Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qBnOKrizBrLJiZUlBXGA2UpdyTI.roa
File: qBnOKrizBrLJiZUlBXGA2UpdyTI.roa (raw, json)
Hash identifier: 8oi8iOrktR+mcOKkcnK5YwCDuVKVOd+JEtCzPyr2ZGw=
Subject key identifier: A8:19:CE:2A:B8:B3:06:B2:C9:89:95:25:05:71:80:D9:4A:5D:C9:32
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018876291ABBDA8FF595551B050D16CA52AA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qBnOKrizBrLJiZUlBXGA2UpdyTI.roa
Signing time: Thu 01 Jun 2023 08:53:05 +0000
ROA not before: Thu 01 Jun 2023 08:53:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.115.146.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:29:1a:bb:da:8f:f5:95:55:1b:05:0d:16:ca:52:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 1 08:53:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a819ce2ab8b306b2c9899525057180d94a5dc932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:db:fb:32:f0:08:9d:ea:75:5a:64:44:c6:
4f:86:7d:79:d2:31:d9:c3:79:e3:18:f0:f1:e6:0b:
4e:17:6f:9c:82:52:4c:a7:80:a5:db:64:31:ed:cc:
f9:a9:a2:68:6d:0f:4d:47:e9:d6:ca:17:89:81:00:
a9:e1:fd:78:64:89:87:5b:9a:e8:26:38:46:d9:82:
10:f0:74:ce:b1:77:ca:c7:76:35:ba:54:17:e5:e7:
73:78:71:52:aa:48:4b:ed:97:ed:fb:71:6b:8c:5e:
f0:1b:c8:2a:08:07:9d:ee:23:3a:60:20:34:49:5f:
93:40:d3:06:ce:42:42:93:6c:b2:9d:96:f8:99:04:
34:92:d7:9d:2a:89:f5:f3:ba:69:b1:41:05:22:48:
bf:7f:ca:ee:7e:71:6d:2a:bc:c0:f5:fa:d7:65:06:
69:a1:8e:6d:62:17:2a:86:96:9d:b8:ff:af:91:23:
ab:6c:51:b3:15:aa:8f:82:ee:75:55:36:d5:c8:d4:
7f:ca:6d:67:2c:25:d0:60:fc:28:4a:cf:fd:1e:16:
8c:96:09:f6:6b:0c:2d:e7:9d:54:e8:b1:23:f9:3a:
fc:a9:79:7b:18:48:89:6f:02:36:22:13:15:47:66:
f8:47:45:e7:1a:3b:67:db:08:15:ae:12:bc:69:ee:
70:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:19:CE:2A:B8:B3:06:B2:C9:89:95:25:05:71:80:D9:4A:5D:C9:32
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qBnOKrizBrLJiZUlBXGA2UpdyTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/24
78.142.242.0/23
89.43.208.0/24
89.43.210.0/23
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.200.0/24
178.239.203.0/24
185.9.54.0/24
185.103.73.0/24
185.103.75.0/24
185.115.144.0-185.115.146.255
185.121.228.0/24
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
67:94:38:35:98:bd:86:2f:ad:cc:b0:2f:d7:4d:3a:cd:c1:85:
c7:fe:5e:a0:97:a6:ff:05:8a:1d:b9:ac:a5:9c:b0:5e:f0:c4:
7d:bd:80:f3:f5:5b:8a:90:ee:07:2c:c0:64:22:71:70:9f:fe:
d7:5e:99:97:0c:dd:1f:33:3d:50:91:74:a4:b7:47:a6:e9:3e:
a0:bc:bf:57:4c:a4:9d:f2:9e:a2:67:2e:7e:95:0f:c5:6a:02:
c0:cf:d5:c8:60:ef:69:ff:be:4e:17:33:72:1f:93:54:85:0a:
51:e1:c3:a9:31:41:2a:f6:36:eb:a3:ff:14:02:58:7f:5c:b5:
42:3c:42:4b:48:82:12:9f:45:d8:70:b5:d2:fc:1a:75:c9:9f:
ff:b1:1f:76:32:61:7a:23:ac:c0:4d:3d:1d:39:b0:be:65:82:
31:72:56:9b:13:01:2b:63:b0:57:a3:ae:04:08:65:3c:c8:78:
3b:48:6a:da:ca:8d:6b:9d:e3:58:68:0f:83:e8:a5:47:e1:4f:
6c:8c:7d:6e:a6:ce:3d:68:76:96:d1:bb:0c:58:27:37:64:17:
59:0b:69:91:73:9a:d3:22:3f:ab:4e:60:8e:91:1f:73:3c:93:
ed:5e:54:70:83:42:b6:83:d3:ff:6b:d5:a9:51:be:70:6c:b3:
9e:91:0c:37
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYh2KRq72o/1lVUbBQ0WylKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjAxMDg1MzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE5Y2UyYWI4YjMwNmIyYzk4OTk1MjUwNTcxODBkOTRhNWRjOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuubb+zLwCJ3qdVpkRMZPhn150jHZ
w3njGPDx5gtOF2+cglJMp4Cl22Qx7cz5qaJobQ9NR+nWyheJgQCp4f14ZImHW5ro
JjhG2YIQ8HTOsXfKx3Y1ulQX5edzeHFSqkhL7Zft+3FrjF7wG8gqCAed7iM6YCA0
SV+TQNMGzkJCk2yynZb4mQQ0ktedKon187ppsUEFIki/f8rufnFtKrzA9frXZQZp
oY5tYhcqhpaduP+vkSOrbFGzFaqPgu51VTbVyNR/ym1nLCXQYPwoSs/9HhaMlgn2
awwt551U6LEj+Tr8qXl7GEiJbwI2IhMVR2b4R0XnGjtn2wgVrhK8ae5wzQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFKgZziq4swayyYmVJQVxgNlKXckyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcUJuT0tyaXpCckxKaVpVbEJYR0EyVXBkeVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQwDAME
Ay2fmAMEAC2fmgMEAD7FhAMEAD7FhwMEAE1LPAMEAE1LPgMEAU6O8gMEAFkr0AME
AVkr0gMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/IAwQAsu/LAwQAuQk2AwQAuWdJ
AwQAuWdLMAwDBAS5c5ADBAC5c5IDBAC5eeQDBAG5eeYDBAK55WgDBAG55vgDBAG5
7D4wDAMEArn17AMEALn17gMEAsCm1AMEAMETagMEAMEqNAMEAcEqNgMEAcIEnAME
AMIEnwMEAMsACAMEANUg+TANBgkqhkiG9w0BAQsFAAOCAQEAZ5Q4NZi9hi+tzLAv
1006zcGFx/5eoJem/wWKHbmspZywXvDEfb2A8/VbipDuByzAZCJxcJ/+116Zlwzd
HzM9UJF0pLdHpuk+oLy/V0yknfKeomcufpUPxWoCwM/VyGDvaf++Thczch+TVIUK
UeHDqTFBKvY266P/FAJYf1y1QjxCS0iCEp9F2HC10vwadcmf/7EfdjJheiOswE09
HTmwvmWCMXJWmxMBK2OwV6OuBAhlPMh4O0hq2sqNa53jWGgPg+ilR+FPbIx9bqbO
PWh2ltG7DFgnN2QXWQtpkXOa0yI/q05gjpEfczyT7V5UcINCtoPT/2vVqVG+cGyz
npEMNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org