Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-uVx284NDg0PWlNyHLNsoVy_Xx8.roa
File: 1-uVx284NDg0PWlNyHLNsoVy_Xx8.roa (raw, json)
Hash identifier: NOHRQGgRVuDvWZKvwvG+u+jeyx9YknFe/Q46YGZZZm8=
Subject key identifier: FA:E5:71:DB:CE:0D:0E:0D:0F:5A:53:72:1C:B3:6C:A1:5C:BF:5F:1F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04550FA4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-uVx284NDg0PWlNyHLNsoVy_Xx8.roa
Signing time: Wed 25 May 2022 07:46:13 +0000
ROA not before: Wed 25 May 2022 07:46:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.225.21.0/24 maxlen: 24
185.218.21.0/24 maxlen: 24
185.214.110.0/24 maxlen: 24
185.214.109.0/24 maxlen: 24
185.194.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72683428 (0x4550fa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 25 07:46:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fae571dbce0d0e0d0f5a53721cb36ca15cbf5f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:41:5c:24:07:3b:13:c0:25:e0:91:9a:85:
9e:66:fa:40:f0:19:f2:25:78:5c:03:f1:1c:98:5d:
ea:41:40:30:44:3e:b5:e7:38:4d:62:d7:d6:4d:4b:
6a:f8:38:ba:32:45:59:29:7b:77:72:10:ed:78:01:
9f:a9:87:f2:73:c3:d3:96:07:7a:b3:0e:7a:d1:41:
f1:89:92:47:41:f2:d1:64:a6:1d:bb:8d:24:85:08:
2a:73:87:aa:f8:5a:61:27:86:b2:72:ea:ef:86:bb:
8e:48:3f:c5:1e:3f:e9:13:73:5c:b9:75:c3:61:85:
2f:47:66:93:c4:df:c6:29:8c:dd:d5:4c:f8:b3:f9:
d3:c2:f7:db:75:ef:60:ef:21:f8:49:9e:02:7a:b9:
57:8a:4f:b7:f9:03:78:c4:4f:1d:1b:4f:87:86:bd:
b1:b2:be:e2:e8:be:84:76:42:dd:0c:b2:fc:6f:6a:
01:52:32:d4:56:c9:9f:bd:70:fc:92:56:13:df:54:
3c:8e:9e:a4:92:2a:8d:a6:a6:6e:0a:4b:75:80:6b:
9d:2a:ef:7a:98:d3:bd:ca:7b:a6:a5:db:11:e3:7c:
97:e9:a8:fe:16:3d:e9:6d:c1:c8:e0:e2:3b:4e:41:
da:e5:3a:9e:0b:1a:5c:c2:9a:b3:0c:9a:21:da:20:
6f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E5:71:DB:CE:0D:0E:0D:0F:5A:53:72:1C:B3:6C:A1:5C:BF:5F:1F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1-uVx284NDg0PWlNyHLNsoVy_Xx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.179.0/24
185.214.109.0-185.214.110.255
185.218.21.0/24
185.225.21.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:90:51:eb:86:0d:d9:dc:2b:5d:8d:c5:14:29:60:83:6f:3e:
d3:04:3d:00:c3:1e:7d:93:63:0d:e1:23:76:f0:f7:1c:d6:84:
e8:b0:b3:72:1d:86:9b:7f:46:0a:26:21:78:b9:a9:d3:2d:34:
6b:aa:9a:04:78:4e:27:8f:d6:fe:5d:a0:f6:36:49:70:64:b0:
9a:38:4e:f2:6b:95:17:6b:8a:f5:8f:2c:b9:60:48:b2:24:4e:
48:1d:05:d7:0a:c1:1c:fd:20:a4:c7:f2:d3:d4:75:b0:35:6b:
f6:62:76:e4:a2:07:b2:84:5a:42:cd:32:9a:b0:b7:13:ce:3a:
57:8c:42:8a:10:5a:5c:71:fc:df:21:8e:a6:50:bc:f5:dd:2c:
89:33:e5:9f:7e:c6:7f:cd:c6:79:80:fa:6c:95:e9:3a:66:05:
41:81:38:77:12:6e:52:42:5c:ba:36:a8:80:68:a7:be:d5:c8:
73:4e:5f:5d:4f:b0:8d:6f:4e:22:56:3e:2a:2f:b7:51:d8:db:
8d:13:1d:d2:47:12:65:91:17:ee:7e:9b:64:c1:fe:a5:a4:5d:
8c:ce:71:a2:ef:9b:06:51:f6:72:b6:0e:f2:89:2e:b9:28:30:
0f:a8:61:1e:d2:5e:b3:36:34:1c:4e:f6:53:29:2a:3c:a3:8c:
9e:4d:5d:0f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBFUPpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDUy
NTA3NDYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFlNTcxZGJjZTBk
MGUwZDBmNWE1MzcyMWNiMzZjYTE1Y2JmNWYxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKv7QVwkBzsTwCXgkZqFnmb6QPAZ8iV4XAPxHJhd6kFAMEQ+
tec4TWLX1k1Lavg4ujJFWSl7d3IQ7XgBn6mH8nPD05YHerMOetFB8YmSR0Hy0WSm
HbuNJIUIKnOHqvhaYSeGsnLq74a7jkg/xR4/6RNzXLl1w2GFL0dmk8TfximM3dVM
+LP508L323XvYO8h+EmeAnq5V4pPt/kDeMRPHRtPh4a9sbK+4ui+hHZC3Qyy/G9q
AVIy1FbJn71w/JJWE99UPI6epJIqjaambgpLdYBrnSrvepjTvcp7pqXbEeN8l+mo
/hY96W3ByODiO05B2uU6ngsaXMKaswyaIdogb0UCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBT65XHbzg0ODQ9aU3Ics2yhXL9fHzAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
LzEtdVZ4Mjg0TkRnMFBXbE55SExOc29WeV9YeDgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM1
L2FhNThjMy1lNzA2LTRhNDktYTdjNS0wYWUyZTkyMmEyOTIvMS9Ob3Y3aWw3dVNR
Z3VwaWpmSmFTbDFRODZxYk0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAC5wrMwDAMEALnWbQMEALnWbgME
ALnaFQMEALnhFTANBgkqhkiG9w0BAQsFAAOCAQEAbpBR64YN2dwrXY3FFClgg28+
0wQ9AMMefZNjDeEjdvD3HNaE6LCzch2Gm39GCiYheLmp0y00a6qaBHhOJ4/W/l2g
9jZJcGSwmjhO8muVF2uK9Y8suWBIsiROSB0F1wrBHP0gpMfy09R1sDVr9mJ25KIH
soRaQs0ymrC3E846V4xCihBaXHH83yGOplC89d0siTPln37Gf83GeYD6bJXpOmYF
QYE4dxJuUkJcujaogGinvtXIc05fXU+wjW9OIlY+Ki+3UdjbjRMd0kcSZZEX7n6b
ZMH+paRdjM5xou+bBlH2crYO8okuuSgwD6hhHtJeszY0HE72UykqPKOMnk1dDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org