Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/l9-CfHo_BgOQrjMoP1Xevl9zfdU.roa
File: l9-CfHo_BgOQrjMoP1Xevl9zfdU.roa (raw, json)
Hash identifier: SrgS7UyEU1NTNHAqpAwEBvjjwIUFMj54s5bZ8nCFSoM=
Subject key identifier: 97:DF:82:7C:7A:3F:06:03:90:AE:33:28:3F:55:DE:BE:5F:73:7D:D5
Certificate issuer: /CN=994efc4ce36fc443dc5816274eac1d7693029081
Certificate serial: 1006136E
Authority key identifier: 99:4E:FC:4C:E3:6F:C4:43:DC:58:16:27:4E:AC:1D:76:93:02:90:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mU78TONvxEPcWBYnTqwddpMCkIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/l9-CfHo_BgOQrjMoP1Xevl9zfdU.roa
Signing time: Fri 28 Jan 2022 14:23:46 +0000
ROA not before: Fri 28 Jan 2022 14:23:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49142
IP address blocks: 185.139.216.0/23 maxlen: 24
185.139.216.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268833646 (0x1006136e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994efc4ce36fc443dc5816274eac1d7693029081
Validity
Not Before: Jan 28 14:23:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97df827c7a3f060390ae33283f55debe5f737dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3d:69:1d:25:2d:67:1f:aa:27:f8:d5:01:0f:
4f:d7:bc:9a:36:a3:de:87:fc:2c:59:20:2f:86:26:
05:92:8c:b1:10:89:6d:7c:67:fd:b1:50:86:04:c6:
48:66:a0:49:59:6d:ab:30:b0:67:fe:61:c2:fd:08:
ff:63:46:20:3c:e0:7e:27:7a:cb:82:96:f8:a9:29:
9c:d8:30:a9:63:48:b2:c0:aa:65:80:06:e4:55:0d:
3a:6d:cd:91:8c:cc:99:67:fd:ea:35:e7:c0:ef:61:
3b:b4:37:f2:5b:95:90:30:18:0b:3b:ad:8f:21:c4:
64:e5:4c:6c:fe:b9:75:69:00:09:48:99:42:f6:15:
f6:95:ab:31:8d:7a:37:9f:ba:2f:fd:c3:0d:a6:64:
2d:11:65:f4:95:b2:55:f8:72:6f:86:3e:d8:5b:6c:
1c:c2:84:31:a0:bc:9b:2a:d6:45:d2:15:8e:86:8d:
06:61:30:94:87:f4:12:a5:22:c2:a9:8e:e3:7d:3c:
93:2d:86:6a:d2:4f:07:de:52:24:3d:89:83:30:aa:
c9:c6:eb:36:4e:cd:70:03:dd:1c:a7:f6:c6:66:7c:
4a:3e:57:27:3e:61:4f:2b:b5:81:3e:be:56:49:52:
68:1e:54:f0:1b:ed:1a:78:93:90:f7:f6:82:f4:44:
47:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DF:82:7C:7A:3F:06:03:90:AE:33:28:3F:55:DE:BE:5F:73:7D:D5
X509v3 Authority Key Identifier:
keyid:99:4E:FC:4C:E3:6F:C4:43:DC:58:16:27:4E:AC:1D:76:93:02:90:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mU78TONvxEPcWBYnTqwddpMCkIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/l9-CfHo_BgOQrjMoP1Xevl9zfdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/e439ca-519d-432c-b96a-3d2fb810e191/1/mU78TONvxEPcWBYnTqwddpMCkIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.216.0/22
