Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/Ap42vpwaSu8LfoWgHkOLgRJcN9s.roa
File: Ap42vpwaSu8LfoWgHkOLgRJcN9s.roa (raw, json)
Hash identifier: T+N0FbevD2npR98gcH6o9eegw+zhgUDG1Ki2mtvnnAE=
Subject key identifier: 02:9E:36:BE:9C:1A:4A:EF:0B:7E:85:A0:1E:43:8B:81:12:5C:37:DB
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 01893FA0DC4739A541706F53F715EF8378B5
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/Ap42vpwaSu8LfoWgHkOLgRJcN9s.roa
Signing time: Mon 10 Jul 2023 11:47:33 +0000
ROA not before: Mon 10 Jul 2023 11:47:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57588
IP address blocks: 185.80.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:a0:dc:47:39:a5:41:70:6f:53:f7:15:ef:83:78:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jul 10 11:47:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=029e36be9c1a4aef0b7e85a01e438b81125c37db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:5e:a1:2f:02:17:26:32:2d:cf:2c:3e:f7:
28:33:e6:b8:b1:ed:2a:74:cd:40:28:3a:90:e6:db:
ea:27:af:bb:83:b8:0f:8e:22:a4:06:31:00:34:82:
51:9b:8b:3b:92:9a:a5:d7:1a:01:62:7e:64:b0:97:
34:f2:d3:47:d5:55:3f:6f:33:e1:cd:02:53:dc:e2:
0d:65:0b:9b:c7:4d:62:d7:6c:d4:27:96:90:e3:6c:
30:32:53:60:6e:53:3c:88:9a:d3:23:ab:0c:1d:4a:
6a:c5:1e:1d:cd:39:73:20:1a:22:f9:48:47:b1:6d:
40:a4:0a:f0:e3:5c:ce:6c:16:e1:42:7e:86:5a:be:
97:2e:93:d1:55:01:39:df:de:a5:66:93:0c:47:20:
1c:68:f4:e4:50:89:f0:e1:66:e2:51:05:c3:61:df:
b1:6a:47:ce:ef:3b:19:90:14:17:3d:71:fa:27:f4:
13:7d:8a:31:d5:0b:2c:98:bc:20:d0:dd:83:1f:6c:
48:50:eb:26:64:74:38:82:e5:52:d5:44:55:1c:3e:
6c:cd:31:02:d8:4c:7c:c3:87:06:7a:fd:e0:b3:00:
70:97:72:66:ee:ec:d8:a0:4f:65:e3:cc:38:65:74:
3f:87:f3:9e:6d:c0:3b:b4:9d:b8:29:e8:e8:40:bf:
0f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9E:36:BE:9C:1A:4A:EF:0B:7E:85:A0:1E:43:8B:81:12:5C:37:DB
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/Ap42vpwaSu8LfoWgHkOLgRJcN9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:a9:fd:30:a7:e6:05:e4:33:41:18:c3:2a:37:e2:0a:54:1f:
9e:10:bd:7c:da:96:df:a4:0e:79:46:8c:5f:56:82:33:b6:3c:
74:22:ac:7d:b3:9e:3c:06:30:32:6a:ce:43:a8:02:33:56:63:
d8:0a:35:7f:11:5a:4a:52:5d:9c:f4:86:8d:71:c2:4b:a7:84:
a8:d9:61:26:24:91:b2:27:ce:70:b5:4d:9e:c2:41:8c:d8:44:
9a:56:2b:67:93:cc:20:a3:dc:6b:49:43:22:0d:aa:90:40:c5:
8c:04:f8:3c:27:f2:a0:01:e7:ee:7a:90:97:95:cc:80:a5:1a:
23:02:27:8b:66:68:d4:00:fe:0d:41:04:92:4f:36:ad:98:8c:
3a:e4:5a:ff:da:54:10:c3:18:3e:4b:37:53:69:fd:b9:98:29:
37:a7:3c:cc:db:3e:5a:d3:76:55:22:e3:be:09:c8:61:05:60:
47:56:73:6e:43:3c:2f:7e:c4:db:f6:05:34:9b:e3:07:11:3b:
17:b5:32:31:47:11:c6:17:a3:15:f5:32:a1:b2:f5:fa:ca:38:
9c:10:be:91:a8:c1:6f:9d:37:38:fb:5d:c8:45:92:48:5a:b3:
63:e7:1e:21:28:a4:1c:e9:86:8f:46:cf:1d:ca:ba:91:02:06:
76:16:10:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk/oNxHOaVBcG9T9xXvg3i1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjMwNzEwMTE0NzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjllMzZiZTljMWE0YWVmMGI3ZTg1YTAxZTQzOGI4MTEyNWMzN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKdeoS8CFyYyLc8sPvcoM+a4se0q
dM1AKDqQ5tvqJ6+7g7gPjiKkBjEANIJRm4s7kpql1xoBYn5ksJc08tNH1VU/bzPh
zQJT3OINZQubx01i12zUJ5aQ42wwMlNgblM8iJrTI6sMHUpqxR4dzTlzIBoi+UhH
sW1ApArw41zObBbhQn6GWr6XLpPRVQE5396lZpMMRyAcaPTkUInw4WbiUQXDYd+x
akfO7zsZkBQXPXH6J/QTfYox1QssmLwg0N2DH2xIUOsmZHQ4guVS1URVHD5szTEC
2Ex8w4cGev3gswBwl3Jm7uzYoE9l48w4ZXQ/h/OebcA7tJ24KejoQL8PsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKeNr6cGkrvC36FoB5Di4ESXDfbMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvQXA0MnZwd2FTdThMZm9XZ0hrT0xnUkpjTjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQBKqf0wp+YF5DNBGMMqN+IKVB+eEL182pbfpA55Roxf
VoIztjx0Iqx9s548BjAyas5DqAIzVmPYCjV/EVpKUl2c9IaNccJLp4So2WEmJJGy
J85wtU2ewkGM2ESaVitnk8wgo9xrSUMiDaqQQMWMBPg8J/KgAefuepCXlcyApRoj
AieLZmjUAP4NQQSSTzatmIw65Fr/2lQQwxg+SzdTaf25mCk3pzzM2z5a03ZVIuO+
CchhBWBHVnNuQzwvfsTb9gU0m+MHETsXtTIxRxHGF6MV9TKhsvX6yjicEL6RqMFv
nTc4+13IRZJIWrNj5x4hKKQc6YaPRs8dyrqRAgZ2FhB2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org