Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4LxAq8u3co6q9TYpNJ-7CoBDx-s.roa
File: 4LxAq8u3co6q9TYpNJ-7CoBDx-s.roa (raw, json)
Hash identifier: f0lS7XrDtvfxGnUpHZXHcFZhGGmACL8zBUuFQMzFVOU=
Subject key identifier: E0:BC:40:AB:CB:B7:72:8E:AA:F5:36:29:34:9F:BB:0A:80:43:C7:EB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183C65894203F1A989647E3B6D7DA358D5E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4LxAq8u3co6q9TYpNJ-7CoBDx-s.roa
Signing time: Tue 11 Oct 2022 09:20:37 +0000
ROA not before: Tue 11 Oct 2022 09:20:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 185.126.80.0/24 maxlen: 24
185.108.206.0/24 maxlen: 24
185.36.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:58:94:20:3f:1a:98:96:47:e3:b6:d7:da:35:8d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 11 09:20:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0bc40abcbb7728eaaf53629349fbb0a8043c7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1f:b2:d8:52:51:0a:b6:1e:12:77:34:0b:b3:
a1:91:01:a4:37:84:44:4f:4c:a5:2d:ab:5c:67:92:
f9:70:46:34:20:cd:0f:f3:f7:f5:3a:c9:e3:95:7b:
02:64:ca:4f:6f:3f:37:50:a0:11:78:64:9d:a1:99:
9d:f9:39:f9:23:04:c6:2c:2e:49:fb:d2:fe:73:78:
2f:32:d8:de:13:7f:0d:14:20:7d:53:0e:64:86:2c:
0c:10:39:95:ff:38:f4:82:c6:cd:74:ef:b9:fd:81:
72:bd:bb:4f:f5:5c:42:41:3b:c2:71:9f:23:16:eb:
80:ad:1c:21:cd:96:5c:38:fc:3d:4a:d2:8c:72:a6:
e8:3d:ea:13:69:e1:01:d6:0e:1f:65:f4:85:fc:59:
9d:94:3c:28:45:e6:d4:6c:61:92:f6:fb:da:a9:e9:
15:2c:6f:76:a1:47:04:b6:df:fb:0f:2f:ba:11:cc:
81:2f:97:f4:2e:dc:54:a3:25:5f:2c:30:bd:d2:6d:
19:d3:1d:21:d8:b6:d9:78:df:bb:d2:af:74:3f:5f:
0e:34:59:ef:56:89:c6:2e:5e:54:8e:0b:c7:9c:66:
eb:9b:4e:69:03:b7:98:29:d5:db:f3:f0:0b:c5:55:
07:03:41:fc:1a:59:79:25:f1:96:f2:24:e5:63:c1:
81:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BC:40:AB:CB:B7:72:8E:AA:F5:36:29:34:9F:BB:0A:80:43:C7:EB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4LxAq8u3co6q9TYpNJ-7CoBDx-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.207.0/24
185.108.206.0/24
185.126.80.0/24
Signature Algorithm: sha256WithRSAEncryption
96:aa:e5:83:9e:92:20:3b:66:c3:0a:d8:75:6d:eb:fb:3d:76:
57:88:8a:bb:05:78:6a:9b:fa:b3:99:44:cc:a5:ee:a2:6d:2d:
88:b2:c0:f7:fe:3f:86:85:f2:aa:9d:b1:c3:88:53:7e:8b:d4:
d7:77:70:55:81:be:d8:2e:48:0f:e4:26:b0:df:54:d0:e2:fd:
a2:03:58:53:bf:fc:23:a5:d4:d9:ef:7c:b0:22:52:11:da:3a:
20:d0:ac:d0:a5:80:e6:3d:8e:25:c4:64:98:13:31:96:be:69:
9d:74:ba:f9:e1:0e:6b:7d:b8:a5:54:34:a5:8a:df:a7:59:ba:
11:38:fc:a4:66:c0:52:45:90:ef:c2:af:24:32:2f:79:18:79:
dd:7b:2c:d9:bb:41:d5:62:7a:78:64:2b:7a:29:ab:3b:52:3c:
7a:21:54:bd:df:8a:1e:1d:a8:df:4b:92:80:a7:a4:13:db:de:
7e:18:c3:ef:d1:2e:d8:4c:88:2a:13:ad:89:7f:1d:43:ce:9f:
45:6e:8f:4f:67:ad:b9:92:28:f4:34:f8:ce:a1:0f:94:71:05:
eb:4a:b1:81:61:c4:27:d4:9f:9f:c7:ec:f9:c6:82:0b:c6:02:
ca:80:75:88:1b:4b:72:8f:ca:ff:fb:a1:0a:b1:48:c3:1b:06:
e1:7f:cf:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPGWJQgPxqYlkfjttfaNY1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDExMDkyMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJjNDBhYmNiYjc3MjhlYWFmNTM2MjkzNDlmYmIwYTgwNDNjN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR+y2FJRCrYeEnc0C7OhkQGkN4RE
T0ylLatcZ5L5cEY0IM0P8/f1OsnjlXsCZMpPbz83UKAReGSdoZmd+Tn5IwTGLC5J
+9L+c3gvMtjeE38NFCB9Uw5khiwMEDmV/zj0gsbNdO+5/YFyvbtP9VxCQTvCcZ8j
FuuArRwhzZZcOPw9StKMcqboPeoTaeEB1g4fZfSF/FmdlDwoRebUbGGS9vvaqekV
LG92oUcEtt/7Dy+6EcyBL5f0LtxUoyVfLDC90m0Z0x0h2LbZeN+70q90P18ONFnv
VonGLl5UjgvHnGbrm05pA7eYKdXb8/ALxVUHA0H8Gll5JfGW8iTlY8GBVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOC8QKvLt3KOqvU2KTSfuwqAQ8frMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNEx4QXE4dTNjbzZxOVRZcE5KLTdDb0JEeC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuSTPAwQA
uWzOAwQAuX5QMA0GCSqGSIb3DQEBCwUAA4IBAQCWquWDnpIgO2bDCth1bev7PXZX
iIq7BXhqm/qzmUTMpe6ibS2IssD3/j+GhfKqnbHDiFN+i9TXd3BVgb7YLkgP5Caw
31TQ4v2iA1hTv/wjpdTZ73ywIlIR2jog0KzQpYDmPY4lxGSYEzGWvmmddLr54Q5r
fbilVDSlit+nWboROPykZsBSRZDvwq8kMi95GHndeyzZu0HVYnp4ZCt6Kas7Ujx6
IVS934oeHajfS5KAp6QT295+GMPv0S7YTIgqE62Jfx1Dzp9Fbo9PZ625kij0NPjO
oQ+UcQXrSrGBYcQn1J+fx+z5xoILxgLKgHWIG0tyj8r/+6EKsUjDGwbhf89T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org