Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zz3_nhc6PD5mPIb4976_Ylh4ADU.roa
File: zz3_nhc6PD5mPIb4976_Ylh4ADU.roa (raw, json)
Hash identifier: cgUw5yLaJ22Ka4wNlDEMyCFDYFS+YDY3LpxjNDUmjt0=
Subject key identifier: CF:3D:FF:9E:17:3A:3C:3E:66:3C:86:F8:F7:BE:BF:62:58:78:00:35
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186B0C0A7183F981B73F32A36FCC43F34EE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zz3_nhc6PD5mPIb4976_Ylh4ADU.roa
Signing time: Sun 05 Mar 2023 07:51:01 +0000
ROA not before: Sun 05 Mar 2023 07:51:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.230.251.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:c0:a7:18:3f:98:1b:73:f3:2a:36:fc:c4:3f:34:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 5 07:51:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf3dff9e173a3c3e663c86f8f7bebf6258780035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:db:a5:40:60:6b:60:97:2a:c0:10:de:53:
a8:c0:16:5a:76:a8:e6:d2:94:03:a3:81:36:89:a6:
80:de:48:cd:39:a5:4d:a3:45:38:60:23:9c:80:01:
bd:ae:83:01:75:de:6f:56:f6:d6:b3:04:e1:f2:74:
5b:09:bf:29:4a:02:e6:ed:92:39:13:94:b7:81:cc:
53:46:3f:53:79:66:46:ed:73:11:ac:f6:4a:e2:c8:
bd:59:39:59:6f:26:5c:47:8a:3f:7a:89:f7:60:6f:
6f:9b:8b:64:96:af:b2:59:2d:13:a9:e1:b4:45:c3:
90:ad:76:ad:c7:42:b4:9a:d6:bd:9d:45:2b:ab:25:
62:4a:85:f1:59:a2:ff:2c:3a:11:45:85:a9:9b:f8:
04:90:ad:20:34:05:df:04:b4:6d:bc:6f:4e:c2:3a:
85:ec:f5:9f:2b:00:11:e9:99:10:3f:cf:db:3a:7c:
1e:77:80:5a:34:80:5c:c2:d4:84:ee:77:80:3a:ac:
6b:dc:89:39:f5:c6:d6:7b:5b:06:b0:d7:3c:e7:81:
bf:99:18:f8:1f:8c:57:76:60:00:02:88:4b:a9:35:
7e:6a:88:c5:83:cb:90:46:0d:d8:c2:8c:3d:07:a6:
22:2e:14:24:a3:6b:d0:25:56:bf:20:14:71:ec:0b:
d2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:FF:9E:17:3A:3C:3E:66:3C:86:F8:F7:BE:BF:62:58:78:00:35
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zz3_nhc6PD5mPIb4976_Ylh4ADU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.134.0/24
92.114.107.0/24
185.230.251.0/24
Signature Algorithm: sha256WithRSAEncryption
80:78:ab:c3:86:f2:29:f6:48:80:14:7d:fc:bc:b1:ce:26:9d:
2c:83:fa:01:e5:bc:92:86:a8:aa:2c:17:09:60:da:da:e1:86:
89:65:87:03:65:2d:e1:ef:ee:5b:5b:4e:48:a0:95:2a:d0:b5:
e4:ec:c1:f7:43:9e:e8:4d:05:78:70:39:7a:6d:28:7f:f4:f8:
f1:e1:fb:59:22:76:e8:bc:7e:69:40:a6:5e:6f:3c:8b:d8:41:
41:ae:05:dc:e8:f1:72:da:40:2a:6e:fd:57:f6:6e:58:5b:1b:
15:70:ed:32:17:55:59:bf:14:b7:c9:72:64:5a:50:6c:f8:02:
04:87:52:cc:c6:0c:32:f1:5d:5f:84:70:4e:95:c9:4a:32:fc:
82:f0:26:5a:24:36:ee:dd:10:31:5e:90:40:78:b9:d2:b7:fc:
ce:d1:fc:f9:c7:ad:65:17:c1:fa:45:16:03:0d:bb:39:af:bb:
fd:a8:3f:5d:2f:da:87:0d:d5:14:fc:02:9f:b6:bd:7f:3c:0b:
ac:9b:c3:d9:2f:0c:79:58:59:2e:e3:12:d1:5e:d7:01:e8:66:
d7:14:94:00:a8:2c:a6:df:b3:b1:ea:c3:ec:f8:1e:42:e3:7b:
a2:d7:c8:ef:8d:2c:6f:d4:b6:1c:79:4f:d7:ad:95:c9:49:47:
f0:12:c0:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYawwKcYP5gbc/MqNvzEPzTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA1MDc1MTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjNkZmY5ZTE3M2EzYzNlNjYzYzg2ZjhmN2JlYmY2MjU4NzgwMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDPbpUBga2CXKsAQ3lOowBZadqjm
0pQDo4E2iaaA3kjNOaVNo0U4YCOcgAG9roMBdd5vVvbWswTh8nRbCb8pSgLm7ZI5
E5S3gcxTRj9TeWZG7XMRrPZK4si9WTlZbyZcR4o/eon3YG9vm4tklq+yWS0TqeG0
RcOQrXatx0K0mta9nUUrqyViSoXxWaL/LDoRRYWpm/gEkK0gNAXfBLRtvG9OwjqF
7PWfKwAR6ZkQP8/bOnwed4BaNIBcwtSE7neAOqxr3Ik59cbWe1sGsNc854G/mRj4
H4xXdmAAAohLqTV+aojFg8uQRg3Ywow9B6YiLhQko2vQJVa/IBRx7AvSxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM89/54XOjw+ZjyG+Pe+v2JYeAA1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvenozX25oYzZQRDVtUEliNDk3Nl9ZbGg0QURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPsWGAwQA
XHJrAwQAueb7MA0GCSqGSIb3DQEBCwUAA4IBAQCAeKvDhvIp9kiAFH38vLHOJp0s
g/oB5byShqiqLBcJYNra4YaJZYcDZS3h7+5bW05IoJUq0LXk7MH3Q57oTQV4cDl6
bSh/9Pjx4ftZInbovH5pQKZebzyL2EFBrgXc6PFy2kAqbv1X9m5YWxsVcO0yF1VZ
vxS3yXJkWlBs+AIEh1LMxgwy8V1fhHBOlclKMvyC8CZaJDbu3RAxXpBAeLnSt/zO
0fz5x61lF8H6RRYDDbs5r7v9qD9dL9qHDdUU/AKftr1/PAusm8PZLwx5WFku4xLR
XtcB6GbXFJQAqCym37Ox6sPs+B5C43ui18jvjSxv1LYceU/XrZXJSUfwEsB5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org