Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zVh1qW58cRrtGK-doNcwBoh0yLI.roa
File: zVh1qW58cRrtGK-doNcwBoh0yLI.roa (raw, json)
Hash identifier: 6N9gWNDkntb/SSuZ+lZyYgfD+/kHX7FNdXgw9S12Zwo=
Subject key identifier: CD:58:75:A9:6E:7C:71:1A:ED:18:AF:9D:A0:D7:30:06:88:74:C8:B2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187EFFF1B0C95048C656A4E16BDBEA2BA41
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zVh1qW58cRrtGK-doNcwBoh0yLI.roa
Signing time: Sat 06 May 2023 07:38:05 +0000
ROA not before: Sat 06 May 2023 07:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ef:ff:1b:0c:95:04:8c:65:6a:4e:16:bd:be:a2:ba:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 6 07:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd5875a96e7c711aed18af9da0d730068874c8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:51:c0:ae:e1:a7:1e:f3:c7:fb:86:e7:57:
45:03:71:d3:72:2b:7e:3f:50:7a:58:dc:71:77:d7:
3f:b7:77:7d:ca:ee:9b:36:79:1d:7f:2c:30:0c:a0:
f8:3e:16:c1:bd:23:06:a8:a1:cc:71:f4:81:f7:75:
a8:21:6c:40:06:2b:6e:77:92:03:2d:ba:38:d6:fb:
0e:88:66:88:ed:64:ab:78:08:1f:f6:42:7f:d1:80:
0d:31:aa:d6:ac:cc:8b:49:3f:18:2f:92:31:6b:a4:
40:6f:a2:07:4d:80:5d:20:e5:92:9c:39:ce:da:4f:
13:89:98:e3:3c:ab:c5:07:86:de:32:2a:e7:1f:ed:
56:c2:bc:a6:e0:83:ef:7b:41:09:0e:65:09:30:e4:
c3:f0:80:11:44:80:21:21:46:62:ae:d5:eb:11:94:
e6:19:55:91:4a:f9:bc:4d:7c:1b:50:58:9c:61:1d:
c1:23:41:b1:54:71:a3:dd:47:b3:07:8a:70:ec:87:
e9:da:a9:ca:a8:ba:12:9f:9c:c6:88:62:3b:b6:4f:
3f:17:6f:ee:1f:91:f7:1b:71:aa:6b:1e:27:36:48:
08:f1:07:c1:5e:7f:c2:54:73:fa:b0:2f:f9:88:d9:
84:47:fd:18:ca:d6:d7:6e:ad:87:0e:d4:ac:e6:ee:
47:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:58:75:A9:6E:7C:71:1A:ED:18:AF:9D:A0:D7:30:06:88:74:C8:B2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zVh1qW58cRrtGK-doNcwBoh0yLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.132.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
Signature Algorithm: sha256WithRSAEncryption
04:b6:eb:81:bd:77:1f:00:64:d2:6d:8d:06:28:2f:3f:8a:f0:
f9:b8:22:2d:34:82:68:68:48:92:58:06:0e:02:6d:bd:2a:f8:
20:3d:31:a9:24:04:4a:fb:00:09:5b:42:96:4f:c9:61:4c:34:
2f:5d:af:cc:59:12:82:39:38:05:85:44:03:51:be:2d:78:d5:
77:5f:b6:fc:dd:89:3c:ee:c9:1b:d8:81:d1:80:af:c7:3b:bd:
f0:39:96:9b:2d:35:b6:bd:a8:b7:3e:59:f5:b1:18:3d:d0:0a:
76:46:fa:04:03:dd:d7:0f:b2:89:39:24:a4:fe:eb:4c:4f:b7:
4f:95:ad:66:7c:59:a1:fb:4b:08:ff:75:8e:f4:90:cd:c1:b2:
74:64:bf:a5:e7:0c:4b:f7:49:6b:b2:75:eb:bb:88:7c:48:08:
a0:dc:4c:6b:dc:07:33:b2:d4:2d:3e:d6:8e:40:95:cc:39:4e:
17:32:09:cb:dc:cb:9e:48:44:37:da:ec:ef:9d:ba:44:e0:a5:
0f:f2:24:7d:05:92:02:71:ef:0f:d3:7e:33:c7:ee:db:07:3e:
6a:84:55:cc:ae:67:3e:61:0f:f0:0b:a6:d2:25:b3:67:b1:f1:
84:48:1b:e9:1c:c1:4b:3e:df:8b:6d:ae:5b:a0:f3:31:65:c6:
f1:59:61:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYfv/xsMlQSMZWpOFr2+orpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA2MDczODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU4NzVhOTZlN2M3MTFhZWQxOGFmOWRhMGQ3MzAwNjg4NzRjOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs9RwK7hpx7zx/uG51dFA3HTcit+
P1B6WNxxd9c/t3d9yu6bNnkdfywwDKD4PhbBvSMGqKHMcfSB93WoIWxABitud5ID
Lbo41vsOiGaI7WSreAgf9kJ/0YANMarWrMyLST8YL5Ixa6RAb6IHTYBdIOWSnDnO
2k8TiZjjPKvFB4beMirnH+1Wwrym4IPve0EJDmUJMOTD8IARRIAhIUZirtXrEZTm
GVWRSvm8TXwbUFicYR3BI0GxVHGj3UezB4pw7Ifp2qnKqLoSn5zGiGI7tk8/F2/u
H5H3G3Gqax4nNkgI8QfBXn/CVHP6sC/5iNmER/0YytbXbq2HDtSs5u5HcwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM1YdalufHEa7RivnaDXMAaIdMiyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvelZoMXFXNThjUnJ0R0stZG9OY3dCb2gweUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPsWEMAwD
BACy78EDBACy78IDBACy78gwDQYJKoZIhvcNAQELBQADggEBAAS264G9dx8AZNJt
jQYoLz+K8Pm4Ii00gmhoSJJYBg4Cbb0q+CA9MakkBEr7AAlbQpZPyWFMNC9dr8xZ
EoI5OAWFRANRvi141XdftvzdiTzuyRvYgdGAr8c7vfA5lpstNba9qLc+WfWxGD3Q
CnZG+gQD3dcPsok5JKT+60xPt0+VrWZ8WaH7Swj/dY70kM3BsnRkv6XnDEv3SWuy
deu7iHxICKDcTGvcBzOy1C0+1o5Alcw5ThcyCcvcy55IRDfa7O+dukTgpQ/yJH0F
kgJx7w/TfjPH7tsHPmqEVcyuZz5hD/ALptIls2ex8YRIG+kcwUs+34ttrlug8zFl
xvFZYeQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org