Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wrnoWvaM_o9hDjbuymFkYHBeKsU.roa
File: wrnoWvaM_o9hDjbuymFkYHBeKsU.roa (raw, json)
Hash identifier: xcKjyqwzMccSRaLHaSt0XeShMkR9v+EBiGLNLjGqQek=
Subject key identifier: C2:B9:E8:5A:F6:8C:FE:8F:61:0E:36:EE:CA:61:64:60:70:5E:2A:C5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01860E51E214686D875CF30D537F62904DE3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wrnoWvaM_o9hDjbuymFkYHBeKsU.roa
Signing time: Wed 01 Feb 2023 18:51:32 +0000
ROA not before: Wed 01 Feb 2023 18:51:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 185.115.147.0/24 maxlen: 24
45.130.201.0/24 maxlen: 24
77.75.61.0/24 maxlen: 24
185.244.138.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:51:e2:14:68:6d:87:5c:f3:0d:53:7f:62:90:4d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 1 18:51:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2b9e85af68cfe8f610e36eeca616460705e2ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:4b:b7:b8:7f:f2:a6:a1:c6:64:04:f0:19:
82:90:78:2e:7d:39:32:24:7b:61:a9:f4:b5:00:ad:
b6:b7:41:85:8c:55:c5:4c:10:5f:7b:f7:83:8b:fa:
bf:fa:ca:ea:bf:a6:0f:ea:48:1d:c3:d1:de:94:4b:
bf:ff:73:83:49:88:f1:d3:42:3a:0a:b0:40:f6:9c:
0c:a8:1f:eb:99:ed:4c:da:e0:6f:fb:71:62:1f:cd:
18:9c:c6:48:8a:00:45:db:1e:49:01:25:f0:f4:67:
53:80:c6:89:d1:75:87:46:8c:9a:fe:39:56:4b:47:
d9:b8:95:2d:8a:e8:ef:5c:52:f5:95:e1:47:1e:bd:
63:15:27:55:ad:07:ed:ad:97:c6:2e:47:2c:c0:a5:
ec:00:52:fb:58:89:b7:e6:d3:02:34:33:3f:57:26:
4e:de:41:ce:0d:e2:ad:b7:9b:ec:3d:d3:22:3a:7b:
a1:2b:85:d5:fd:f9:47:3d:1b:24:95:60:cf:58:49:
57:41:db:16:d3:90:19:e8:4a:71:c6:05:6b:4a:77:
e5:6b:8b:85:9b:f2:51:3c:66:fa:07:03:c1:f2:67:
e5:e7:af:ab:fa:bd:8c:e9:18:7a:a3:14:db:37:8e:
9c:9e:72:85:0a:b0:b8:a3:aa:cb:ca:6a:fd:a1:56:
cc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B9:E8:5A:F6:8C:FE:8F:61:0E:36:EE:CA:61:64:60:70:5E:2A:C5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wrnoWvaM_o9hDjbuymFkYHBeKsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.201.0/24
77.75.61.0/24
185.115.147.0/24
185.244.138.0/24
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b4:df:71:bb:9e:12:ad:fc:d4:b2:4f:3f:b6:7a:48:16:09:
44:42:a6:18:21:22:cc:57:5a:4e:19:20:56:d3:1a:ca:73:6c:
9c:b3:bf:b6:ae:5e:ba:a5:c9:19:52:f7:8e:2d:bf:9f:08:2b:
5b:4c:7b:d2:d1:11:91:d2:1d:24:fd:3e:73:b5:53:38:69:1a:
34:ea:df:b6:e3:1e:33:d2:2f:c3:39:2d:17:2d:35:ce:a2:e2:
8a:c6:c4:7e:2c:9b:42:d2:33:45:21:55:10:96:2a:b5:a8:be:
3e:d4:23:2f:d2:88:32:dc:53:8f:9f:a1:1e:8a:5c:1c:f2:a8:
f2:5c:2f:90:ed:c8:b9:43:67:b5:34:66:24:05:a2:60:b9:2f:
90:7e:c8:4a:b8:c1:63:9d:c8:6d:17:11:5b:ec:dc:9b:57:fe:
73:f4:29:57:8b:7c:35:4b:04:ac:67:77:01:52:0d:a5:2c:ad:
5b:b7:38:61:54:ec:1f:6c:d7:ca:05:86:d1:d6:41:bc:3d:63:
da:1d:2b:1a:26:4b:c0:bd:ba:07:10:fa:f0:a6:5c:36:1c:03:
12:df:e9:e9:7d:3a:a0:82:87:c2:22:1e:98:70:1d:3d:5e:e7:
c0:f7:2a:57:94:fc:7b:0a:ae:ba:2a:09:5e:67:91:e4:67:a6:
98:78:c2:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYOUeIUaG2HXPMNU39ikE3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAxMTg1MTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI5ZTg1YWY2OGNmZThmNjEwZTM2ZWVjYTYxNjQ2MDcwNWUyYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK5Lt7h/8qahxmQE8BmCkHgufTky
JHthqfS1AK22t0GFjFXFTBBfe/eDi/q/+srqv6YP6kgdw9HelEu//3ODSYjx00I6
CrBA9pwMqB/rme1M2uBv+3FiH80YnMZIigBF2x5JASXw9GdTgMaJ0XWHRoya/jlW
S0fZuJUtiujvXFL1leFHHr1jFSdVrQftrZfGLkcswKXsAFL7WIm35tMCNDM/VyZO
3kHODeKtt5vsPdMiOnuhK4XV/flHPRsklWDPWElXQdsW05AZ6EpxxgVrSnfla4uF
m/JRPGb6BwPB8mfl56+r+r2M6Rh6oxTbN46cnnKFCrC4o6rLymr9oVbMFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMK56Fr2jP6PYQ427sphZGBwXirFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd3Jub1d2YU1fbzloRGpidXltRmtZSEJlS3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYLJAwQA
TUs9AwQAuXOTAwQAufSKAwQA3xtwMA0GCSqGSIb3DQEBCwUAA4IBAQBqtN9xu54S
rfzUsk8/tnpIFglEQqYYISLMV1pOGSBW0xrKc2ycs7+2rl66pckZUveOLb+fCCtb
THvS0RGR0h0k/T5ztVM4aRo06t+24x4z0i/DOS0XLTXOouKKxsR+LJtC0jNFIVUQ
liq1qL4+1CMv0ogy3FOPn6Eeilwc8qjyXC+Q7ci5Q2e1NGYkBaJguS+QfshKuMFj
nchtFxFb7NybV/5z9ClXi3w1SwSsZ3cBUg2lLK1btzhhVOwfbNfKBYbR1kG8PWPa
HSsaJkvAvboHEPrwplw2HAMS3+npfTqggofCIh6YcB09XufA9ypXlPx7Cq66Kgle
Z5HkZ6aYeMK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org