Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/WfwaQfWjlLRuor878fcAQxt_mdo.roa
File: WfwaQfWjlLRuor878fcAQxt_mdo.roa (raw, json)
Hash identifier: taPZRTh2YZorLEHjKmw1jCe1zul9FuPUQ/BBb/5KWl8=
Subject key identifier: 59:FC:1A:41:F5:A3:94:B4:6E:A2:BF:3B:F1:F7:00:43:1B:7F:99:DA
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 018650AC45C4B69E4D51CDE61B32FC51A74B
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/WfwaQfWjlLRuor878fcAQxt_mdo.roa
Signing time: Tue 14 Feb 2023 16:05:12 +0000
ROA not before: Tue 14 Feb 2023 16:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57588
IP address blocks: 185.80.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:ac:45:c4:b6:9e:4d:51:cd:e6:1b:32:fc:51:a7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Feb 14 16:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59fc1a41f5a394b46ea2bf3bf1f700431b7f99da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:0b:bd:c5:14:96:48:72:5c:c4:13:b8:ff:
b3:0c:d9:ec:0e:85:7a:3e:17:3f:3a:15:4a:f6:fd:
fd:0c:9d:55:a4:87:14:9d:51:33:5f:6e:c6:a1:6e:
20:97:4d:84:bb:1b:f4:4a:c8:d0:98:54:80:6d:98:
f0:37:56:57:99:d0:27:67:8d:a0:cd:cf:37:05:31:
1c:af:de:29:bc:b4:bb:e5:ea:56:b9:06:2f:86:71:
83:66:b1:04:77:62:1a:bb:89:d3:29:bd:71:07:9f:
41:88:f0:f3:dd:0b:f8:bb:07:37:cb:90:98:9f:ae:
a5:2c:c9:62:8f:49:a4:95:e5:b7:53:ff:84:c1:b0:
d1:36:c5:9e:20:ec:dd:c4:cf:e2:89:ec:82:af:4e:
e2:0b:70:a4:49:cb:84:b9:77:75:04:64:cf:19:9d:
08:ec:51:6c:8c:1d:6a:e5:ca:f1:be:fa:36:60:fe:
53:e9:34:1b:1e:84:1b:b3:86:89:a4:d9:fc:84:d7:
50:75:83:d0:7f:c3:4f:60:1c:0b:9f:e3:f8:0c:5a:
6b:ac:3e:62:40:60:2b:62:03:3a:7f:97:52:68:28:
72:bb:e4:48:02:90:15:37:5b:46:2e:80:be:fc:7a:
1f:97:ae:4a:0f:9e:ed:e0:b7:e3:89:f2:7c:7b:9e:
77:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FC:1A:41:F5:A3:94:B4:6E:A2:BF:3B:F1:F7:00:43:1B:7F:99:DA
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/WfwaQfWjlLRuor878fcAQxt_mdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
33:21:f1:73:06:39:70:5e:1e:0e:ec:e0:99:54:ad:a9:be:13:
a3:d0:6a:26:b4:66:97:96:6b:ce:4a:42:08:e9:8e:a9:4f:9c:
37:e3:7c:cd:73:1a:e8:69:43:72:69:55:93:5a:ec:63:06:3c:
b1:19:24:7f:18:8f:a7:73:3a:15:c3:52:84:57:53:cf:e0:f2:
a8:cd:5a:de:7b:da:87:44:df:dc:18:07:42:09:ab:60:12:35:
f0:a4:ca:11:4e:10:8e:46:67:01:9d:0e:74:53:ed:ba:b4:46:
3b:59:4f:24:5b:8b:b8:bd:3d:52:44:17:bc:52:0b:cb:d1:ef:
ca:01:88:38:e7:f1:fd:44:04:90:bf:af:6d:6e:23:78:11:f6:
b6:ad:07:26:26:66:d1:15:51:a2:cd:43:56:fb:6a:b9:ef:89:
d0:c9:d8:dc:e9:b6:76:76:bf:18:ef:51:14:4e:81:6f:07:17:
46:84:b8:c4:d2:1b:ac:97:e8:cd:fa:bd:1a:b4:ab:79:52:50:
17:8f:0f:e8:7e:1f:9b:48:f9:43:1f:03:bb:59:15:5a:ca:e9:
b1:86:fa:69:c1:72:59:cd:c5:ad:bf:ee:ab:d1:c2:94:8d:6e:
98:4c:ea:1e:f8:7b:3c:c6:ec:47:a1:ea:98:f0:44:4b:d6:81:
90:8d:d3:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZQrEXEtp5NUc3mGzL8UadLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjMwMjE0MTYwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZjMWE0MWY1YTM5NGI0NmVhMmJmM2JmMWY3MDA0MzFiN2Y5OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXULvcUUlkhyXMQTuP+zDNnsDoV6
Phc/OhVK9v39DJ1VpIcUnVEzX27GoW4gl02Euxv0SsjQmFSAbZjwN1ZXmdAnZ42g
zc83BTEcr94pvLS75epWuQYvhnGDZrEEd2Iau4nTKb1xB59BiPDz3Qv4uwc3y5CY
n66lLMlij0mkleW3U/+EwbDRNsWeIOzdxM/iieyCr07iC3CkScuEuXd1BGTPGZ0I
7FFsjB1q5crxvvo2YP5T6TQbHoQbs4aJpNn8hNdQdYPQf8NPYBwLn+P4DFprrD5i
QGArYgM6f5dSaChyu+RIApAVN1tGLoC+/Hofl65KD57t4LfjifJ8e553BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn8GkH1o5S0bqK/O/H3AEMbf5naMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvV2Z3YVFmV2psTFJ1b3I4NzhmY0FReHRfbWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQAzIfFzBjlwXh4O7OCZVK2pvhOj0GomtGaXlmvOSkII
6Y6pT5w343zNcxroaUNyaVWTWuxjBjyxGSR/GI+nczoVw1KEV1PP4PKozVree9qH
RN/cGAdCCatgEjXwpMoRThCORmcBnQ50U+26tEY7WU8kW4u4vT1SRBe8UgvL0e/K
AYg45/H9RASQv69tbiN4Efa2rQcmJmbRFVGizUNW+2q574nQydjc6bZ2dr8Y71EU
ToFvBxdGhLjE0husl+jN+r0atKt5UlAXjw/ofh+bSPlDHwO7WRVayumxhvppwXJZ
zcWtv+6r0cKUjW6YTOoe+Hs8xuxHoeqY8ERL1oGQjdPl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org