Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/67mNMYKs_0gDYTK3u73LAdj3jYc.roa
File: 67mNMYKs_0gDYTK3u73LAdj3jYc.roa (raw, json)
Hash identifier: QWDP1GxKDms2jnofVpt9DVZzBG4xvjez5Aoc/6A6VJc=
Subject key identifier: EB:B9:8D:31:82:AC:FF:48:03:61:32:B7:BB:BD:CB:01:D8:F7:8D:87
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 049FF23B
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/67mNMYKs_0gDYTK3u73LAdj3jYc.roa
Signing time: Fri 24 Jun 2022 18:04:54 +0000
ROA not before: Fri 24 Jun 2022 18:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139660
IP address blocks: 185.214.109.0/24 maxlen: 24
185.214.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77591099 (0x49ff23b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 24 18:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebb98d3182acff48036132b7bbbdcb01d8f78d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1b:91:28:c1:a7:70:78:46:b7:7c:2a:90:5b:
c5:de:34:31:a0:35:62:d4:f1:c4:d5:cc:50:88:47:
f1:01:51:f3:8c:19:3b:f2:dc:5e:7f:dc:26:30:37:
87:15:0b:e1:ee:c1:aa:d0:61:73:eb:a4:d8:46:f5:
84:6a:21:b4:ce:5b:25:b4:3b:7a:78:76:f5:fd:cb:
44:8e:b7:91:0b:77:f4:78:bc:5c:11:b6:20:2c:8f:
35:5a:9d:9e:72:21:5b:84:ee:ef:33:92:da:2a:0a:
b3:c5:fc:9f:58:d6:a9:3a:55:1b:66:fd:c8:d0:28:
e9:05:b1:46:fb:2b:bc:29:41:9c:5d:58:77:94:0c:
3d:db:d2:a5:9e:52:5c:4a:00:b1:e1:47:de:0d:dd:
98:26:34:22:9b:0a:57:a3:83:b9:5c:21:6c:4b:50:
16:48:da:f5:25:43:08:ab:46:33:e5:c8:9f:b2:23:
32:93:7b:c9:0a:57:55:98:b6:44:20:80:32:db:c8:
28:db:ef:70:a6:20:be:0e:ee:83:05:76:a9:8b:b1:
a5:43:6c:56:47:91:f1:c4:b2:30:00:15:6d:db:2f:
82:66:82:49:5b:28:4c:ea:af:f5:28:a0:4b:ad:2e:
5e:e3:ed:f7:1a:2c:38:b1:3c:a7:c7:f9:23:e7:ff:
81:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B9:8D:31:82:AC:FF:48:03:61:32:B7:BB:BD:CB:01:D8:F7:8D:87
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/67mNMYKs_0gDYTK3u73LAdj3jYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.109.0-185.214.110.255
Signature Algorithm: sha256WithRSAEncryption
21:7d:1e:ba:42:14:88:d5:f8:bc:99:5c:27:ae:d3:6b:a3:64:
c3:41:33:43:38:f3:9a:e8:df:d8:a3:d1:29:94:a1:41:18:cf:
c5:79:33:41:2c:62:a2:57:79:5c:c3:7f:21:be:83:60:e6:06:
7d:f0:11:90:a7:8a:ae:04:60:91:4d:9a:f1:91:ce:0d:3c:5f:
ae:33:a6:aa:5b:43:bc:8c:6f:20:20:bf:3a:2d:19:37:8a:9e:
28:f9:74:b4:5b:be:96:22:21:59:d3:28:3a:5c:34:b5:45:50:
c9:e3:90:63:d4:f3:74:92:7b:3d:ab:ba:2d:18:b1:67:24:29:
0f:51:a0:d6:c8:d0:f8:1f:68:29:8c:1e:53:b4:9e:c1:25:89:
27:29:bd:a5:73:19:92:89:64:eb:8b:07:5e:12:6a:12:10:88:
a4:ce:53:9b:8c:80:cb:6a:be:63:57:40:07:e3:ae:77:82:74:
2e:db:56:95:b6:e4:17:e8:e7:fe:67:0e:9a:f1:7f:7d:aa:76:
41:5a:94:72:b7:ad:df:7c:24:51:13:fa:04:a3:39:9f:44:ff:
78:8a:1e:be:83:2e:5a:ec:52:69:46:f0:d1:d3:65:31:a5:96:
36:bd:ff:9c:f5:7f:b8:3d:b8:17:9a:0e:23:f6:6b:65:00:5e:
7f:31:78:9d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBJ/yOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDYy
NDE4MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJiOThkMzE4MmFj
ZmY0ODAzNjEzMmI3YmJiZGNiMDFkOGY3OGQ4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIQbkSjBp3B4Rrd8KpBbxd40MaA1YtTxxNXMUIhH8QFR84wZ
O/LcXn/cJjA3hxUL4e7BqtBhc+uk2Eb1hGohtM5bJbQ7enh29f3LRI63kQt39Hi8
XBG2ICyPNVqdnnIhW4Tu7zOS2ioKs8X8n1jWqTpVG2b9yNAo6QWxRvsrvClBnF1Y
d5QMPdvSpZ5SXEoAseFH3g3dmCY0IpsKV6ODuVwhbEtQFkja9SVDCKtGM+XIn7Ij
MpN7yQpXVZi2RCCAMtvIKNvvcKYgvg7ugwV2qYuxpUNsVkeR8cSyMAAVbdsvgmaC
SVsoTOqv9SigS60uXuPt9xosOLE8p8f5I+f/gbECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTruY0xgqz/SANhMre7vcsB2PeNhzAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
LzY3bU5NWUtzXzBnRFlUSzN1NzNMQWRqM2pZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAudZtAwQAudZuMA0GCSqGSIb3
DQEBCwUAA4IBAQAhfR66QhSI1fi8mVwnrtNro2TDQTNDOPOa6N/Yo9EplKFBGM/F
eTNBLGKiV3lcw38hvoNg5gZ98BGQp4quBGCRTZrxkc4NPF+uM6aqW0O8jG8gIL86
LRk3ip4o+XS0W76WIiFZ0yg6XDS1RVDJ45Bj1PN0kns9q7otGLFnJCkPUaDWyND4
H2gpjB5TtJ7BJYknKb2lcxmSiWTriwdeEmoSEIikzlObjIDLar5jV0AH4653gnQu
21aVtuQX6Of+Zw6a8X99qnZBWpRyt63ffCRRE/oEozmfRP94ih6+gy5a7FJpRvDR
02UxpZY2vf+c9X+4PbgXmg4j9mtlAF5/MXid
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org