Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cd7G1-t4qxOBaIp9jNQxci8PykQ.roa
File: Cd7G1-t4qxOBaIp9jNQxci8PykQ.roa (raw, json)
Hash identifier: mFy8mng3kjzLy/5yUsZXhFqDFDSDefuPlCQiX5tpwq8=
Subject key identifier: 09:DE:C6:D7:EB:78:AB:13:81:68:8A:7D:8C:D4:31:72:2F:0F:CA:44
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01830D946F33CD40A1CC374910CBD7C63084
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cd7G1-t4qxOBaIp9jNQxci8PykQ.roa
Signing time: Mon 05 Sep 2022 12:16:15 +0000
ROA not before: Mon 05 Sep 2022 12:16:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13213
IP address blocks: 185.199.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:94:6f:33:cd:40:a1:cc:37:49:10:cb:d7:c6:30:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 5 12:16:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09dec6d7eb78ab1381688a7d8cd431722f0fca44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:e0:df:db:d3:b2:fc:79:31:f3:ae:19:39:
23:21:e1:55:87:cb:8b:68:8d:30:cd:b3:a5:e4:20:
68:30:22:a6:8f:80:d4:59:bb:9c:38:04:0f:22:9c:
fd:21:91:19:23:d4:32:77:06:fd:ba:d8:b1:53:91:
f6:e4:ed:14:5c:e5:26:a4:a6:47:e7:84:7e:f0:13:
fd:2b:3d:95:fa:42:15:22:a0:5f:fc:c1:ca:6d:a7:
d6:9d:90:eb:66:19:1a:2b:56:46:de:ed:1a:da:42:
17:0a:bf:92:47:78:ad:0c:30:23:29:7e:19:f0:79:
c9:04:8e:ad:a9:c1:25:80:5c:f6:52:5f:0d:9a:ee:
cd:23:13:04:2a:4f:0f:80:ab:b4:ae:fa:f9:f0:bd:
45:90:64:94:a2:e4:e7:ac:ee:c7:56:9c:86:20:e0:
75:ad:cb:f3:63:e2:c2:cd:7b:4e:f0:e5:c0:1c:a6:
67:92:d4:4a:7a:61:0f:ad:ce:36:2f:cd:65:b8:5a:
4a:57:87:24:cb:92:27:24:28:35:6e:d2:38:f0:e8:
7c:be:df:87:a5:25:da:18:ff:37:5b:b8:9f:07:be:
c7:b3:fb:6b:80:5c:06:13:ed:d7:4c:b9:be:51:54:
1c:7d:66:24:de:51:d2:18:0a:18:fc:ba:87:1d:ad:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DE:C6:D7:EB:78:AB:13:81:68:8A:7D:8C:D4:31:72:2F:0F:CA:44
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Cd7G1-t4qxOBaIp9jNQxci8PykQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:24:ef:cc:db:29:72:a4:9a:a9:ef:5e:58:16:e1:5d:b1:d3:
76:d6:48:5a:86:5a:86:4f:68:72:f7:58:71:46:50:8d:25:7d:
58:d5:72:40:2c:93:7f:32:fc:d5:02:57:ce:6c:c0:1a:d2:7a:
aa:a6:88:30:26:85:95:d6:84:a7:26:0c:ce:cd:54:0b:cd:ff:
eb:51:ab:f0:24:e6:e5:f5:2f:2b:ec:57:a9:02:b7:8b:9a:33:
c0:be:81:11:5a:56:1a:25:65:fb:33:b0:00:fa:39:c8:3e:a5:
ac:5c:47:ce:a2:33:12:a3:21:cb:f3:f0:e1:1b:ae:0f:09:ed:
8e:13:ae:36:5f:aa:08:66:ee:75:a1:af:65:29:85:46:6a:75:
36:51:d3:69:0e:31:e2:04:6a:04:38:87:9a:88:5b:0f:78:d7:
f0:eb:b6:4b:11:50:5a:ff:32:88:58:77:fa:bf:12:f3:c2:33:
3c:e3:5f:3f:ff:89:67:3e:c7:d4:56:11:9b:3c:af:7b:3b:90:
48:e7:0e:2e:90:e4:a2:43:71:f6:d5:01:be:18:dd:ca:ab:80:
39:e7:0d:bd:53:48:13:92:73:79:26:b0:9d:d4:8f:0c:79:96:
63:79:55:82:23:af:d9:9e:3e:a4:75:64:18:5a:00:a4:2a:36:
19:ab:6e:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMNlG8zzUChzDdJEMvXxjCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwOTA1MTIxNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRlYzZkN2ViNzhhYjEzODE2ODhhN2Q4Y2Q0MzE3MjJmMGZjYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfDg39vTsvx5MfOuGTkjIeFVh8uL
aI0wzbOl5CBoMCKmj4DUWbucOAQPIpz9IZEZI9Qydwb9utixU5H25O0UXOUmpKZH
54R+8BP9Kz2V+kIVIqBf/MHKbafWnZDrZhkaK1ZG3u0a2kIXCr+SR3itDDAjKX4Z
8HnJBI6tqcElgFz2Ul8Nmu7NIxMEKk8PgKu0rvr58L1FkGSUouTnrO7HVpyGIOB1
rcvzY+LCzXtO8OXAHKZnktRKemEPrc42L81luFpKV4cky5InJCg1btI48Oh8vt+H
pSXaGP83W7ifB77Hs/trgFwGE+3XTLm+UVQcfWYk3lHSGAoY/LqHHa0fYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAnextfreKsTgWiKfYzUMXIvD8pEMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQ2Q3RzEtdDRxeE9CYUlwOWpOUXhjaThQeWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucedMA0G
CSqGSIb3DQEBCwUAA4IBAQCaJO/M2ylypJqp715YFuFdsdN21khahlqGT2hy91hx
RlCNJX1Y1XJALJN/MvzVAlfObMAa0nqqpogwJoWV1oSnJgzOzVQLzf/rUavwJObl
9S8r7FepAreLmjPAvoERWlYaJWX7M7AA+jnIPqWsXEfOojMSoyHL8/DhG64PCe2O
E642X6oIZu51oa9lKYVGanU2UdNpDjHiBGoEOIeaiFsPeNfw67ZLEVBa/zKIWHf6
vxLzwjM8418//4lnPsfUVhGbPK97O5BI5w4ukOSiQ3H21QG+GN3Kq4A55w29U0gT
knN5JrCd1I8MeZZjeVWCI6/Znj6kdWQYWgCkKjYZq26J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org