Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/exyZ7Tr-ePQ8A1vdjVl6zdn_e0w.roa
File: exyZ7Tr-ePQ8A1vdjVl6zdn_e0w.roa (raw, json)
Hash identifier: t6TAjtrRmXAHTnkdnOlqTXPRZmorYGP3/taW1GFNdFQ=
Subject key identifier: 7B:1C:99:ED:3A:FE:78:F4:3C:03:5B:DD:8D:59:7A:CD:D9:FF:7B:4C
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 01856E8B108B514B7C3E43FCD1A6029F760C
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/exyZ7Tr-ePQ8A1vdjVl6zdn_e0w.roa
Signing time: Sun 01 Jan 2023 18:14:45 +0000
ROA not before: Sun 01 Jan 2023 18:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201272
IP address blocks: 185.80.42.0/24 maxlen: 24
185.80.41.0/24 maxlen: 24
185.80.40.0/24 maxlen: 24
185.80.40.0/23 maxlen: 23
185.80.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:10:8b:51:4b:7c:3e:43:fc:d1:a6:02:9f:76:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jan 1 18:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b1c99ed3afe78f43c035bdd8d597acdd9ff7b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:55:f3:00:64:71:41:6d:2c:08:f8:5e:51:
66:86:19:01:50:8f:74:aa:f3:2e:b3:f7:f6:fb:8a:
c6:b9:f6:57:b3:20:83:76:7a:24:c5:6e:21:38:73:
9c:35:1c:56:b4:dd:42:f8:59:6d:54:f6:3a:99:32:
32:be:53:f3:df:c7:54:9d:28:ef:5a:11:a2:11:d6:
86:24:eb:93:f5:ce:53:c0:58:2e:02:84:de:6c:00:
1e:be:6d:81:7c:67:3a:e3:8b:23:75:3c:83:7e:c7:
9d:f6:c2:0a:c2:84:3a:b6:fc:b2:c9:33:d4:fc:50:
b8:20:bc:31:b2:7e:3f:19:23:31:ad:ec:27:f1:fe:
c3:b7:1f:fa:9a:df:3e:41:83:59:a1:fa:61:bb:b5:
52:6d:89:55:8b:05:6c:6a:04:da:38:e8:75:9a:10:
3e:55:ba:5c:ae:4d:2a:4a:d5:02:54:04:b0:0c:b7:
ab:d1:4e:05:f0:a7:70:e7:f9:0d:46:e7:71:40:26:
0c:07:58:a3:f1:39:db:12:fb:0a:15:d9:9f:0e:76:
03:25:d3:e8:7f:c5:4d:ea:f1:4e:98:9c:f8:12:b0:
a7:01:0c:9d:c0:f0:35:56:82:6b:c7:f5:9c:f9:e4:
ff:ec:46:eb:bf:da:57:3a:a0:76:24:34:47:b7:a2:
db:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1C:99:ED:3A:FE:78:F4:3C:03:5B:DD:8D:59:7A:CD:D9:FF:7B:4C
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/exyZ7Tr-ePQ8A1vdjVl6zdn_e0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
78:5f:4d:bd:90:d1:30:8e:2b:27:84:5d:5a:e7:af:8f:7a:23:
b0:0d:16:2c:30:9b:e6:a2:40:a7:21:a5:00:9e:da:a0:74:45:
ac:81:24:82:e1:05:d6:52:9a:eb:60:73:53:f7:a1:74:e3:73:
7e:94:9e:e3:d0:85:62:33:35:07:ba:8a:5e:95:67:be:12:60:
9f:a9:1a:59:a5:36:ad:b5:8d:69:42:ce:d3:dd:9d:68:7f:8d:
28:0b:55:f2:f1:d9:f9:f5:c6:3e:6d:26:b3:0a:3a:91:ff:c5:
c7:e0:6f:7e:ba:e2:06:a5:d6:60:92:71:fd:e6:4c:5e:81:13:
76:e3:bd:c8:51:5f:bc:dd:c6:20:9f:06:65:88:a3:e8:c1:3d:
6b:4a:b3:53:c1:66:e0:c9:94:83:8d:ce:61:36:77:8c:be:d1:
53:03:f1:09:ca:c6:5e:08:ce:97:0f:2d:34:ee:20:20:5a:9e:
7f:d8:5e:40:76:e1:37:9e:6a:39:7e:13:ca:57:dd:ed:ec:42:
ef:1f:e3:2f:07:8d:81:2d:39:8c:26:96:18:1a:fd:49:9c:e1:
84:97:19:a3:c6:b8:72:23:29:f8:8c:35:28:b7:5d:d0:ee:f6:
3b:fe:48:ab:dc:91:a9:5f:89:8b:ad:7f:2c:46:30:df:8e:45:
07:a2:f9:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuixCLUUt8PkP80aYCn3YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjMwMTAxMTgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFjOTllZDNhZmU3OGY0M2MwMzViZGQ4ZDU5N2FjZGQ5ZmY3YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue9V8wBkcUFtLAj4XlFmhhkBUI90
qvMus/f2+4rGufZXsyCDdnokxW4hOHOcNRxWtN1C+FltVPY6mTIyvlPz38dUnSjv
WhGiEdaGJOuT9c5TwFguAoTebAAevm2BfGc644sjdTyDfsed9sIKwoQ6tvyyyTPU
/FC4ILwxsn4/GSMxrewn8f7Dtx/6mt8+QYNZofphu7VSbYlViwVsagTaOOh1mhA+
Vbpcrk0qStUCVASwDLer0U4F8Kdw5/kNRudxQCYMB1ij8TnbEvsKFdmfDnYDJdPo
f8VN6vFOmJz4ErCnAQydwPA1VoJrx/Wc+eT/7Ebrv9pXOqB2JDRHt6LbYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHscme06/nj0PANb3Y1Zes3Z/3tMMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvZXh5WjdUci1lUFE4QTF2ZGpWbDZ6ZG5fZTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQB4X029kNEwjisnhF1a56+PeiOwDRYsMJvmokCnIaUA
ntqgdEWsgSSC4QXWUprrYHNT96F043N+lJ7j0IViMzUHuopelWe+EmCfqRpZpTat
tY1pQs7T3Z1of40oC1Xy8dn59cY+bSazCjqR/8XH4G9+uuIGpdZgknH95kxegRN2
473IUV+83cYgnwZliKPowT1rSrNTwWbgyZSDjc5hNneMvtFTA/EJysZeCM6XDy00
7iAgWp5/2F5AduE3nmo5fhPKV93t7ELvH+MvB42BLTmMJpYYGv1JnOGElxmjxrhy
Iyn4jDUot13Q7vY7/kir3JGpX4mLrX8sRjDfjkUHovnq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org