Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/tXS_XydlTCpGIJFbWqqxpP7U4VI.roa
File: tXS_XydlTCpGIJFbWqqxpP7U4VI.roa (raw, json)
Hash identifier: UfLUHJhabqB6JF815JO3zQi//+qwDwvaGlq0QjHPvfM=
Subject key identifier: B5:74:BF:5F:27:65:4C:2A:46:20:91:5B:5A:AA:B1:A4:FE:D4:E1:52
Certificate issuer: /CN=61b195d13050ff3c468a149778710b53582251d9
Certificate serial: 0183F0B9CC4F90AD398D113B58EB2FE9E6AD
Authority key identifier: 61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/tXS_XydlTCpGIJFbWqqxpP7U4VI.roa
Signing time: Wed 19 Oct 2022 14:50:51 +0000
ROA not before: Wed 19 Oct 2022 14:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202195
IP address blocks: 185.108.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:b9:cc:4f:90:ad:39:8d:11:3b:58:eb:2f:e9:e6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b195d13050ff3c468a149778710b53582251d9
Validity
Not Before: Oct 19 14:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b574bf5f27654c2a4620915b5aaab1a4fed4e152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:c1:77:97:3b:44:b5:09:1b:29:a9:a7:61:
38:70:5b:4f:ca:5d:84:be:cd:17:dc:8d:b2:46:c2:
65:a1:4c:87:d3:63:3b:ea:53:ab:d2:4f:f6:d4:f4:
68:49:e4:6c:11:d6:d3:06:75:af:f3:c9:92:74:2d:
0b:f0:08:9f:66:04:4d:9c:e5:dd:45:01:70:3f:19:
3d:07:99:dc:12:4e:0b:2c:ee:2d:c0:42:a7:3f:b9:
2d:bd:b6:3e:cd:7c:96:ae:13:5c:ea:dc:f9:8c:b2:
bb:81:b4:21:51:b8:87:68:73:65:e6:95:0e:8a:86:
a8:68:37:49:01:48:e0:63:c7:3e:67:5a:f5:5f:64:
5e:07:de:78:16:19:96:be:4e:63:9a:9b:21:aa:c3:
40:bd:e2:e6:c5:a9:51:d0:e3:30:b5:96:88:3b:e5:
57:40:62:49:00:91:1c:eb:62:7d:c3:16:6c:ba:43:
ec:f2:ec:cf:10:f7:78:bc:d7:e1:7c:ab:54:87:1a:
c2:39:8c:c1:60:9a:e6:0d:50:a8:cc:04:b6:5e:61:
31:86:0b:e8:82:df:f1:d3:53:0f:c3:9f:e3:0b:6b:
c0:bd:65:6b:ee:83:f7:ff:bf:fe:bd:d2:1d:d1:d6:
19:d7:f1:09:c0:5e:fe:c4:79:8b:c2:a4:f5:a5:f9:
5c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:74:BF:5F:27:65:4C:2A:46:20:91:5B:5A:AA:B1:A4:FE:D4:E1:52
X509v3 Authority Key Identifier:
keyid:61:B1:95:D1:30:50:FF:3C:46:8A:14:97:78:71:0B:53:58:22:51:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbGV0TBQ_zxGihSXeHELU1giUdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/tXS_XydlTCpGIJFbWqqxpP7U4VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2f3c19-56d5-4924-8bcb-bac472ab7b6a/1/YbGV0TBQ_zxGihSXeHELU1giUdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.8.0/22
Signature Algorithm: sha256WithRSAEncryption
