Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/z-mBnyLnEjyvC_OGH-3NInKh-Hs.roa
File: z-mBnyLnEjyvC_OGH-3NInKh-Hs.roa (raw, json)
Hash identifier: 5B3z2WgxNeDgY0jc4Q/DbNIKis5Q9Tkpp5nts8ZoyH4=
Subject key identifier: CF:E9:81:9F:22:E7:12:3C:AF:0B:F3:86:1F:ED:CD:22:72:A1:F8:7B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185F1EB55743CC36132808C8E9A352BCC59
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/z-mBnyLnEjyvC_OGH-3NInKh-Hs.roa
Signing time: Fri 27 Jan 2023 06:30:09 +0000
ROA not before: Fri 27 Jan 2023 06:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 193.42.52.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:eb:55:74:3c:c3:61:32:80:8c:8e:9a:35:2b:cc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 27 06:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfe9819f22e7123caf0bf3861fedcd2272a1f87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:34:7f:ab:55:2e:02:82:77:0f:9a:24:2a:14:
ae:05:5c:ad:10:4f:27:82:3c:14:f0:cf:05:91:0a:
3b:82:3d:fa:17:71:21:03:94:8e:4f:34:ee:23:3f:
99:81:6a:74:df:fb:ce:d2:7a:75:e2:95:fc:44:82:
95:30:4d:0b:7f:c9:88:9d:77:c0:f4:1a:d7:a8:78:
9a:e4:67:79:f1:1d:18:18:38:b0:6a:f9:7c:99:65:
22:57:45:7b:f6:cb:13:0e:14:fa:58:23:4b:76:b8:
38:fa:93:c3:8d:3f:e6:72:5d:9c:5d:a7:db:05:d3:
1b:61:3b:a2:29:9a:fb:b0:5b:a8:ab:0d:13:ce:89:
7d:c2:64:4f:d8:13:df:20:85:9a:ad:d4:5f:7b:88:
78:3f:2f:fb:68:e9:14:48:78:ba:7b:02:ab:ce:eb:
f3:43:96:33:d5:1c:95:cd:c8:b4:68:c9:4e:16:4e:
96:68:ec:5a:b0:95:9c:f6:86:ef:f3:dc:ab:3c:5b:
ea:b1:d8:4e:c3:74:12:1c:a0:86:e2:de:21:be:3c:
e4:26:34:40:2d:f8:2b:c8:ab:67:e9:47:a3:01:db:
ed:7d:7d:3f:ce:6d:21:5a:aa:25:b8:98:9a:bc:a7:
f5:24:a5:0e:5b:b4:9a:1b:e4:79:0a:67:4f:f4:5d:
36:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E9:81:9F:22:E7:12:3C:AF:0B:F3:86:1F:ED:CD:22:72:A1:F8:7B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/z-mBnyLnEjyvC_OGH-3NInKh-Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.73.0/24
193.42.52.0/24
Signature Algorithm: sha256WithRSAEncryption
30:96:c1:c5:47:f5:d4:e7:95:50:47:76:17:ba:da:0e:5d:27:
98:a5:5c:21:00:5f:10:b8:87:87:c1:f8:6c:42:b6:ee:af:57:
de:3f:8e:5f:21:9e:a9:68:98:d4:90:f3:ca:4e:31:17:47:1f:
61:91:1e:f4:c7:bd:48:fe:ae:9f:aa:13:64:8b:a0:5b:d7:ec:
29:8d:88:2c:91:8b:18:26:61:13:ed:42:e4:9a:3b:5d:de:3e:
e7:c2:72:55:da:84:8e:17:8d:43:4d:be:97:a2:be:5d:7c:1f:
b7:11:1b:ed:68:ad:23:94:5f:69:16:52:2c:2b:2f:85:57:aa:
dc:20:f0:ee:87:74:d2:9b:cf:c6:fa:1f:82:b6:aa:2f:57:28:
4f:cc:22:f2:e2:6f:2c:7a:6e:e7:8d:5d:fa:e8:a4:32:83:1d:
81:61:2a:95:ea:3e:3d:8b:c6:45:38:50:ac:c7:a7:01:c0:33:
5a:aa:03:c6:93:b8:1d:2c:41:e5:73:57:5b:a7:0b:72:7d:dd:
00:61:c4:52:a5:6c:8c:52:62:5d:8a:a4:e6:0b:71:66:e3:b4:
6c:1a:f1:72:07:f8:11:c0:73:3f:7d:2d:40:a6:81:4b:e9:eb:
d5:d4:95:09:46:90:52:11:4f:38:71:9b:0f:47:ab:3f:13:24:
aa:3a:20:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXx61V0PMNhMoCMjpo1K8xZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDYzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmU5ODE5ZjIyZTcxMjNjYWYwYmYzODYxZmVkY2QyMjcyYTFmODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjR/q1UuAoJ3D5okKhSuBVytEE8n
gjwU8M8FkQo7gj36F3EhA5SOTzTuIz+ZgWp03/vO0np14pX8RIKVME0Lf8mInXfA
9BrXqHia5Gd58R0YGDiwavl8mWUiV0V79ssTDhT6WCNLdrg4+pPDjT/mcl2cXafb
BdMbYTuiKZr7sFuoqw0Tzol9wmRP2BPfIIWardRfe4h4Py/7aOkUSHi6ewKrzuvz
Q5Yz1RyVzci0aMlOFk6WaOxasJWc9obv89yrPFvqsdhOw3QSHKCG4t4hvjzkJjRA
LfgryKtn6UejAdvtfX0/zm0hWqoluJiavKf1JKUOW7SaG+R5CmdP9F02mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/pgZ8i5xI8rwvzhh/tzSJyofh7MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvei1tQm55TG5Fanl2Q19PR0gtM05JbktoLUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWdJAwQA
wSo0MA0GCSqGSIb3DQEBCwUAA4IBAQAwlsHFR/XU55VQR3YXutoOXSeYpVwhAF8Q
uIeHwfhsQrbur1feP45fIZ6paJjUkPPKTjEXRx9hkR70x71I/q6fqhNki6Bb1+wp
jYgskYsYJmET7ULkmjtd3j7nwnJV2oSOF41DTb6Xor5dfB+3ERvtaK0jlF9pFlIs
Ky+FV6rcIPDuh3TSm8/G+h+CtqovVyhPzCLy4m8sem7njV366KQygx2BYSqV6j49
i8ZFOFCsx6cBwDNaqgPGk7gdLEHlc1dbpwtyfd0AYcRSpWyMUmJdiqTmC3Fm47Rs
GvFyB/gRwHM/fS1ApoFL6evV1JUJRpBSEU84cZsPR6s/EySqOiC8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org