Uecn/xZB4XI5mc4JENIn2HWYhxxQwYQrrQ4VMVJeAx/eX3cwEEQOWQFAI2
GRxooEUzX8Q7+vlYFOrUSdgnyjsMqEX887GIa28uGCIiPWur1W3WnozpJzRmXKTa
RMj00tsxEWY5wWE6Lf5NejDiNyMDgera2CcNDat368byhSYCZ8kUbZNG3KP7RqW5
FnM2K4REeyIpmsUsiV/kps+Uh7/mZ4fVHkA+BKCnDqI4hGgYieg3eRLiRfTaZz7C
4k4mopt+KW3uA5Ds4K5eLVMF9z0svwfjBRLg0IPxGCL0I0q2nVEhqzbBpwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFKtytuqrny9JrG9hzkiInVzMvwOEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcTNLMjZxdWZMMG1zYjJIT1NJaWRYTXlfQTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
AbzUhAMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gME
Abzw6AMEALzxbgMEALzx1gMEAcEXgAMEAdXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
IzNX2E7bJT27he0a4UqNM/W19ryy4QJQIWtjM360rAQBHmFQb1u2yvFaBoENqq2A
+nXoqkDDUcJi8UQ210EWDjPNiwDBNkrFEZAejXf/lkxCKJpt23Naxp99GNDselaj
0iVxEQLVS5mhLcw8U/8ZsG1o2szyA0epkJCVT5eGTSIHutIPBl3PAwMLM5WLC2GG
N55G7NnUXNEGWhYLbVAdz+noKUT1PYLitCidUHXWuqYw+9oW7CvhgV4tqPFQR/ds
5GXa6p1VTFeh/gwhA3Zr0Xl0mXrIfl1BCV54GaFOPnrS5xHjCwxYTtTOyzix1Yvy
gQ3GrarjBbnzVtJK2wlMXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org