Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2_4Mn-DKWWkrlDD07thmJd7rOxg.roa
File: 2_4Mn-DKWWkrlDD07thmJd7rOxg.roa (raw, json)
Hash identifier: JR3Li13fN/kyIY14vnMQ5epbTd07ZQqAnBRR0uhFcgw=
Subject key identifier: DB:FE:0C:9F:E0:CA:59:69:2B:94:30:F4:EE:D8:66:25:DE:EB:3B:18
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01838EEDBD092BA4988EE2073A7D3D7EECB9
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2_4Mn-DKWWkrlDD07thmJd7rOxg.roa
Signing time: Fri 30 Sep 2022 15:04:48 +0000
ROA not before: Fri 30 Sep 2022 15:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206446
IP address blocks: 185.214.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8e:ed:bd:09:2b:a4:98:8e:e2:07:3a:7d:3d:7e:ec:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 30 15:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbfe0c9fe0ca59692b9430f4eed86625deeb3b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:9e:a8:22:bb:8a:fd:d4:ac:5e:a3:80:74:
07:48:5f:3e:6a:f2:42:fb:1d:5c:2b:0f:3d:83:4e:
70:85:a2:23:52:0f:13:1c:63:1f:45:28:fa:83:2f:
f0:b2:23:81:86:2a:24:17:26:f1:db:8b:35:72:2a:
d7:11:22:5c:af:e6:18:d1:fc:15:8b:c5:7a:e0:66:
12:77:de:18:ca:50:b4:27:97:65:76:05:d9:7c:b9:
0a:16:b5:d9:23:f1:c0:c0:2b:c6:71:69:4e:fd:79:
4c:06:45:04:8f:32:5d:4e:8e:ff:fb:d6:c5:e9:0e:
d2:0c:7a:90:ae:b5:27:d3:3c:67:5a:e2:01:23:ab:
7a:b9:2a:60:c3:88:9c:71:eb:e4:3d:89:f3:64:b8:
50:50:a0:60:2e:a5:85:9b:c6:c5:34:52:de:91:fa:
4c:6e:16:28:88:5b:13:db:1e:d7:92:82:42:ed:c9:
19:fb:8a:91:d6:81:4f:61:5d:28:13:9d:e8:af:55:
2c:c2:01:0a:db:81:77:95:a7:aa:ff:c8:fb:d1:a3:
83:95:12:e6:2a:59:66:98:f8:14:a0:0f:b8:38:7d:
64:47:dd:06:47:cd:cb:85:8c:d3:66:4b:d5:81:79:
e3:4a:83:c3:e8:d1:92:30:c9:4d:78:1a:92:cf:a7:
4b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FE:0C:9F:E0:CA:59:69:2B:94:30:F4:EE:D8:66:25:DE:EB:3B:18
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/2_4Mn-DKWWkrlDD07thmJd7rOxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.110.0/24
Signature Algorithm: sha256WithRSAEncryption
58:36:ef:d1:37:80:24:1b:84:9c:b6:e9:98:14:f8:11:80:98:
3d:4f:9d:1c:b7:3c:a7:c4:fe:b9:a5:54:94:39:d0:39:bf:5c:
a6:88:7c:ec:c2:d3:82:c2:13:28:2f:88:a9:88:ed:b0:94:0e:
a6:32:50:15:c1:c2:40:fa:f6:02:1e:da:cf:b2:60:4d:64:16:
ff:d3:cb:fe:a0:71:5e:d1:e0:75:16:7a:fb:39:1e:fa:a6:56:
2a:8b:be:54:9f:a2:91:77:23:1f:de:43:0a:7f:73:92:28:cd:
b8:57:48:1a:4a:7a:f0:c7:45:46:20:bc:fe:a5:f6:eb:ab:20:
9d:83:af:59:5e:60:5f:03:ea:15:29:7f:59:5b:43:0f:5d:89:
2d:e6:c6:a2:01:ed:5d:9d:29:df:75:9e:15:03:c6:ae:62:0e:
b4:4c:0f:f2:2f:06:72:58:15:d8:f6:e4:1b:16:df:2a:32:e7:
6f:25:75:77:40:fc:fa:cd:4e:e8:5a:d2:9a:5a:ec:e8:68:58:
0e:ad:29:88:d8:0b:18:60:9f:b8:6a:1d:69:e6:07:2d:c0:40:
ea:82:09:83:bb:d6:f8:50:bd:91:ec:c1:6f:45:fd:92:9a:5f:
6f:ef:02:97:f2:e3:6d:94:58:11:d3:b5:66:08:bc:d7:2c:e8:
33:fb:a5:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOO7b0JK6SYjuIHOn09fuy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwOTMwMTUwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZlMGM5ZmUwY2E1OTY5MmI5NDMwZjRlZWQ4NjYyNWRlZWIzYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWaeqCK7iv3UrF6jgHQHSF8+avJC
+x1cKw89g05whaIjUg8THGMfRSj6gy/wsiOBhiokFybx24s1cirXESJcr+YY0fwV
i8V64GYSd94YylC0J5dldgXZfLkKFrXZI/HAwCvGcWlO/XlMBkUEjzJdTo7/+9bF
6Q7SDHqQrrUn0zxnWuIBI6t6uSpgw4iccevkPYnzZLhQUKBgLqWFm8bFNFLekfpM
bhYoiFsT2x7XkoJC7ckZ+4qR1oFPYV0oE53or1UswgEK24F3laeq/8j70aODlRLm
KllmmPgUoA+4OH1kR90GR83LhYzTZkvVgXnjSoPD6NGSMMlNeBqSz6dLbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNv+DJ/gyllpK5Qw9O7YZiXe6zsYMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMl80TW4tREtXV2tybEREMDd0aG1KZDdyT3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudZuMA0G
CSqGSIb3DQEBCwUAA4IBAQBYNu/RN4AkG4SctumYFPgRgJg9T50ctzynxP65pVSU
OdA5v1ymiHzswtOCwhMoL4ipiO2wlA6mMlAVwcJA+vYCHtrPsmBNZBb/08v+oHFe
0eB1Fnr7OR76plYqi75Un6KRdyMf3kMKf3OSKM24V0gaSnrwx0VGILz+pfbrqyCd
g69ZXmBfA+oVKX9ZW0MPXYkt5saiAe1dnSnfdZ4VA8auYg60TA/yLwZyWBXY9uQb
Ft8qMudvJXV3QPz6zU7oWtKaWuzoaFgOrSmI2AsYYJ+4ah1p5gctwEDqggmDu9b4
UL2R7MFvRf2Sml9v7wKX8uNtlFgR07VmCLzXLOgz+6UH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org