Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/8XCv9gfJveUcVCP_srYF2WJ1O20.roa
File: 8XCv9gfJveUcVCP_srYF2WJ1O20.roa (raw, json)
Hash identifier: nWBB0tRSAwxpZu0SKS/NrHk2LfdLhh1kwMNrpuvB8/U=
Subject key identifier: F1:70:AF:F6:07:C9:BD:E5:1C:54:23:FF:B2:B6:05:D9:62:75:3B:6D
Certificate issuer: /CN=7de98f48e988790d0e0793537941b413d2e60306
Certificate serial: 09FA1E06
Authority key identifier: 7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/8XCv9gfJveUcVCP_srYF2WJ1O20.roa
Signing time: Tue 15 Mar 2022 16:34:34 +0000
ROA not before: Tue 15 Mar 2022 16:34:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44092
IP address blocks: 185.178.252.0/22 maxlen: 24
185.178.252.0/24 maxlen: 24
185.178.253.0/24 maxlen: 24
185.178.255.0/24 maxlen: 24
185.178.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167386630 (0x9fa1e06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7de98f48e988790d0e0793537941b413d2e60306
Validity
Not Before: Mar 15 16:34:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f170aff607c9bde51c5423ffb2b605d962753b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:67:12:cd:28:53:75:a7:86:99:91:10:39:
9d:e9:1c:19:b6:77:2c:63:fd:20:db:29:15:4f:29:
29:e8:e9:f7:e7:ee:a7:f2:7c:9c:5a:36:83:a9:1f:
0a:c0:c2:06:9b:33:0e:02:ff:83:31:2a:71:bb:8d:
82:60:f9:22:95:f5:16:19:25:16:c9:73:bf:6e:ef:
8e:d4:0f:f2:3d:3c:70:5a:ed:7c:b9:a6:79:f0:c8:
3f:16:cd:1f:59:0e:ea:06:06:e8:ce:3b:2b:6d:43:
76:2e:0c:fb:78:92:e5:67:58:c0:06:0f:78:71:b7:
28:c3:9a:74:8c:22:5f:48:54:e7:a6:a0:d7:a8:28:
38:48:d8:75:b0:29:aa:92:36:64:b7:39:1b:da:c1:
0f:2c:a0:22:e2:fe:3b:ce:f1:86:5e:02:e5:65:00:
d4:38:18:0f:89:7c:a3:59:9f:33:02:ac:aa:98:6a:
9c:2c:30:cb:3b:e8:01:a2:7d:d6:4e:70:fc:f1:7d:
e9:67:b3:97:f0:af:53:cb:c1:de:80:37:21:17:ef:
11:f5:78:63:0e:7c:7f:3f:ea:4b:0e:c7:b6:54:85:
4e:a2:0c:e5:a5:fd:bb:c8:22:53:7a:1c:86:b8:21:
47:56:1f:2d:99:ca:9d:b4:61:04:f2:3e:3c:a3:da:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:70:AF:F6:07:C9:BD:E5:1C:54:23:FF:B2:B6:05:D9:62:75:3B:6D
X509v3 Authority Key Identifier:
keyid:7D:E9:8F:48:E9:88:79:0D:0E:07:93:53:79:41:B4:13:D2:E6:03:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/femPSOmIeQ0OB5NTeUG0E9LmAwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/8XCv9gfJveUcVCP_srYF2WJ1O20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0fc0a-15d4-46cc-a8b9-47632cb5b854/1/femPSOmIeQ0OB5NTeUG0E9LmAwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.252.0/22
Signature Algorithm: sha256WithRSAEncryption
