Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/DJb3PLwZPJBin3tWKBZoG0aBOu0.roa
File: DJb3PLwZPJBin3tWKBZoG0aBOu0.roa (raw, json)
Hash identifier: zxgolj9eOpFT89xs7gf/zH0IqmbM2Jap6ur9NLhL2q8=
Subject key identifier: 0C:96:F7:3C:BC:19:3C:90:62:9F:7B:56:28:16:68:1B:46:81:3A:ED
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 42AA9546
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/DJb3PLwZPJBin3tWKBZoG0aBOu0.roa
Signing time: Tue 26 Apr 2022 12:29:20 +0000
ROA not before: Tue 26 Apr 2022 12:29:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50819
IP address blocks: 185.18.224.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118475590 (0x42aa9546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 26 12:29:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c96f73cbc193c90629f7b562816681b46813aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:64:d3:38:a5:09:07:c8:a4:63:dd:04:2d:
83:0f:8a:fb:7d:16:31:46:47:d0:a4:03:7c:86:da:
13:dc:b1:15:87:2f:cd:56:33:99:aa:67:79:7a:04:
27:8c:db:65:e5:54:46:0d:8f:dc:16:49:45:b3:56:
96:93:88:4a:c3:2b:73:f8:e1:ec:aa:34:90:2b:14:
a7:48:16:05:4b:8a:57:ae:6c:29:79:b4:ed:8b:fa:
3c:5c:1f:4e:b6:6d:fb:e8:85:d9:32:4f:85:60:ca:
97:b4:eb:7d:72:cc:fb:2c:64:34:62:a5:ab:5c:2c:
69:90:3c:f1:db:b1:28:1a:dc:03:9a:c8:56:3c:dd:
01:01:66:c8:34:cd:6e:77:ca:51:57:61:bb:32:e8:
90:89:b2:94:16:0d:ba:66:7a:d6:d2:f0:cf:65:8e:
e9:df:d0:3e:a7:cc:39:e8:78:4e:1b:b4:98:08:95:
66:41:a2:fa:96:46:e5:b6:70:79:73:f9:89:c8:2b:
8a:a3:13:8e:49:54:e2:c8:ee:d1:91:da:c7:96:f6:
36:78:9e:d0:0d:82:6c:64:f2:ab:d6:cd:bb:3c:de:
23:fa:b7:12:4a:9c:4d:2a:25:13:a0:14:c3:e6:eb:
c7:c5:84:11:03:89:0a:98:2f:bc:00:e6:02:dd:4a:
ef:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:96:F7:3C:BC:19:3C:90:62:9F:7B:56:28:16:68:1B:46:81:3A:ED
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/DJb3PLwZPJBin3tWKBZoG0aBOu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.224.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:31:12:37:05:90:07:00:36:18:11:96:fc:1f:1d:0b:b2:76:
ec:1d:6a:20:8a:cb:c0:bf:55:d9:4d:40:88:d8:3e:a2:5b:16:
83:55:33:20:d4:3f:a2:a4:7c:c0:9c:87:1f:c8:1b:8b:4a:7f:
f9:ce:5f:f0:81:3d:48:43:01:2c:c6:a8:79:65:da:8d:3c:81:
36:10:b9:69:f1:12:b3:88:58:5c:5d:74:26:77:96:7e:52:63:
87:24:e3:92:e4:22:46:21:65:23:df:48:3e:96:ff:1b:8e:6b:
35:ec:4a:a8:b9:c7:95:96:16:68:ee:e4:9b:5c:89:16:bd:ca:
e0:8b:1e:4f:0a:10:39:f0:f7:8c:a0:2f:17:7c:52:ba:f6:eb:
cc:1a:45:9d:26:e4:e5:f1:7b:94:85:50:d4:fa:6b:f0:93:a7:
66:01:ff:89:80:8c:ba:48:3b:62:59:40:03:59:8b:1f:e3:71:
fc:6c:2c:fb:db:fa:fb:9e:35:4f:56:d0:d5:0c:01:77:eb:0d:
8d:b2:7a:8a:5c:4a:9c:20:94:8d:9d:ac:47:54:d3:c2:cc:7e:
6c:90:3f:28:0a:ce:bf:9c:1f:0a:ec:ba:be:b6:c6:d0:05:be:
b2:e9:3b:1c:e5:43:06:72:69:50:4d:2d:76:92:48:f2:74:c8:
38:03:60:7d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQqqVRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDQy
NjEyMjkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM5NmY3M2NiYzE5
M2M5MDYyOWY3YjU2MjgxNjY4MWI0NjgxM2FlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi0ZNM4pQkHyKRj3QQtgw+K+30WMUZH0KQDfIbaE9yxFYcv
zVYzmapneXoEJ4zbZeVURg2P3BZJRbNWlpOISsMrc/jh7Ko0kCsUp0gWBUuKV65s
KXm07Yv6PFwfTrZt++iF2TJPhWDKl7TrfXLM+yxkNGKlq1wsaZA88duxKBrcA5rI
VjzdAQFmyDTNbnfKUVdhuzLokImylBYNumZ61tLwz2WO6d/QPqfMOeh4Thu0mAiV
ZkGi+pZG5bZweXP5icgriqMTjklU4sju0ZHax5b2Nnie0A2CbGTyq9bNuzzeI/q3
EkqcTSolE6AUw+brx8WEEQOJCpgvvADmAt1K74sCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQMlvc8vBk8kGKfe1YoFmgbRoE67TAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9ESmIzUEx3WlBKQmluM3RXS0Jab0cwYUJPdTAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRLgMA0GCSqGSIb3DQEBCwUA
A4IBAQBvMRI3BZAHADYYEZb8Hx0LsnbsHWogisvAv1XZTUCI2D6iWxaDVTMg1D+i
pHzAnIcfyBuLSn/5zl/wgT1IQwEsxqh5ZdqNPIE2ELlp8RKziFhcXXQmd5Z+UmOH
JOOS5CJGIWUj30g+lv8bjms17EqouceVlhZo7uSbXIkWvcrgix5PChA58PeMoC8X
fFK69uvMGkWdJuTl8XuUhVDU+mvwk6dmAf+JgIy6SDtiWUADWYsf43H8bCz72/r7
njVPVtDVDAF36w2NsnqKXEqcIJSNnaxHVNPCzH5skD8oCs6/nB8K7Lq+tsbQBb6y
6Tsc5UMGcmlQTS12kkjydMg4A2B9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org