Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOdB9OHdN7cnrSdqy1mMJy3v5k8.roa
File: KOdB9OHdN7cnrSdqy1mMJy3v5k8.roa (raw, json)
Hash identifier: yPyvAJvLYa621B24A1Q1zh+/YUR7UND3iAdsL8luYJ8=
Subject key identifier: 28:E7:41:F4:E1:DD:37:B7:27:AD:27:6A:CB:59:8C:27:2D:EF:E6:4F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01831D8F71E58E3DD773CE9EC314492714FA
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOdB9OHdN7cnrSdqy1mMJy3v5k8.roa
Signing time: Thu 08 Sep 2022 14:44:43 +0000
ROA not before: Thu 08 Sep 2022 14:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140947
IP address blocks: 185.225.22.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:8f:71:e5:8e:3d:d7:73:ce:9e:c3:14:49:27:14:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 8 14:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28e741f4e1dd37b727ad276acb598c272defe64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:6d:56:60:36:0e:70:1d:b1:6e:a3:4e:1a:
c7:35:9f:a1:05:9d:fa:ba:4a:17:0c:e7:48:99:3c:
66:3d:02:1d:3a:22:cb:f2:5b:be:46:f3:29:42:8f:
50:26:65:61:4e:1d:5d:8e:c9:8b:73:8c:fe:b9:eb:
b2:18:8b:bf:1d:21:51:32:80:c8:a0:30:22:f3:ff:
67:d6:50:a2:4e:11:32:5d:9d:3f:43:28:59:fd:ec:
43:10:d4:43:fc:92:f6:ad:01:a9:0f:72:f2:8c:70:
a9:5b:37:12:15:be:68:20:4d:94:5c:76:1b:5f:03:
c3:d6:f1:52:9d:1c:7e:ea:f5:c0:2f:b0:b5:7c:34:
d0:ea:35:69:f9:c2:5a:4e:79:3d:88:90:7f:87:d1:
89:fe:12:6a:08:5f:2f:42:ff:2a:31:ce:1b:a3:0a:
10:ab:c2:ca:e3:c0:2d:69:bb:d4:50:f5:ee:02:68:
7e:18:b8:24:82:77:61:9b:f2:7b:0e:88:10:d2:40:
fa:f4:24:a6:07:7d:18:62:fa:39:de:63:12:e2:c7:
f4:64:e7:35:b2:7e:6a:8a:d5:95:c7:ef:d4:69:44:
d4:9f:bc:fb:d3:71:ff:24:e3:e1:88:13:a2:13:5b:
a5:be:da:31:b9:8a:d5:00:c6:62:ae:44:8a:9c:86:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E7:41:F4:E1:DD:37:B7:27:AD:27:6A:CB:59:8C:27:2D:EF:E6:4F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/KOdB9OHdN7cnrSdqy1mMJy3v5k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.22.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f3:d8:c8:a0:84:db:40:80:f8:1b:74:e3:87:c9:79:e0:3e:
b3:18:bf:ec:a8:37:c9:1d:d7:94:06:37:59:94:c6:ee:af:3b:
9e:f5:49:7d:84:8a:50:f3:15:1c:5d:18:e8:d2:ff:8d:4d:10:
ac:37:06:06:75:11:c0:b3:21:3d:d3:6d:3b:83:10:e8:64:64:
eb:e1:2e:30:1e:87:68:2e:5e:64:50:be:7e:70:6b:cc:13:f5:
cf:c2:9f:f5:b2:12:13:51:ae:06:1c:90:fa:00:8b:fb:e3:37:
c4:27:1e:ef:00:0d:ef:dc:1d:4b:ea:54:84:0d:a1:45:43:b3:
56:80:e0:43:0f:2b:20:b7:70:ba:e6:76:d7:89:3c:81:34:20:
67:9b:12:31:bb:3d:31:0a:be:f8:4a:63:68:18:74:8e:1c:3d:
f6:17:7d:0e:e5:06:07:0a:0e:55:c6:4b:90:86:64:32:4c:9f:
c7:78:b9:e6:14:c0:2c:e6:32:d9:f3:98:f2:cc:cd:3e:13:c6:
15:3d:ba:33:06:b8:bd:79:c3:65:21:58:a7:a6:be:6f:59:8b:
b9:ce:86:a1:40:36:bb:35:9a:7c:88:05:96:2b:58:12:43:6f:
ce:81:c9:1c:df:25:c1:52:8d:9a:c8:12:1f:d5:f3:79:cc:ca:
4f:f1:3d:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMdj3Hljj3Xc86ewxRJJxT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwOTA4MTQ0NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU3NDFmNGUxZGQzN2I3MjdhZDI3NmFjYjU5OGMyNzJkZWZlNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoBtVmA2DnAdsW6jThrHNZ+hBZ36
ukoXDOdImTxmPQIdOiLL8lu+RvMpQo9QJmVhTh1djsmLc4z+ueuyGIu/HSFRMoDI
oDAi8/9n1lCiThEyXZ0/QyhZ/exDENRD/JL2rQGpD3LyjHCpWzcSFb5oIE2UXHYb
XwPD1vFSnRx+6vXAL7C1fDTQ6jVp+cJaTnk9iJB/h9GJ/hJqCF8vQv8qMc4bowoQ
q8LK48AtabvUUPXuAmh+GLgkgndhm/J7DogQ0kD69CSmB30YYvo53mMS4sf0ZOc1
sn5qitWVx+/UaUTUn7z703H/JOPhiBOiE1ulvtoxuYrVAMZirkSKnIZRwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjnQfTh3Te3J60nastZjCct7+ZPMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvS09kQjlPSGRON2NuclNkcXkxbU1KeTN2NWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueEWMA0G
CSqGSIb3DQEBCwUAA4IBAQBy89jIoITbQID4G3Tjh8l54D6zGL/sqDfJHdeUBjdZ
lMburzue9Ul9hIpQ8xUcXRjo0v+NTRCsNwYGdRHAsyE90207gxDoZGTr4S4wHodo
Ll5kUL5+cGvME/XPwp/1shITUa4GHJD6AIv74zfEJx7vAA3v3B1L6lSEDaFFQ7NW
gOBDDysgt3C65nbXiTyBNCBnmxIxuz0xCr74SmNoGHSOHD32F30O5QYHCg5VxkuQ
hmQyTJ/HeLnmFMAs5jLZ85jyzM0+E8YVPbozBri9ecNlIVinpr5vWYu5zoahQDa7
NZp8iAWWK1gSQ2/Ogckc3yXBUo2ayBIf1fN5zMpP8T0x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:11 2023 by rpki-client on console-ams.rpki-client.org