Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/NsnFEYiw3jDQSZDOxxMDxdeOgUc.roa
File: NsnFEYiw3jDQSZDOxxMDxdeOgUc.roa (raw, json)
Hash identifier: zURbJs0AMYV2SIx6qwWBkuYme2eqZM8UvIl+BNt0Llw=
Subject key identifier: 36:C9:C5:11:88:B0:DE:30:D0:49:90:CE:C7:13:03:C5:D7:8E:81:47
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 16DDC060
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/NsnFEYiw3jDQSZDOxxMDxdeOgUc.roa
Signing time: Sat 01 Jan 2022 01:56:11 +0000
ROA not before: Sat 01 Jan 2022 01:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201272
IP address blocks: 185.80.42.0/24 maxlen: 24
185.80.41.0/24 maxlen: 24
185.80.40.0/24 maxlen: 24
185.80.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 383631456 (0x16ddc060)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jan 1 01:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36c9c51188b0de30d04990cec71303c5d78e8147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c3:60:46:ea:e4:ac:c6:90:22:6f:c0:3f:3a:
78:c2:67:ef:52:45:1b:48:21:fb:f7:90:60:82:c3:
74:18:b2:bd:ab:d6:5f:65:38:7f:e2:6a:7e:2e:c1:
e1:25:cf:4d:19:97:7d:c2:c2:a9:1b:64:e4:8c:c1:
fc:3d:31:41:26:b9:ed:94:8d:4c:dd:d8:18:da:53:
8f:40:4c:80:36:4f:93:d8:23:a7:7f:10:c6:e9:dc:
fa:2d:42:c9:12:4f:f6:d9:78:92:ab:78:c5:fe:37:
7a:fd:83:f4:1a:ee:9f:3b:f8:d7:51:c4:44:91:9d:
e4:72:a4:46:4b:f1:75:c9:0d:d4:d4:e5:dd:9b:f0:
27:71:9e:63:7b:0b:20:9d:5f:70:d4:67:aa:f0:75:
d9:10:a9:9f:5f:84:76:0f:4c:b5:20:c4:fd:2b:f5:
bb:6e:a3:44:dc:df:12:58:db:8c:e5:14:e0:b7:75:
a4:01:97:31:96:25:8b:bf:1d:5f:62:9c:18:fe:d1:
92:63:ad:30:2c:de:ed:93:36:71:2a:4a:e7:51:82:
6b:e0:e8:53:a3:d0:6d:a9:81:8a:e1:14:99:6f:fc:
d5:5b:4e:54:e5:df:97:82:12:ab:94:45:50:fd:61:
7d:a4:dd:59:84:ae:65:af:7e:06:ab:a4:98:29:4f:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C9:C5:11:88:B0:DE:30:D0:49:90:CE:C7:13:03:C5:D7:8E:81:47
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/NsnFEYiw3jDQSZDOxxMDxdeOgUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
07:68:30:27:e7:db:86:ae:c1:f7:86:6f:14:7b:5f:fa:91:10:
f0:01:6b:14:d2:97:81:43:e0:b3:0e:57:dc:8e:26:67:9d:1d:
01:6a:f8:b9:7d:d1:9f:e4:b0:c9:57:e1:20:22:f9:9f:a8:36:
59:29:09:c9:18:2c:6b:6b:dc:8e:32:63:2c:66:25:9f:70:22:
51:a6:55:86:33:00:50:b6:21:87:45:0b:5d:09:a6:03:e7:0d:
5c:11:e3:ad:38:89:e0:c0:41:77:a7:db:96:34:3b:71:22:19:
cb:5b:44:1c:e9:2e:0a:b7:23:21:2e:e0:ee:a3:7e:d6:1f:f9:
9f:21:f2:7c:c9:df:47:d9:2a:15:9b:ca:19:ab:25:cf:31:90:
72:e3:77:17:23:c1:95:b0:92:af:56:e7:0c:4c:1a:75:16:88:
3d:f1:40:0a:1f:6a:6f:62:74:4f:70:c6:18:7c:3a:c0:51:40:
b3:bd:c6:e2:a6:d8:28:c1:56:87:8a:4e:3d:cb:25:d2:3d:fc:
89:ca:ae:38:03:a8:e1:bc:31:cd:b3:c1:ad:86:bf:50:15:ac:
e8:fe:67:68:67:74:d1:f8:68:2f:2c:54:f7:c3:b3:0e:5e:21:
07:3c:3c:f6:57:78:7b:e4:b2:50:de:bd:4f:9b:26:c9:27:fd:
eb:73:9d:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFt3AYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZmVhOGRiZjIxNTg4YjVmMGM5NjQ3MWNlYTMzYjU0ZWQxMDkxN2U4MB4XDTIyMDEw
MTAxNTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZjOWM1MTE4OGIw
ZGUzMGQwNDk5MGNlYzcxMzAzYzVkNzhlODE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzDYEbq5KzGkCJvwD86eMJn71JFG0gh+/eQYILDdBiyvavW
X2U4f+Jqfi7B4SXPTRmXfcLCqRtk5IzB/D0xQSa57ZSNTN3YGNpTj0BMgDZPk9gj
p38Qxunc+i1CyRJP9tl4kqt4xf43ev2D9Brunzv411HERJGd5HKkRkvxdckN1NTl
3ZvwJ3GeY3sLIJ1fcNRnqvB12RCpn1+Edg9MtSDE/Sv1u26jRNzfEljbjOUU4Ld1
pAGXMZYli78dX2KcGP7RkmOtMCze7ZM2cSpK51GCa+DoU6PQbamBiuEUmW/81VtO
VOXfl4ISq5RFUP1hfaTdWYSuZa9+BqukmClP6PsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2ycURiLDeMNBJkM7HEwPF146BRzAfBgNVHSMEGDAWgBTP6o2/IViLXwyW
RxzqM7VO0QkX6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3otcU52eUZZaTE4TWxrY2M2ak8xVHRFSkYtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvMDMyNjg2LTBkMjQtNDY2MC1hZTcyLTczOTEyMDdlYWMzMy8x
L05zbkZFWWl3M2pEUVNaRE94eE1EeGRlT2dVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
MDMyNjg2LTBkMjQtNDY2MC1hZTcyLTczOTEyMDdlYWMzMy8xL3otcU52eUZZaTE4
TWxrY2M2ak8xVHRFSkYtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlQKDANBgkqhkiG9w0BAQsFAAOC
AQEAB2gwJ+fbhq7B94ZvFHtf+pEQ8AFrFNKXgUPgsw5X3I4mZ50dAWr4uX3Rn+Sw
yVfhICL5n6g2WSkJyRgsa2vcjjJjLGYln3AiUaZVhjMAULYhh0ULXQmmA+cNXBHj
rTiJ4MBBd6fbljQ7cSIZy1tEHOkuCrcjIS7g7qN+1h/5nyHyfMnfR9kqFZvKGasl
zzGQcuN3FyPBlbCSr1bnDEwadRaIPfFACh9qb2J0T3DGGHw6wFFAs73G4qbYKMFW
h4pOPcsl0j38icquOAOo4bwxzbPBrYa/UBWs6P5naGd00fhoLyxU98OzDl4hBzw8
9ld4e+SyUN69T5smySf963OdmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org