32:90:c2:99:fe:9c:a0:1b:50:83:fc:10:20:f6:3f:71:c2:be:
32:d5:3a:47:cb:e0:6c:69:65:45:83:95:c8:a4:74:24:06:32:
31:49:db:7f:f5:2f:17:4f:34:4a:7f:de:07:40:3b:b1:ab:27:
9d:70:f4:96:47:66:d6:c7:42:ba:30:3e:f2:a8:3d:0a:09:56:
33:29:31:bc:6e:cf:64:53:b3:5c:15:c5:43:d4:21:7f:4d:b5:
e3:1b:0a:fa:4e:7a:66:65:3c:c5:9b:5f:b6:c4:94:c9:52:0a:
a7:7c:16:b0:de:2c:b0:88:08:31:af:1c:c1:63:aa:b3:66:57:
ed:fb:92:cc:a0:20:46:fd:be:d1:f1:3d:3e:46:12:a1:d7:95:
41:60:70:a0:57:89:13:5a:ba:a5:1b:b4:db:49:05:76:85:d0:
ec:fe:c1:44:71:0b:05:5c:ee:e1:a0:e2:3d:a1:1b:75:f0:66:
a8:d2:52:bb:a5:9e:6f:c7:0e:a3:c6:55:f7:f5:d3:ae:50:32:
43:19:64:2d:e5:29:ef:ef:60:40:31:e9:22:8f:3c:9f:4f:10:
75:91:d9:81:53:48:04:04:19:17:56:5f:f3:ee:6d:a4:11:f0:
31:d4:55:cd:05:50:21:8a:a0:d1:02:2a:d5:32:b2:58:31:16:
65:86:c0:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwucxPkK05jRE7WOsv6eatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjE5NWQxMzA1MGZmM2M0NjhhMTQ5Nzc4NzEwYjUzNTgy
MjUxZDkwHhcNMjIxMDE5MTQ1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc0YmY1ZjI3NjU0YzJhNDYyMDkxNWI1YWFhYjFhNGZlZDRlMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3nBd5c7RLUJGympp2E4cFtPyl2E
vs0X3I2yRsJloUyH02M76lOr0k/21PRoSeRsEdbTBnWv88mSdC0L8AifZgRNnOXd
RQFwPxk9B5ncEk4LLO4twEKnP7ktvbY+zXyWrhNc6tz5jLK7gbQhUbiHaHNl5pUO
ioaoaDdJAUjgY8c+Z1r1X2ReB954FhmWvk5jmpshqsNAveLmxalR0OMwtZaIO+VX
QGJJAJEc62J9wxZsukPs8uzPEPd4vNfhfKtUhxrCOYzBYJrmDVCozAS2XmExhgvo
gt/x01MPw5/jC2vAvWVr7oP3/7/+vdId0dYZ1/EJwF7+xHmLwqT1pflc5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLV0v18nZUwqRiCRW1qqsaT+1OFSMB8GA1UdIwQY
MBaAFGGxldEwUP88RooUl3hxC1NYIlHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2It
YmFjNDcyYWI3YjZhLzEvdFhTX1h5ZGxUQ3BHSUpGYldxcXhwUDdVNFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yZjNjMTktNTZkNS00OTI0LThiY2ItYmFjNDcyYWI3YjZh
LzEvWWJHVjBUQlFfenhHaWhTWGVIRUxVMWdpVWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWwIMA0G
CSqGSIb3DQEBCwUAA4IBAQAykMKZ/pygG1CD/BAg9j9xwr4y1TpHy+BsaWVFg5XI
pHQkBjIxSdt/9S8XTzRKf94HQDuxqyedcPSWR2bWx0K6MD7yqD0KCVYzKTG8bs9k
U7NcFcVD1CF/TbXjGwr6TnpmZTzFm1+2xJTJUgqnfBaw3iywiAgxrxzBY6qzZlft
+5LMoCBG/b7R8T0+RhKh15VBYHCgV4kTWrqlG7TbSQV2hdDs/sFEcQsFXO7hoOI9
oRt18Gao0lK7pZ5vxw6jxlX39dOuUDJDGWQt5Snv72BAMekijzyfTxB1kdmBU0gE
BBkXVl/z7m2kEfAx1FXNBVAhiqDRAirVMrJYMRZlhsD6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:23 2024 by rpki-client on console-fra.rpki-client.org