Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t533V_LIf3X7_W7RZyd9Xd0mguI.roa
File: t533V_LIf3X7_W7RZyd9Xd0mguI.roa (raw, json)
Hash identifier: 8vv9Xoc/8cYAz/06Z6RLbdsKVHtYDIWr8yU2OFmrDGM=
Subject key identifier: B7:9D:F7:57:F2:C8:7F:75:FB:FD:6E:D1:67:27:7D:5D:DD:26:82:E2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018606E4926A00AED0BDFA32B8C071DEA144
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t533V_LIf3X7_W7RZyd9Xd0mguI.roa
Signing time: Tue 31 Jan 2023 08:14:48 +0000
ROA not before: Tue 31 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 185.115.147.0/24 maxlen: 24
45.130.201.0/24 maxlen: 24
77.75.61.0/24 maxlen: 24
185.244.138.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:e4:92:6a:00:ae:d0:bd:fa:32:b8:c0:71:de:a1:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 31 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b79df757f2c87f75fbfd6ed167277d5ddd2682e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:86:5f:05:9e:2c:a5:33:b3:a4:fc:5a:1c:
e7:05:97:1d:32:f5:b7:5c:40:37:00:73:eb:40:77:
f4:ff:12:96:79:ab:30:2a:4a:f9:7b:b3:91:96:2e:
29:1c:f9:8e:d5:8f:c4:d2:36:d4:b5:ce:c6:c4:0f:
de:e4:e4:ee:e2:4f:79:9a:86:87:0b:23:0c:3b:4c:
42:3a:43:29:86:8e:b0:90:31:45:0f:7e:34:63:17:
0f:de:db:04:18:1f:a5:22:29:a7:5c:a9:de:a4:2f:
de:a5:11:b4:97:f5:79:51:ff:68:6b:c9:e6:f1:c5:
14:98:7a:93:18:e0:78:a2:9f:7f:5f:da:8c:d3:55:
d0:82:73:b1:2f:32:10:61:59:ca:fd:67:b1:0b:7b:
38:03:00:98:6a:2c:35:67:d6:d6:05:53:09:63:d8:
1c:c0:62:dc:dc:e6:34:1e:54:28:6a:7e:47:3b:c3:
b1:ba:7b:d4:0b:2a:2f:ba:a3:81:15:c4:aa:6e:b0:
56:a4:1c:a4:37:e3:77:b1:6f:a4:cc:78:73:bc:c1:
fc:75:69:0e:cd:5b:2b:b7:dd:07:f1:b4:73:23:32:
3c:82:8a:f0:3b:40:31:87:19:d0:66:1d:3a:66:f0:
dd:91:2d:f0:15:6e:c1:ba:22:6b:9f:43:ea:da:ea:
3b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:9D:F7:57:F2:C8:7F:75:FB:FD:6E:D1:67:27:7D:5D:DD:26:82:E2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t533V_LIf3X7_W7RZyd9Xd0mguI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.201.0/24
77.75.61.0/24
185.115.147.0/24
185.244.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:6e:aa:cb:26:22:96:b1:78:0d:e3:de:01:c8:d7:ed:d0:b3:
8e:58:c1:ca:70:58:c5:7d:5d:7d:1b:15:89:13:74:61:fe:ff:
f0:4b:f2:be:3f:6b:77:08:1a:8e:8f:4a:cb:0e:5f:2e:ef:66:
62:4e:66:41:b8:0b:95:39:b8:b2:48:11:85:05:c2:4f:b0:ce:
5d:5a:eb:53:af:85:19:54:9c:85:1e:53:f3:61:99:9d:d1:84:
f7:06:c3:ec:47:c5:aa:9e:6c:24:01:1b:69:84:a8:ca:6c:00:
f9:71:05:f0:5c:d1:33:80:2f:bc:90:3e:9b:f4:dc:ef:8a:a3:
25:76:d7:30:7c:67:3d:e4:ae:6e:6b:2c:73:59:0f:36:93:5a:
cb:00:0e:bc:d4:7e:7c:ed:59:36:fc:59:6f:12:5c:e6:1c:f3:
c7:6b:93:62:39:29:12:53:b7:b1:02:0c:f0:4e:9f:11:64:c7:
14:f7:4c:c1:9f:79:59:67:a7:d8:34:65:f7:e3:ab:24:8e:ff:
7f:e2:27:50:cd:30:32:d0:a4:b1:f5:6c:ab:0f:3f:da:e9:63:
4a:d7:22:88:1c:6a:84:ea:14:05:68:9e:af:b1:28:a2:79:1f:
20:45:6e:58:82:31:b6:b8:38:2c:41:d6:49:15:4a:e0:37:ce:
8d:74:fc:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYG5JJqAK7QvfoyuMBx3qFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzlkZjc1N2YyYzg3Zjc1ZmJmZDZlZDE2NzI3N2Q1ZGRkMjY4MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/WGXwWeLKUzs6T8WhznBZcdMvW3
XEA3AHPrQHf0/xKWeaswKkr5e7ORli4pHPmO1Y/E0jbUtc7GxA/e5OTu4k95moaH
CyMMO0xCOkMpho6wkDFFD340YxcP3tsEGB+lIimnXKnepC/epRG0l/V5Uf9oa8nm
8cUUmHqTGOB4op9/X9qM01XQgnOxLzIQYVnK/WexC3s4AwCYaiw1Z9bWBVMJY9gc
wGLc3OY0HlQoan5HO8OxunvUCyovuqOBFcSqbrBWpBykN+N3sW+kzHhzvMH8dWkO
zVsrt90H8bRzIzI8gorwO0AxhxnQZh06ZvDdkS3wFW7BuiJrn0Pq2uo75wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLed91fyyH91+/1u0WcnfV3dJoLiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdDUzM1ZfTElmM1g3X1c3Ulp5ZDlYZDBtZ3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYLJAwQA
TUs9AwQAuXOTAwQAufSKMA0GCSqGSIb3DQEBCwUAA4IBAQAtbqrLJiKWsXgN494B
yNft0LOOWMHKcFjFfV19GxWJE3Rh/v/wS/K+P2t3CBqOj0rLDl8u72ZiTmZBuAuV
ObiySBGFBcJPsM5dWutTr4UZVJyFHlPzYZmd0YT3BsPsR8WqnmwkARtphKjKbAD5
cQXwXNEzgC+8kD6b9NzviqMldtcwfGc95K5uayxzWQ82k1rLAA681H587Vk2/Flv
ElzmHPPHa5NiOSkSU7exAgzwTp8RZMcU90zBn3lZZ6fYNGX346skjv9/4idQzTAy
0KSx9WyrDz/a6WNK1yKIHGqE6hQFaJ6vsSiieR8gRW5YgjG2uDgsQdZJFUrgN86N
dPz0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org