Signature Algorithm: sha256WithRSAEncryption
42:33:36:7f:08:34:c4:9e:5d:bf:cb:d1:a2:7e:2f:f4:75:31:
8d:cb:32:94:2a:32:a7:c9:23:79:19:18:71:18:a9:47:1b:af:
f4:a8:9f:7a:38:e8:94:99:24:02:26:63:dd:2c:20:22:ff:b2:
7b:2c:bc:a8:6c:ad:78:aa:b0:43:ba:be:40:02:50:cd:aa:2f:
e7:75:ac:43:65:25:13:a5:d8:fb:36:09:59:e9:73:a7:54:ec:
76:4a:b1:8e:a9:ed:f3:a0:dc:23:55:11:83:f7:dd:c3:54:2f:
9d:e2:dc:7d:ef:ac:e2:f7:dc:8e:a5:ab:ec:d9:33:f2:d7:1a:
2b:de:cd:b7:59:ad:19:47:11:18:5d:40:58:99:6f:1f:22:a6:
69:aa:0b:77:e2:5e:67:3a:4a:61:bd:a7:0c:a0:52:68:65:45:
f3:3f:c1:0d:18:de:1a:6c:b7:1b:c5:1a:ec:1c:98:d8:c3:ff:
46:63:08:76:09:1d:93:49:8f:fb:08:f4:05:6a:1a:d4:49:6a:
b4:cb:ca:7b:85:14:c3:98:00:f0:d5:5f:2b:27:e3:f7:a3:4d:
d6:15:3e:68:2f:3f:35:5a:39:51:43:07:e3:bb:de:96:0d:8b:
8e:ef:01:6f:41:e0:71:06:99:2b:00:6c:25:23:00:d6:ae:06:
60:84:1d:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEAYTbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTRlZmM0Y2UzNmZjNDQzZGM1ODE2Mjc0ZWFjMWQ3NjkzMDI5MDgxMB4XDTIyMDEy
ODE0MjM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdkZjgyN2M3YTNm
MDYwMzkwYWUzMzI4M2Y1NWRlYmU1ZjczN2RkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALg9aR0lLWcfqif41QEPT9e8mjaj3of8LFkgL4YmBZKMsRCJ
bXxn/bFQhgTGSGagSVltqzCwZ/5hwv0I/2NGIDzgfid6y4KW+KkpnNgwqWNIssCq
ZYAG5FUNOm3NkYzMmWf96jXnwO9hO7Q38luVkDAYCzutjyHEZOVMbP65dWkACUiZ
QvYV9pWrMY16N5+6L/3DDaZkLRFl9JWyVfhyb4Y+2FtsHMKEMaC8myrWRdIVjoaN
BmEwlIf0EqUiwqmO4308ky2GatJPB95SJD2JgzCqycbrNk7NcAPdHKf2xmZ8Sj5X
Jz5hTyu1gT6+VklSaB5U8BvtGniTkPf2gvRER+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSX34J8ej8GA5CuMyg/Vd6+X3N91TAfBgNVHSMEGDAWgBSZTvxM42/EQ9xY
FidOrB12kwKQgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21VNzhUT052eEVQY1dCWW5UcXdkZHBNQ2tJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvZTQzOWNhLTUxOWQtNDMyYy1iOTZhLTNkMmZiODEwZTE5MS8x
L2w5LUNmSG9fQmdPUXJqTW9QMVhldmw5emZkVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
ZTQzOWNhLTUxOWQtNDMyYy1iOTZhLTNkMmZiODEwZTE5MS8xL21VNzhUT052eEVQ
Y1dCWW5UcXdkZHBNQ2tJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmL2DANBgkqhkiG9w0BAQsFAAOC
AQEAQjM2fwg0xJ5dv8vRon4v9HUxjcsylCoyp8kjeRkYcRipRxuv9KifejjolJkk
AiZj3SwgIv+yeyy8qGyteKqwQ7q+QAJQzaov53WsQ2UlE6XY+zYJWelzp1Tsdkqx
jqnt86DcI1URg/fdw1QvneLcfe+s4vfcjqWr7Nkz8tcaK97Nt1mtGUcRGF1AWJlv
HyKmaaoLd+JeZzpKYb2nDKBSaGVF8z/BDRjeGmy3G8Ua7ByY2MP/RmMIdgkdk0mP
+wj0BWoa1ElqtMvKe4UUw5gA8NVfKyfj96NN1hU+aC8/NVo5UUMH47velg2Lju8B
b0HgcQaZKwBsJSMA1q4GYIQd1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:14 2024 by rpki-client on console-fra.rpki-client.org