Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wcf2uPm4MIaSoOHD0RR_re4UnZQ.roa
File: wcf2uPm4MIaSoOHD0RR_re4UnZQ.roa (raw, json)
Hash identifier: vAnZc8pWB9proErql9MMSHLGW4fOWouvBvtZRLaFprY=
Subject key identifier: C1:C7:F6:B8:F9:B8:30:86:92:A0:E1:C3:D1:14:7F:AD:EE:14:9D:94
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018976C71B57B2DA3E4BC1B4837DEEE956C9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wcf2uPm4MIaSoOHD0RR_re4UnZQ.roa
Signing time: Fri 21 Jul 2023 04:48:27 +0000
ROA not before: Fri 21 Jul 2023 04:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:76:c7:1b:57:b2:da:3e:4b:c1:b4:83:7d:ee:e9:56:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 21 04:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1c7f6b8f9b8308692a0e1c3d1147fadee149d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c3:c7:ea:03:17:78:df:0c:a7:a4:11:86:99:
e4:59:ca:3b:1a:1e:54:51:cf:99:39:d4:f7:86:12:
07:ca:7d:ea:77:b9:79:01:a3:cc:a7:0c:51:39:e3:
28:d2:a3:e6:53:e4:a0:a0:8a:ff:43:13:c1:d2:37:
90:7c:14:73:51:80:7e:13:1c:6b:37:af:fc:e8:00:
40:c2:44:b6:11:68:cc:91:80:6d:ef:cf:48:9f:bd:
db:ce:72:d4:fc:a2:fb:cb:a1:3f:07:66:cf:be:f3:
7a:26:0f:93:9d:cc:c6:27:3e:8f:dc:f9:d5:49:55:
cc:e1:ac:b8:43:be:14:61:39:d5:ec:55:1e:5a:bc:
82:82:6d:66:11:45:88:a6:7f:0a:6a:23:4c:c4:69:
1d:67:aa:45:74:7a:0a:42:cf:79:62:ed:11:53:73:
b9:2a:34:94:e9:f0:50:03:cd:2a:83:83:bb:9e:da:
aa:4e:f2:1c:e8:47:9e:7a:03:16:c7:8b:29:c8:dd:
3b:35:f4:ac:fc:1f:a9:65:08:47:6b:94:57:05:8f:
4f:74:90:7a:a4:7c:72:f5:ba:52:d5:5b:fa:95:e6:
9e:18:4b:08:4b:4f:bf:5e:33:ce:64:93:bf:06:ad:
c2:75:70:8e:fb:d0:9f:82:84:90:5e:0c:88:8b:03:
59:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C7:F6:B8:F9:B8:30:86:92:A0:E1:C3:D1:14:7F:AD:EE:14:9D:94
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wcf2uPm4MIaSoOHD0RR_re4UnZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
81:13:0d:3a:2f:c6:03:c1:41:96:88:8c:8b:9b:4e:63:4c:15:
38:51:39:12:36:90:59:b4:fb:90:df:1d:b5:7c:2f:8a:d9:3c:
c1:8f:97:23:a6:8c:d7:2c:9c:19:94:e9:03:cb:e5:fc:a9:34:
d2:94:9c:f9:12:15:67:aa:d2:e2:7d:28:f0:43:b9:b2:d1:63:
4b:f0:6f:d1:64:92:de:f1:4e:fb:62:3a:95:a5:2b:e0:52:a4:
2d:1a:56:fb:4b:34:23:4c:05:a2:a0:f6:50:05:d3:93:ec:f4:
bb:65:99:a4:f3:f2:86:23:56:47:11:a1:e2:e2:80:a4:57:10:
a7:a8:f7:a8:a3:88:8a:0b:5d:5f:8e:af:df:6f:9c:45:07:2a:
78:56:a0:c9:4a:9b:79:61:3d:94:0e:7d:c2:2d:15:d8:bd:27:
e3:61:22:f0:2b:83:98:89:4c:51:82:a1:42:7d:7b:28:05:81:
59:81:2c:82:9d:6f:34:71:77:22:1e:4f:51:bf:d8:3a:ce:22:
3d:82:f0:e4:38:d6:e2:f5:a1:16:26:36:50:b2:f5:9a:bd:2f:
76:fd:93:69:2c:4d:55:5e:16:6a:bb:94:3d:aa:78:95:c4:1a:
ba:0d:61:f2:71:2c:68:96:99:13:3e:dd:83:31:60:e5:c3:7d:
f5:02:ab:d2
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYl2xxtXsto+S8G0g33u6VbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIxMDQ0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM3ZjZiOGY5YjgzMDg2OTJhMGUxYzNkMTE0N2ZhZGVlMTQ5ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcPH6gMXeN8Mp6QRhpnkWco7Gh5U
Uc+ZOdT3hhIHyn3qd7l5AaPMpwxROeMo0qPmU+SgoIr/QxPB0jeQfBRzUYB+Exxr
N6/86ABAwkS2EWjMkYBt789In73bznLU/KL7y6E/B2bPvvN6Jg+TnczGJz6P3PnV
SVXM4ay4Q74UYTnV7FUeWryCgm1mEUWIpn8KaiNMxGkdZ6pFdHoKQs95Yu0RU3O5
KjSU6fBQA80qg4O7ntqqTvIc6EeeegMWx4spyN07NfSs/B+pZQhHa5RXBY9PdJB6
pHxy9bpS1Vv6leaeGEsIS0+/XjPOZJO/Bq3CdXCO+9CfgoSQXgyIiwNZ4wIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFMHH9rj5uDCGkqDhw9EUf63uFJ2UMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd2NmMnVQbTRNSWFTb09IRDBSUl9yZTRVblpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
AbzUhAMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gME
ALzw6QMEALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsF
AAOCAQEAgRMNOi/GA8FBloiMi5tOY0wVOFE5EjaQWbT7kN8dtXwvitk8wY+XI6aM
1yycGZTpA8vl/Kk00pSc+RIVZ6rS4n0o8EO5stFjS/Bv0WSS3vFO+2I6laUr4FKk
LRpW+0s0I0wFoqD2UAXTk+z0u2WZpPPyhiNWRxGh4uKApFcQp6j3qKOIigtdX46v
32+cRQcqeFagyUqbeWE9lA59wi0V2L0n42Ei8CuDmIlMUYKhQn17KAWBWYEsgp1v
NHF3Ih5PUb/YOs4iPYLw5DjW4vWhFiY2ULL1mr0vdv2TaSxNVV4WaruUPap4lcQa
ug1h8nEsaJaZEz7dgzFg5cN99QKr0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org