Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/62YqwfCKVH54tj_OUZjDFuLLe6I.roa
File: 62YqwfCKVH54tj_OUZjDFuLLe6I.roa (raw, json)
Hash identifier: 2HDSqiOWvLax3Bv/9qFBA3wPlTi8lkm+sd4syfQ9Nyg=
Subject key identifier: EB:66:2A:C1:F0:8A:54:7E:78:B6:3F:CE:51:98:C3:16:E2:CB:7B:A2
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 018945A9A0C63B41A522EC9248A38D30CFCD
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/62YqwfCKVH54tj_OUZjDFuLLe6I.roa
Signing time: Tue 11 Jul 2023 15:54:51 +0000
ROA not before: Tue 11 Jul 2023 15:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201272
IP address blocks: 185.80.42.0/24 maxlen: 24
185.80.41.0/24 maxlen: 24
185.80.40.0/24 maxlen: 24
185.80.40.0/23 maxlen: 23
185.80.40.0/22 maxlen: 22
185.80.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:45:a9:a0:c6:3b:41:a5:22:ec:92:48:a3:8d:30:cf:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jul 11 15:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb662ac1f08a547e78b63fce5198c316e2cb7ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:8a:f3:bc:d7:e7:19:67:ed:ed:1b:54:67:
2b:2c:41:6f:42:ab:a4:75:a8:88:df:d4:1e:77:ce:
bf:75:8e:45:73:54:7d:93:49:59:76:ff:ec:ab:84:
7e:22:95:81:e4:59:9c:cf:ed:8b:4d:1c:ff:95:8a:
75:2e:1d:01:94:d1:fb:d9:c9:61:6f:83:4c:4e:30:
1a:74:d1:aa:27:cf:82:db:70:8e:f9:ec:9c:32:1a:
3c:d8:8e:a0:d8:69:7f:50:26:31:d4:23:c3:a9:49:
5d:51:42:8e:14:b1:ec:29:4a:d3:4f:24:38:a9:b2:
d1:14:a4:a0:6c:62:e2:3f:77:a5:10:34:4d:49:4e:
6f:77:94:2f:a1:cf:ab:c9:ac:84:07:e4:a3:c0:c9:
c2:4e:d3:71:bf:7f:65:05:c6:65:32:9f:ce:42:74:
51:37:73:4a:b3:07:04:f1:38:f7:0b:c1:e6:b3:6d:
c3:71:0e:92:92:dc:bf:79:64:cc:a4:75:88:2c:c0:
36:29:79:15:79:1a:46:9f:88:0e:34:24:88:07:51:
f9:31:7c:5e:41:94:8e:9c:5f:e0:4a:63:3a:7c:ec:
6d:18:da:66:6c:a3:ba:af:a1:5d:bf:76:78:18:73:
1e:9e:a0:f7:53:aa:28:80:af:78:c3:69:f9:b3:55:
00:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:66:2A:C1:F0:8A:54:7E:78:B6:3F:CE:51:98:C3:16:E2:CB:7B:A2
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/62YqwfCKVH54tj_OUZjDFuLLe6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:6c:25:9d:cc:3b:c5:df:dd:8f:fc:bc:0d:23:38:73:94:49:
11:21:53:19:23:94:d3:2e:a0:2a:05:d3:85:9f:cf:df:ea:8c:
ca:9f:7a:47:ba:ca:9e:89:42:fb:fa:35:4f:ef:1f:72:c3:fc:
9a:7d:a0:64:d3:f4:42:73:d0:bc:52:a0:ee:4b:7c:ae:09:49:
df:78:59:df:fd:72:2c:85:fe:e6:8d:f2:ff:bb:b9:51:52:76:
05:92:4c:ab:bf:f7:cb:9f:ce:39:1c:6e:b3:48:6a:f9:15:4c:
e7:92:c9:4e:d7:3b:5c:a4:9e:d1:48:d9:d2:12:69:49:1a:98:
95:29:37:26:67:19:68:aa:8a:a4:c8:c7:80:67:65:5c:aa:1e:
0b:38:8a:b3:98:14:e3:69:7b:cd:81:0b:fc:77:8a:76:c1:3a:
1c:22:67:d4:75:09:3e:53:19:74:d5:e0:8a:e6:aa:ac:80:f6:
1a:d7:bf:66:1d:e4:f3:0a:16:79:21:68:f7:25:ce:be:10:48:
31:36:99:6f:b3:e3:3a:9c:b6:61:bc:e0:81:00:14:36:24:d9:
87:cf:a7:ac:e9:89:b4:b4:0b:9a:8f:ef:a8:dc:fc:a3:a0:39:
a3:96:f8:b0:6c:4f:e2:52:9b:11:4b:ae:c1:ef:92:7d:2c:a1:
48:b0:08:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlFqaDGO0GlIuySSKONMM/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjMwNzExMTU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjY2MmFjMWYwOGE1NDdlNzhiNjNmY2U1MTk4YzMxNmUyY2I3YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw52K87zX5xln7e0bVGcrLEFvQquk
daiI39Qed86/dY5Fc1R9k0lZdv/sq4R+IpWB5Fmcz+2LTRz/lYp1Lh0BlNH72clh
b4NMTjAadNGqJ8+C23CO+eycMho82I6g2Gl/UCYx1CPDqUldUUKOFLHsKUrTTyQ4
qbLRFKSgbGLiP3elEDRNSU5vd5Qvoc+ryayEB+SjwMnCTtNxv39lBcZlMp/OQnRR
N3NKswcE8Tj3C8Hms23DcQ6Skty/eWTMpHWILMA2KXkVeRpGn4gONCSIB1H5MXxe
QZSOnF/gSmM6fOxtGNpmbKO6r6Fdv3Z4GHMenqD3U6oogK94w2n5s1UA6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtmKsHwilR+eLY/zlGYwxbiy3uiMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvNjJZcXdmQ0tWSDU0dGpfT1VaakRGdUxMZTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQALbCWdzDvF392P/LwNIzhzlEkRIVMZI5TTLqAqBdOF
n8/f6ozKn3pHusqeiUL7+jVP7x9yw/yafaBk0/RCc9C8UqDuS3yuCUnfeFnf/XIs
hf7mjfL/u7lRUnYFkkyrv/fLn845HG6zSGr5FUznkslO1ztcpJ7RSNnSEmlJGpiV
KTcmZxloqoqkyMeAZ2Vcqh4LOIqzmBTjaXvNgQv8d4p2wTocImfUdQk+Uxl01eCK
5qqsgPYa179mHeTzChZ5IWj3Jc6+EEgxNplvs+M6nLZhvOCBABQ2JNmHz6es6Ym0
tAuaj++o3PyjoDmjlviwbE/iUpsRS67B75J9LKFIsAih
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:08 2024 by rpki-client on console-ams.rpki-client.org