72:29:2b:70:4b:87:b8:f6:8e:d4:13:91:82:3d:c3:21:14:49:
8e:62:0c:e7:f5:fa:04:61:e4:2d:a3:ff:a4:df:1b:10:13:51:
fb:82:3f:58:56:fd:db:a5:51:f2:de:84:12:62:61:d2:47:64:
d0:69:92:ac:b6:bf:fb:a1:d3:5d:1d:92:a5:aa:fe:1d:d4:b1:
50:c7:53:7c:ee:94:e5:0e:45:1c:60:c0:04:b8:fe:15:4a:96:
d7:9f:bb:78:ac:07:1f:21:b4:f7:4e:66:f4:ec:35:6f:e0:5c:
90:9c:6c:71:f8:74:38:e7:c0:7d:48:82:13:f6:e5:8d:9e:94:
08:72:09:37:2b:e6:79:ac:c7:51:f1:08:62:e7:f8:cb:ee:cb:
7f:0e:5a:eb:0b:9b:ab:5d:99:98:3b:31:ba:b5:8a:e1:4d:f0:
98:52:86:0a:57:5b:d4:b6:6d:66:4f:5e:d7:bd:8f:65:0a:ba:
be:ad:88:53:c2:c2:a8:89:33:40:85:5e:51:30:05:88:7f:ea:
34:e7:94:f5:d5:a0:66:c8:1d:ba:a4:72:83:cc:bc:0c:65:ee:
d1:d0:0b:83:0f:2b:1b:f4:4d:c9:d6:f1:7a:a6:c2:8c:b3:ae:
fe:0b:94:0e:79:a2:10:d1:d5:0c:b2:27:74:1e:85:ee:ec:0a:
61:b6:fc:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECfoeBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGU5OGY0OGU5ODg3OTBkMGUwNzkzNTM3OTQxYjQxM2QyZTYwMzA2MB4XDTIyMDMx
NTE2MzQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE3MGFmZjYwN2M5
YmRlNTFjNTQyM2ZmYjJiNjA1ZDk2Mjc1M2I2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKUZxLNKFN1p4aZkRA5nekcGbZ3LGP9INspFU8pKejp9+fu
p/J8nFo2g6kfCsDCBpszDgL/gzEqcbuNgmD5IpX1FhklFslzv27vjtQP8j08cFrt
fLmmefDIPxbNH1kO6gYG6M47K21Ddi4M+3iS5WdYwAYPeHG3KMOadIwiX0hU56ag
16goOEjYdbApqpI2ZLc5G9rBDyygIuL+O87xhl4C5WUA1DgYD4l8o1mfMwKsqphq
nCwwyzvoAaJ91k5w/PF96Wezl/CvU8vB3oA3IRfvEfV4Yw58fz/qSw7HtlSFTqIM
5aX9u8giU3ochrghR1YfLZnKnbRhBPI+PKPaWFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxcK/2B8m95RxUI/+ytgXZYnU7bTAfBgNVHSMEGDAWgBR96Y9I6Yh5DQ4H
k1N5QbQT0uYDBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZlbVBTT21JZVEwT0I1TlRlVUcwRTlMbUF3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvYzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8x
LzhYQ3Y5Z2ZKdmVVY1ZDUF9zcllGMldKMU8yMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
YzBmYzBhLTE1ZDQtNDZjYy1hOGI5LTQ3NjMyY2I1Yjg1NC8xL2ZlbVBTT21JZVEw
T0I1TlRlVUcwRTlMbUF3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmy/DANBgkqhkiG9w0BAQsFAAOC
AQEAcikrcEuHuPaO1BORgj3DIRRJjmIM5/X6BGHkLaP/pN8bEBNR+4I/WFb926VR
8t6EEmJh0kdk0GmSrLa/+6HTXR2Spar+HdSxUMdTfO6U5Q5FHGDABLj+FUqW15+7
eKwHHyG0905m9Ow1b+BckJxscfh0OOfAfUiCE/bljZ6UCHIJNyvmeazHUfEIYuf4
y+7Lfw5a6wubq12ZmDsxurWK4U3wmFKGCldb1LZtZk9e172PZQq6vq2IU8LCqIkz
QIVeUTAFiH/qNOeU9dWgZsgduqRyg8y8DGXu0dALgw8rG/RNydbxeqbCjLOu/guU
DnmiENHVDLIndB6F7uwKYbb8hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org