Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/8ZYkDjlj4ImqbjVHMUKHqaxl8p0.roa
File: 8ZYkDjlj4ImqbjVHMUKHqaxl8p0.roa (raw, json)
Hash identifier: qpToXTe0NUIIYmTqp17H7/AoYPURTzsmJD14MXGnr5M=
Subject key identifier: F1:96:24:0E:39:63:E0:89:AA:6E:35:47:31:42:87:A9:AC:65:F2:9D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0182A624F19984E07451EE6ACCCC88FD0CD0
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/8ZYkDjlj4ImqbjVHMUKHqaxl8p0.roa
Signing time: Tue 16 Aug 2022 10:13:35 +0000
ROA not before: Tue 16 Aug 2022 10:13:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 185.225.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:24:f1:99:84:e0:74:51:ee:6a:cc:cc:88:fd:0c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 16 10:13:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f196240e3963e089aa6e3547314287a9ac65f29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:e1:6f:ab:dc:a2:e6:ec:4b:b0:c7:08:66:
be:0c:12:27:66:c2:20:fd:1e:cb:0a:ed:fe:9c:05:
20:7f:5c:d0:09:9a:97:09:02:a0:3a:a4:be:cc:8c:
b5:e7:a3:17:bb:da:57:30:ad:0e:39:64:e2:58:ad:
48:b2:e7:19:31:8f:5e:88:43:8a:38:a5:9c:4e:19:
9f:38:1a:54:73:94:f6:f9:ae:d0:c8:71:46:2c:7f:
10:aa:8e:42:23:0a:34:71:a3:f8:1c:ce:4f:7a:29:
3f:1a:a9:1d:3a:cb:62:14:3a:75:fc:35:81:dd:30:
4a:82:0d:f9:55:97:c6:70:ff:91:21:f7:fb:7d:8a:
da:09:26:1b:49:8a:d8:58:cf:d8:51:a3:16:64:54:
05:17:32:02:97:b6:b4:9d:73:4d:8c:71:c9:0c:85:
bf:89:8c:4f:47:14:9e:97:7b:e9:30:7c:82:7e:0a:
2b:fb:e7:8b:77:83:8a:e1:7c:87:36:b8:46:e3:7a:
8c:b7:08:d6:27:40:53:94:68:c7:10:61:3e:59:89:
10:db:32:d4:07:51:75:7f:2a:e1:8c:70:ea:31:c5:
4d:45:0e:61:13:99:89:6f:f8:f0:66:8b:84:00:fb:
e7:30:32:cc:00:f3:2c:3b:28:6e:45:9a:38:3e:86:
9f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:96:24:0E:39:63:E0:89:AA:6E:35:47:31:42:87:A9:AC:65:F2:9D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/8ZYkDjlj4ImqbjVHMUKHqaxl8p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.23.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:87:ac:ff:01:61:61:eb:6d:61:4b:9e:d8:fa:ec:fc:21:ad:
0b:eb:3f:6a:e9:31:54:c0:71:05:33:fc:bb:02:0d:6c:58:6e:
8b:ec:4b:0f:ca:08:57:7d:f4:66:5a:61:5c:1c:95:59:9a:ac:
e0:31:f4:d3:c4:92:b2:1f:1a:1c:c4:ad:29:8d:72:a6:fc:63:
a8:a5:73:81:39:29:23:8f:c6:95:9c:29:66:05:81:51:04:ac:
f1:74:0d:89:e8:47:dc:7e:9e:d5:5d:a2:f0:ca:00:5b:12:3e:
d7:66:3e:f2:4d:42:71:bd:6a:83:fe:41:d3:14:e7:6f:53:db:
a3:42:ac:6f:bf:99:d0:06:88:8b:3f:17:e0:26:b5:8b:29:e2:
4b:3d:01:59:11:42:f8:f2:01:77:40:fa:a8:2b:d3:9b:11:d5:
5c:53:87:f2:e2:0d:26:1e:eb:ea:9d:f0:a6:43:b6:c8:fc:a7:
fd:53:71:c3:d8:14:86:82:c3:0d:c6:69:f2:f7:03:67:97:91:
11:56:dd:0e:0e:48:6f:64:a8:ce:e2:5e:c3:41:46:d5:9b:b7:
d6:82:09:7c:a8:91:6d:6d:e7:80:5c:b5:b6:69:c6:49:a7:06:
76:3c:d3:76:f3:63:76:6c:36:d2:c7:c9:71:fc:82:87:4e:65:
61:d6:14:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKmJPGZhOB0Ue5qzMyI/QzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwODE2MTAxMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTk2MjQwZTM5NjNlMDg5YWE2ZTM1NDczMTQyODdhOWFjNjVmMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC/hb6vcoubsS7DHCGa+DBInZsIg
/R7LCu3+nAUgf1zQCZqXCQKgOqS+zIy156MXu9pXMK0OOWTiWK1IsucZMY9eiEOK
OKWcThmfOBpUc5T2+a7QyHFGLH8Qqo5CIwo0caP4HM5Peik/GqkdOstiFDp1/DWB
3TBKgg35VZfGcP+RIff7fYraCSYbSYrYWM/YUaMWZFQFFzICl7a0nXNNjHHJDIW/
iYxPRxSel3vpMHyCfgor++eLd4OK4XyHNrhG43qMtwjWJ0BTlGjHEGE+WYkQ2zLU
B1F1fyrhjHDqMcVNRQ5hE5mJb/jwZouEAPvnMDLMAPMsOyhuRZo4PoafnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGWJA45Y+CJqm41RzFCh6msZfKdMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvOFpZa0RqbGo0SW1xYmpWSE1VS0hxYXhsOHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueEXMA0G
CSqGSIb3DQEBCwUAA4IBAQDTh6z/AWFh621hS57Y+uz8Ia0L6z9q6TFUwHEFM/y7
Ag1sWG6L7EsPyghXffRmWmFcHJVZmqzgMfTTxJKyHxocxK0pjXKm/GOopXOBOSkj
j8aVnClmBYFRBKzxdA2J6Efcfp7VXaLwygBbEj7XZj7yTUJxvWqD/kHTFOdvU9uj
Qqxvv5nQBoiLPxfgJrWLKeJLPQFZEUL48gF3QPqoK9ObEdVcU4fy4g0mHuvqnfCm
Q7bI/Kf9U3HD2BSGgsMNxmny9wNnl5ERVt0ODkhvZKjO4l7DQUbVm7fWggl8qJFt
beeAXLW2acZJpwZ2PNN282N2bDbSx8lx/IKHTmVh1hTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org