Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/P85o_U96L5p6oa2VAYLQkzPLhZI.roa
File: P85o_U96L5p6oa2VAYLQkzPLhZI.roa (raw, json)
Hash identifier: 9TpasIVeGIScnMtkQyud2RHoSROeCYR8cHleJdRKgOo=
Subject key identifier: 3F:CE:68:FD:4F:7A:2F:9A:7A:A1:AD:95:01:82:D0:93:33:CB:85:92
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 018CC56E9CEB994F50FA9C1144AE111E10B7
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/P85o_U96L5p6oa2VAYLQkzPLhZI.roa
Signing time: Mon 01 Jan 2024 14:30:09 +0000
ROA not before: Mon 01 Jan 2024 14:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.80.42.0/24 maxlen: 24
185.80.43.0/24 maxlen: 24
185.80.40.0/24 maxlen: 24
185.80.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:9c:eb:99:4f:50:fa:9c:11:44:ae:11:1e:10:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jan 1 14:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fce68fd4f7a2f9a7aa1ad950182d09333cb8592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:09:f7:0d:fb:9d:5d:b6:55:d5:db:7a:6a:24:
fc:c4:9a:71:e0:69:59:be:82:4c:bb:45:ea:4a:c9:
73:79:6c:aa:de:bd:8b:d4:a1:a0:62:dd:11:84:d5:
fd:f6:b7:05:cc:0d:6e:7e:92:a7:3b:94:f1:35:cb:
f8:e9:59:10:24:db:32:f7:38:bf:dc:ee:fb:f6:53:
6e:09:9a:b2:f8:9e:13:28:eb:47:12:11:ca:d5:09:
7e:13:70:77:fe:be:be:be:be:ae:18:a1:de:d0:69:
76:76:2f:24:08:c1:4d:15:93:3e:18:68:c1:8f:eb:
d5:2d:4a:69:a4:39:39:a5:ad:a9:30:84:f5:3a:a0:
c5:99:d9:4c:6f:71:7b:88:4a:98:cc:89:fc:00:96:
1d:9f:65:59:a5:cb:3a:dc:a4:d6:6b:ea:d2:d4:1b:
06:32:ae:ef:0d:a8:5a:5d:8b:4d:b1:81:60:da:6f:
1d:55:ae:23:80:c5:93:fb:c1:d6:53:88:74:40:d8:
9b:16:30:c5:0e:78:1b:53:8e:48:af:3f:3f:50:bb:
21:4f:f4:ae:22:99:99:c5:c7:07:e3:c8:80:f4:0e:
95:50:f0:38:eb:69:4a:91:f3:06:fb:51:38:73:7f:
2e:93:9c:fa:dd:d2:fb:04:06:3d:04:ee:ec:31:33:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CE:68:FD:4F:7A:2F:9A:7A:A1:AD:95:01:82:D0:93:33:CB:85:92
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/P85o_U96L5p6oa2VAYLQkzPLhZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:44:ad:b0:c6:a0:05:9a:ec:b0:03:bd:d5:01:ca:a2:e5:8d:
77:e6:2b:a5:61:94:6c:da:1f:cc:27:e7:06:c9:43:6d:95:e8:
71:be:12:86:b1:87:4d:c2:92:df:6a:27:25:03:28:73:c4:78:
da:78:9f:3a:94:15:31:ed:cd:42:0c:48:9d:2d:4f:3d:0b:90:
8b:da:8b:35:1f:c0:ff:fa:f8:59:26:3c:3c:3a:3a:69:11:f0:
7f:5a:67:6c:0b:9e:26:8b:17:07:dd:81:45:9b:bf:de:e0:17:
e5:14:df:8a:ba:a0:a8:60:09:56:bd:99:a9:a2:ce:9f:ae:29:
e9:9f:a4:06:b0:60:e0:ad:0b:8d:a5:8b:3e:55:64:3a:b4:50:
4c:52:8c:af:dd:ad:8b:83:13:1c:04:a3:2d:ab:59:b4:6d:b7:
d7:bb:88:36:d6:58:43:8d:23:f5:de:4a:4b:fd:f7:40:b0:b2:
fd:f1:83:97:c0:01:6f:e0:8d:9b:8a:a3:97:6a:98:81:49:24:
e4:4a:78:37:4b:c8:6e:b9:83:33:07:89:7a:f5:d2:50:c6:22:
83:68:d4:03:e1:e5:95:21:45:9c:7a:19:7a:fe:c7:5e:c3:88:
ec:0d:d8:f3:d2:bd:4a:5b:5b:2c:f9:5b:5b:e4:7d:40:86:18:
f6:b8:de:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbpzrmU9Q+pwRRK4RHhC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjQwMTAxMTQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNlNjhmZDRmN2EyZjlhN2FhMWFkOTUwMTgyZDA5MzMzY2I4NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAn3DfudXbZV1dt6aiT8xJpx4GlZ
voJMu0XqSslzeWyq3r2L1KGgYt0RhNX99rcFzA1ufpKnO5TxNcv46VkQJNsy9zi/
3O779lNuCZqy+J4TKOtHEhHK1Ql+E3B3/r6+vr6uGKHe0Gl2di8kCMFNFZM+GGjB
j+vVLUpppDk5pa2pMIT1OqDFmdlMb3F7iEqYzIn8AJYdn2VZpcs63KTWa+rS1BsG
Mq7vDahaXYtNsYFg2m8dVa4jgMWT+8HWU4h0QNibFjDFDngbU45Irz8/ULshT/Su
IpmZxccH48iA9A6VUPA462lKkfMG+1E4c38uk5z63dL7BAY9BO7sMTNafQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/OaP1Pei+aeqGtlQGC0JMzy4WSMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvUDg1b19VOTZMNXA2b2EyVkFZTFFrelBMaFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQA6RK2wxqAFmuywA73VAcqi5Y135iulYZRs2h/MJ+cG
yUNtlehxvhKGsYdNwpLfaiclAyhzxHjaeJ86lBUx7c1CDEidLU89C5CL2os1H8D/
+vhZJjw8OjppEfB/WmdsC54mixcH3YFFm7/e4BflFN+KuqCoYAlWvZmpos6frinp
n6QGsGDgrQuNpYs+VWQ6tFBMUoyv3a2LgxMcBKMtq1m0bbfXu4g21lhDjSP13kpL
/fdAsLL98YOXwAFv4I2biqOXapiBSSTkSng3S8huuYMzB4l69dJQxiKDaNQD4eWV
IUWcehl6/sdew4jsDdjz0r1KW1ss+Vtb5H1Ahhj2uN4Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org