Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/699LYk1FT9LUH_XorDIN266TvDs.roa
File: 699LYk1FT9LUH_XorDIN266TvDs.roa (raw, json)
Hash identifier: ziJ5ShxX1mpU70C4MS0uMxoxs+QBA9k3jFrxKfbUyQk=
Subject key identifier: EB:DF:4B:62:4D:45:4F:D2:D4:1F:F5:E8:AC:32:0D:DB:AE:93:BC:3B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183C656BD98EC6668BD5EEE21483D96AB32
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/699LYk1FT9LUH_XorDIN266TvDs.roa
Signing time: Tue 11 Oct 2022 09:18:36 +0000
ROA not before: Tue 11 Oct 2022 09:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 185.199.150.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.214.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:56:bd:98:ec:66:68:bd:5e:ee:21:48:3d:96:ab:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 11 09:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebdf4b624d454fd2d41ff5e8ac320ddbae93bc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:3e:42:ff:56:2d:b5:79:38:9f:77:c0:52:
b5:eb:4c:45:d3:1e:15:3f:7b:15:79:e8:5d:a1:24:
dd:56:1d:e3:ff:64:61:36:03:3c:e0:f3:87:db:d3:
ea:f6:d1:0b:75:66:32:43:5e:ce:00:c9:00:ba:67:
a7:a9:8f:a7:c0:67:04:ad:9e:2d:61:70:ac:be:61:
44:7d:bb:e2:a7:4f:21:9c:38:02:a8:67:41:37:fb:
c3:0e:07:cb:e4:bd:c6:15:70:32:45:3c:e4:59:1c:
64:e8:8f:c5:50:7e:7a:2f:31:82:7e:c1:a8:5c:a5:
41:38:3e:99:01:fb:38:2e:76:1f:20:62:c0:0c:0d:
24:4b:88:6e:48:bf:63:a8:e6:2e:a7:aa:09:75:be:
86:b7:c6:a5:9c:3b:19:fa:3b:5e:24:d6:0a:86:6b:
16:f0:8c:ac:c0:f5:f5:9a:8d:3a:e3:03:fa:70:75:
a7:98:38:25:96:3a:74:0b:91:b1:5d:60:6b:9b:5a:
99:9e:b9:fa:2b:de:7c:96:ca:42:23:27:71:b0:3d:
fe:11:48:78:d9:9c:1f:59:03:7c:76:42:c5:b3:54:
2f:b0:ec:f9:94:3e:a8:d8:14:75:ef:ad:ec:24:38:
3e:21:f4:92:31:3a:da:d7:46:80:78:89:59:b9:3e:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DF:4B:62:4D:45:4F:D2:D4:1F:F5:E8:AC:32:0D:DB:AE:93:BC:3B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/699LYk1FT9LUH_XorDIN266TvDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.150.0/23
185.214.111.0/24
185.228.72.0/24
185.228.75.0/24
Signature Algorithm: sha256WithRSAEncryption
89:64:bb:b0:e6:8e:7f:47:e6:5d:ed:90:08:c5:cd:08:e4:7b:
d4:a5:0d:56:12:f8:11:7c:c9:1b:47:0f:f2:1f:48:8a:fa:83:
8e:6b:ba:c8:4d:5b:89:9c:c6:b4:59:6a:52:02:0f:5e:f5:69:
c1:d5:f1:9d:dc:32:93:75:ba:2a:7d:bb:2b:7e:56:17:d3:9b:
d2:19:a7:52:07:ca:42:8d:0c:51:5c:62:48:94:c6:0d:74:72:
7b:c7:27:e4:96:d5:c0:66:6c:53:02:da:f4:9f:75:39:a4:db:
85:26:41:02:2b:39:c1:a6:fd:15:03:78:49:52:6e:41:9d:f0:
27:91:c3:3b:7f:bf:d4:6d:87:46:dd:60:8d:2c:43:8e:bf:6a:
1d:a4:19:6f:99:22:43:89:c8:bb:ad:4e:a7:5e:b7:d2:25:58:
d7:ca:60:42:ec:26:14:34:31:3a:c7:5e:a1:66:db:74:f5:f6:
e4:3a:78:6c:42:78:f3:eb:4d:05:86:93:fa:4f:14:07:a6:e8:
94:c2:dc:0a:bb:67:17:88:14:74:09:ca:d6:23:5f:e0:18:fc:
b1:54:2f:17:59:ea:da:87:d0:93:12:49:21:8d:85:7b:4b:be:
98:30:5e:37:d6:d7:75:bf:36:92:1e:5b:af:5e:05:8f:84:9a:
96:a9:c6:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPGVr2Y7GZovV7uIUg9lqsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDExMDkxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRmNGI2MjRkNDU0ZmQyZDQxZmY1ZThhYzMyMGRkYmFlOTNiYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRU+Qv9WLbV5OJ93wFK160xF0x4V
P3sVeehdoSTdVh3j/2RhNgM84POH29Pq9tELdWYyQ17OAMkAumenqY+nwGcErZ4t
YXCsvmFEfbvip08hnDgCqGdBN/vDDgfL5L3GFXAyRTzkWRxk6I/FUH56LzGCfsGo
XKVBOD6ZAfs4LnYfIGLADA0kS4huSL9jqOYup6oJdb6Gt8alnDsZ+jteJNYKhmsW
8IyswPX1mo064wP6cHWnmDglljp0C5GxXWBrm1qZnrn6K958lspCIydxsD3+EUh4
2ZwfWQN8dkLFs1QvsOz5lD6o2BR1763sJDg+IfSSMTra10aAeIlZuT6+GQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOvfS2JNRU/S1B/16KwyDduuk7w7MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNjk5TFlrMUZUOUxVSF9Yb3JESU4yNjZUdkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuceWAwQA
udZvAwQAueRIAwQAueRLMA0GCSqGSIb3DQEBCwUAA4IBAQCJZLuw5o5/R+Zd7ZAI
xc0I5HvUpQ1WEvgRfMkbRw/yH0iK+oOOa7rITVuJnMa0WWpSAg9e9WnB1fGd3DKT
dboqfbsrflYX05vSGadSB8pCjQxRXGJIlMYNdHJ7xyfkltXAZmxTAtr0n3U5pNuF
JkECKznBpv0VA3hJUm5BnfAnkcM7f7/UbYdG3WCNLEOOv2odpBlvmSJDici7rU6n
XrfSJVjXymBC7CYUNDE6x16hZtt09fbkOnhsQnjz600FhpP6TxQHpuiUwtwKu2cX
iBR0CcrWI1/gGPyxVC8XWerah9CTEkkhjYV7S76YMF431td1vzaSHluvXgWPhJqW
qcaM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org