Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2BvcyG-j8sLziVrKYvH3cOEy38.roa
File: r2BvcyG-j8sLziVrKYvH3cOEy38.roa (raw, json)
Hash identifier: xHI9rqjEm54BTBCikHm2GIH+1DYoclaofnncB/oObUs=
Subject key identifier: AF:60:6F:73:21:BE:8F:CB:0B:CE:25:6B:29:8B:C7:DD:C3:84:CB:7F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186B5975C8D719834E0A85BCE75B31A73A3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2BvcyG-j8sLziVrKYvH3cOEy38.roa
Signing time: Mon 06 Mar 2023 06:24:00 +0000
ROA not before: Mon 06 Mar 2023 06:24:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 178.239.201.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.103.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:97:5c:8d:71:98:34:e0:a8:5b:ce:75:b3:1a:73:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 6 06:24:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af606f7321be8fcb0bce256b298bc7ddc384cb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5b:80:d1:91:bc:cb:6a:ae:69:31:5d:84:af:
1a:08:54:78:c1:32:e6:be:ae:25:eb:36:b1:cf:68:
95:3d:a4:df:09:24:70:75:c7:e2:c3:63:f8:53:5f:
ef:80:62:fb:bb:65:5c:cb:a0:f6:de:f5:a4:41:34:
ae:d9:50:3f:98:85:ce:dc:28:7f:ad:a1:56:8d:97:
bf:dd:4c:e2:9f:de:a0:06:8c:b6:e0:f8:3e:c3:7e:
9c:5c:db:fa:4d:32:a2:a8:66:7f:b1:b6:b8:a6:90:
88:26:32:6f:15:54:f6:91:99:e2:9f:1a:51:15:5f:
59:2b:9d:40:72:10:77:8a:e3:93:8a:63:fd:ea:d3:
e5:9f:c3:b4:3d:2a:bc:d0:fd:3c:e1:41:e3:c0:21:
5c:e2:99:64:71:0a:98:73:27:ae:f2:ac:df:4a:49:
61:a8:7a:09:b5:e7:35:0b:c4:0d:db:8c:26:d6:c1:
c8:34:11:46:2d:cc:68:c3:00:24:ed:a9:ae:7d:9e:
0b:74:a2:62:e5:8a:3d:88:b2:00:a3:a1:66:a4:41:
5f:79:95:a1:33:3c:2c:83:6b:3c:67:7f:05:d3:e9:
05:8a:c4:13:b5:e4:a8:af:42:ba:c7:e2:fa:b9:bb:
43:61:70:dc:ab:50:62:67:85:36:87:30:67:0a:51:
f4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:60:6F:73:21:BE:8F:CB:0B:CE:25:6B:29:8B:C7:DD:C3:84:CB:7F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2BvcyG-j8sLziVrKYvH3cOEy38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.201.0/24
185.103.75.0/24
185.229.107.0/24
185.230.250.0/24
193.42.54.0/23
Signature Algorithm: sha256WithRSAEncryption
94:2e:38:9e:54:bc:dc:2f:b3:ea:81:04:08:00:34:d1:26:2e:
33:c1:e1:66:1c:f1:0e:d2:f3:fa:32:8e:f9:7a:e2:e3:ae:b6:
90:db:a1:6d:35:f5:74:62:d9:e6:55:38:5a:da:fa:c8:7c:20:
8f:05:5a:24:d0:c9:ac:23:4a:c6:a4:6f:aa:24:29:fe:43:f7:
75:a9:50:d1:06:ce:0e:92:14:8e:d4:e0:14:ac:86:4c:1d:3d:
90:2a:43:fb:5b:1c:a9:d8:10:fa:c7:01:a3:12:67:9c:f8:cf:
4e:90:5b:1c:ae:4e:85:be:42:82:df:3d:8a:ba:10:6c:d9:98:
bb:f1:cd:d6:c3:19:81:c7:2f:a4:fe:64:32:46:9a:16:24:a4:
c8:24:0d:46:c2:8b:51:ae:ab:7b:e1:b4:36:85:19:bf:e5:60:
61:f2:a4:f4:d0:fc:a7:be:80:3b:80:51:72:81:f0:9d:d0:c5:
2a:e4:fd:8d:2d:74:77:bb:6f:a6:84:98:51:cb:b4:2e:be:e3:
7b:24:1d:48:2d:86:a8:13:49:54:5f:c9:40:05:cb:0d:65:50:
e9:1a:aa:fa:b6:13:9b:88:77:42:bb:cd:8c:14:2f:b5:1d:61:
da:a3:c6:c2:db:90:60:46:4d:7a:7e:23:99:14:09:65:13:91:
93:47:1b:71
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYa1l1yNcZg04KhbznWzGnOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA2MDYyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjYwNmY3MzIxYmU4ZmNiMGJjZTI1NmIyOThiYzdkZGMzODRjYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVuA0ZG8y2quaTFdhK8aCFR4wTLm
vq4l6zaxz2iVPaTfCSRwdcfiw2P4U1/vgGL7u2Vcy6D23vWkQTSu2VA/mIXO3Ch/
raFWjZe/3Uzin96gBoy24Pg+w36cXNv6TTKiqGZ/sba4ppCIJjJvFVT2kZninxpR
FV9ZK51AchB3iuOTimP96tPln8O0PSq80P084UHjwCFc4plkcQqYcyeu8qzfSklh
qHoJtec1C8QN24wm1sHINBFGLcxowwAk7amufZ4LdKJi5Yo9iLIAo6FmpEFfeZWh
Mzwsg2s8Z38F0+kFisQTteSor0K6x+L6ubtDYXDcq1BiZ4U2hzBnClH0GwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK9gb3Mhvo/LC84laymLx93DhMt/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcjJCdmN5Ry1qOHNMemlWcktZdkgzY09FeTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsu/JAwQA
uWdLAwQAueVrAwQAueb6AwQBwSo2MA0GCSqGSIb3DQEBCwUAA4IBAQCULjieVLzc
L7PqgQQIADTRJi4zweFmHPEO0vP6Mo75euLjrraQ26FtNfV0YtnmVTha2vrIfCCP
BVok0MmsI0rGpG+qJCn+Q/d1qVDRBs4OkhSO1OAUrIZMHT2QKkP7Wxyp2BD6xwGj
Emec+M9OkFscrk6FvkKC3z2KuhBs2Zi78c3WwxmBxy+k/mQyRpoWJKTIJA1GwotR
rqt74bQ2hRm/5WBh8qT00PynvoA7gFFygfCd0MUq5P2NLXR3u2+mhJhRy7QuvuN7
JB1ILYaoE0lUX8lABcsNZVDpGqr6thObiHdCu82MFC+1HWHao8bC25BgRk16fiOZ
FAllE5GTRxtx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org