Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OJiZD_XryzXRqcDk1c-_kPoOLIA.roa
File: OJiZD_XryzXRqcDk1c-_kPoOLIA.roa (raw, json)
Hash identifier: qdV38oiSJH6u3FQxP7Iy0x0vcROjxNVXYeYmqXYAHho=
Subject key identifier: 38:98:99:0F:F5:EB:CB:35:D1:A9:C0:E4:D5:CF:BF:90:FA:0E:2C:80
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183C158BF2B0960AFBE26659958C3D5B72E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OJiZD_XryzXRqcDk1c-_kPoOLIA.roa
Signing time: Mon 10 Oct 2022 10:02:42 +0000
ROA not before: Mon 10 Oct 2022 10:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.225.21.0/24 maxlen: 24
185.218.21.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.214.110.0/24 maxlen: 24
185.214.109.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:58:bf:2b:09:60:af:be:26:65:99:58:c3:d5:b7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 10 10:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3898990ff5ebcb35d1a9c0e4d5cfbf90fa0e2c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:94:8f:b7:0a:27:23:df:63:ef:fa:be:ac:
85:93:1c:c5:5b:c2:ab:3d:b5:02:b3:74:d2:1f:6d:
1b:a1:93:43:da:47:08:15:52:18:1c:af:8f:23:7c:
26:bc:88:ce:a9:f1:55:e0:03:0e:f7:43:45:c9:42:
52:40:e1:57:00:6b:44:07:39:5b:bd:11:63:dc:20:
21:ab:03:74:0a:e7:56:4f:f5:12:c9:05:bf:4c:db:
fa:c8:95:58:2e:27:a4:f2:eb:83:0f:77:c6:b5:fb:
ab:c4:a9:78:44:62:ba:ec:99:18:62:e0:cc:cf:aa:
fa:45:62:a1:cb:98:38:cb:ff:00:bf:0c:91:b3:e4:
e2:7b:46:4d:bd:34:75:4d:a9:21:86:39:b7:a3:7f:
14:5b:27:7b:ed:52:28:6b:6c:25:54:b4:98:d7:e8:
2b:3a:b2:5d:57:41:48:2a:27:97:bb:f2:b0:76:f5:
be:1e:9e:f0:72:c0:55:19:c4:a6:e3:bc:ac:e5:3c:
6c:d4:95:f6:36:56:8e:42:a7:d0:47:e4:8e:58:db:
60:ce:a6:c2:e4:42:9e:03:bb:eb:78:99:17:fe:67:
b1:62:21:12:8b:ec:5e:91:95:dd:9f:7e:98:aa:25:
46:a2:5c:64:bf:3e:7d:96:51:01:07:c4:2f:dd:7b:
9c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:98:99:0F:F5:EB:CB:35:D1:A9:C0:E4:D5:CF:BF:90:FA:0E:2C:80
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/OJiZD_XryzXRqcDk1c-_kPoOLIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.109.0-185.214.110.255
185.218.21.0/24
185.225.21.0/24
185.228.75.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:7a:1a:46:74:63:6f:9a:9d:95:50:42:5c:3f:f5:d2:43:f5:
3f:69:a9:1b:1f:ee:00:2f:ca:80:33:74:5c:5e:0a:19:59:f8:
dc:da:d4:5b:71:43:b0:70:34:c2:80:38:42:01:92:40:34:f6:
0f:1d:84:d1:73:64:08:92:b3:dd:26:be:d4:94:ab:aa:59:59:
f8:6f:08:7d:ac:c5:99:97:ac:6e:d2:ad:89:5e:45:eb:77:e5:
c7:2e:34:8d:a0:fa:e6:3e:a8:3d:89:78:ad:ae:c6:16:f6:70:
31:0d:d1:0b:e1:db:f9:08:85:0b:d9:51:3f:4f:20:1b:a4:2e:
26:c6:10:a0:21:74:2d:53:01:a3:d4:7f:ad:dd:a9:61:28:07:
73:a7:11:7c:cf:8d:a3:fa:ad:9f:40:18:19:c6:af:24:11:a4:
96:3e:8f:ff:72:eb:62:27:ec:a1:e7:9d:f7:50:36:d9:ee:fe:
82:8f:96:0d:51:ab:cf:ef:12:0d:fa:b2:18:34:3d:7c:e7:4b:
db:9f:93:ae:20:f3:e0:53:63:3a:2a:28:7c:40:86:f3:54:d2:
0d:93:dc:d4:7a:96:29:23:6c:8e:82:b5:58:0f:d2:75:14:54:
34:6c:37:ef:b6:96:8a:55:d3:35:a7:41:4c:81:42:12:5c:cd:
e7:a7:67:1a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPBWL8rCWCvviZlmVjD1bcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDEwMTAwMjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk4OTkwZmY1ZWJjYjM1ZDFhOWMwZTRkNWNmYmY5MGZhMGUyYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMSUj7cKJyPfY+/6vqyFkxzFW8Kr
PbUCs3TSH20boZND2kcIFVIYHK+PI3wmvIjOqfFV4AMO90NFyUJSQOFXAGtEBzlb
vRFj3CAhqwN0CudWT/USyQW/TNv6yJVYLiek8uuDD3fGtfurxKl4RGK67JkYYuDM
z6r6RWKhy5g4y/8AvwyRs+Tie0ZNvTR1Takhhjm3o38UWyd77VIoa2wlVLSY1+gr
OrJdV0FIKieXu/KwdvW+Hp7wcsBVGcSm47ys5Txs1JX2NlaOQqfQR+SOWNtgzqbC
5EKeA7vreJkX/mexYiESi+xekZXdn36YqiVGolxkvz59llEBB8Qv3XuckwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDiYmQ/168s10anA5NXPv5D6DiyAMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvT0ppWkRfWHJ5elhScWNEazFjLV9rUG9PTElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAC51m0D
BAC51m4DBAC52hUDBAC54RUDBAC55EswDQYJKoZIhvcNAQELBQADggEBAJp6GkZ0
Y2+anZVQQlw/9dJD9T9pqRsf7gAvyoAzdFxeChlZ+Nza1FtxQ7BwNMKAOEIBkkA0
9g8dhNFzZAiSs90mvtSUq6pZWfhvCH2sxZmXrG7SrYleRet35ccuNI2g+uY+qD2J
eK2uxhb2cDEN0Qvh2/kIhQvZUT9PIBukLibGEKAhdC1TAaPUf63dqWEoB3OnEXzP
jaP6rZ9AGBnGryQRpJY+j/9y62In7KHnnfdQNtnu/oKPlg1Rq8/vEg36shg0PXzn
S9ufk64g8+BTYzoqKHxAhvNU0g2T3NR6likjbI6CtVgP0nUUVDRsN++2lopV0zWn
QUyBQhJczeenZxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org