Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2L9oTGIh1wBZY7A-_nVdKVWGbqM.roa
File: 2L9oTGIh1wBZY7A-_nVdKVWGbqM.roa (raw, json)
Hash identifier: IknsXVk4FaUjHKMS9mFWHiRa9X4sDNQfTuy5ccrtgVg=
Subject key identifier: D8:BF:68:4C:62:21:D7:00:59:63:B0:3E:FE:75:5D:29:55:86:6E:A3
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 047805A4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2L9oTGIh1wBZY7A-_nVdKVWGbqM.roa
Signing time: Wed 08 Jun 2022 12:16:04 +0000
ROA not before: Wed 08 Jun 2022 12:16:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212096
IP address blocks: 185.225.20.0/22 maxlen: 22
185.218.20.0/22 maxlen: 22
185.126.80.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
185.199.156.0/22 maxlen: 22
185.228.72.0/22 maxlen: 22
185.36.204.0/22 maxlen: 22
185.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74974628 (0x47805a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 8 12:16:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8bf684c6221d7005963b03efe755d2955866ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dc:5f:05:00:5f:ce:a9:64:3f:f7:21:13:1b:
f2:bb:72:81:a8:ea:ce:47:f4:8d:d3:48:e9:2d:99:
9b:3d:e6:8c:be:69:03:ab:a1:a7:51:b2:a3:f1:98:
a9:d3:2b:83:49:a7:95:89:9d:5e:ed:f4:22:c0:36:
4c:f1:58:52:c6:a2:10:9d:e1:36:57:cd:f8:d8:17:
ce:dd:ab:f4:09:b1:7c:0a:e9:c0:1f:cc:f7:4e:4a:
1d:bb:8b:8d:ed:d3:d7:8c:fa:7b:a5:79:4b:a6:b6:
c7:49:d9:33:cd:f8:69:9f:c1:7c:d2:53:34:89:0c:
d6:2d:40:fc:23:ce:ef:8e:ab:7f:34:63:47:99:db:
c3:47:47:a4:53:8d:ae:47:1f:65:07:c1:de:83:b4:
db:a1:1e:ba:79:b3:28:f6:0a:ae:2b:73:89:82:ab:
a9:95:ee:f6:c6:ff:40:44:06:fd:56:37:63:8f:f2:
c3:d8:c6:84:16:31:d0:aa:a2:ca:01:62:14:17:06:
ce:ce:36:09:db:21:ba:43:25:77:8e:db:24:94:63:
6b:b5:41:26:3b:83:4c:49:3a:18:dc:f1:13:b8:2e:
0b:aa:d3:e0:cc:74:91:05:39:58:a2:ab:71:0d:5c:
77:ba:d4:9f:45:2a:cf:20:78:70:4b:56:d6:d9:1d:
62:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BF:68:4C:62:21:D7:00:59:63:B0:3E:FE:75:5D:29:55:86:6E:A3
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2L9oTGIh1wBZY7A-_nVdKVWGbqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/22
185.108.204.0/22
185.126.80.0/22
185.199.156.0/22
185.218.20.0/22
185.225.20.0/22
185.228.72.0/22
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
60:06:82:91:8b:f4:b1:b4:44:a7:c8:74:0e:75:2b:55:9c:67:
63:8c:ba:a5:6e:01:c9:2e:9d:12:ef:3e:30:17:44:6b:54:a4:
74:4c:6b:f4:29:a3:eb:e6:74:ae:12:49:7b:32:c9:d9:b1:a7:
bd:d9:7a:87:cd:6a:79:47:b7:2c:6d:4c:8e:61:04:9f:e8:a2:
bf:c7:81:50:ac:49:4a:fe:80:29:d6:60:56:8b:6e:fc:33:cd:
1e:9d:79:63:9e:28:eb:b7:42:21:9d:69:20:c5:f1:93:4b:ab:
e7:0b:b7:7d:76:33:3f:37:fc:97:cf:8c:3b:10:05:e0:bf:f4:
cd:2e:79:17:28:47:8f:cd:f1:73:e5:a2:36:9a:91:3b:14:cc:
4d:5d:8c:82:cb:f2:c0:01:54:eb:5d:2d:66:2d:f8:70:31:2b:
dc:5e:19:f6:e9:0a:36:e8:5b:d1:1e:ea:8c:f6:bf:dd:46:2f:
ae:e8:70:c2:5d:7d:dc:06:8c:9e:2e:6b:5b:46:54:67:7f:58:
2c:42:1c:94:82:10:81:8c:96:16:c9:ec:56:51:02:8a:df:f5:
0d:77:e2:f3:0f:a1:3f:17:98:88:1a:7b:a7:cd:46:37:48:ad:
aa:d8:c5:1a:22:46:34:18:b7:a1:50:a0:9c:7e:6d:62:2d:31:
03:93:56:b8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBHgFpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDYw
ODEyMTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiZjY4NGM2MjIx
ZDcwMDU5NjNiMDNlZmU3NTVkMjk1NTg2NmVhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfcXwUAX86pZD/3IRMb8rtygajqzkf0jdNI6S2Zmz3mjL5p
A6uhp1Gyo/GYqdMrg0mnlYmdXu30IsA2TPFYUsaiEJ3hNlfN+NgXzt2r9AmxfArp
wB/M905KHbuLje3T14z6e6V5S6a2x0nZM834aZ/BfNJTNIkM1i1A/CPO746rfzRj
R5nbw0dHpFONrkcfZQfB3oO026EeunmzKPYKritziYKrqZXu9sb/QEQG/VY3Y4/y
w9jGhBYx0KqiygFiFBcGzs42CdshukMld47bJJRja7VBJjuDTEk6GNzxE7guC6rT
4Mx0kQU5WKKrcQ1cd7rUn0UqzyB4cEtW1tkdYr8CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTYv2hMYiHXAFljsD7+dV0pVYZuozAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
LzJMOW9UR0loMXdCWlk3QS1fblZkS1ZXR2JxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEArkkzAMEArlszAMEArl+UAMEArnH
nAMEArnaFAMEArnhFAMEArnkSAMEAsE6kDANBgkqhkiG9w0BAQsFAAOCAQEAYAaC
kYv0sbREp8h0DnUrVZxnY4y6pW4ByS6dEu8+MBdEa1SkdExr9Cmj6+Z0rhJJezLJ
2bGnvdl6h81qeUe3LG1MjmEEn+iiv8eBUKxJSv6AKdZgVotu/DPNHp15Y54o67dC
IZ1pIMXxk0ur5wu3fXYzPzf8l8+MOxAF4L/0zS55FyhHj83xc+WiNpqROxTMTV2M
gsvywAFU610tZi34cDEr3F4Z9ukKNuhb0R7qjPa/3UYvruhwwl193AaMni5rW0ZU
Z39YLEIclIIQgYyWFsnsVlECit/1DXfi8w+hPxeYiBp7p81GN0itqtjFGiJGNBi3
oVCgnH5tYi0xA5NWuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org