Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/QaZYAwA7dcyhV393er7zPW3oWzI.roa
File: QaZYAwA7dcyhV393er7zPW3oWzI.roa (raw, json)
Hash identifier: uvZ5DZ0ZXIjQ0IpliBFJrHO1FT7Hw8Z+9D/LT5tUpEo=
Subject key identifier: 41:A6:58:03:00:3B:75:CC:A1:57:7F:77:7A:BE:F3:3D:6D:E8:5B:32
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0181E05D5AFF3C27065EBD440C4AA8C3D7DE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/QaZYAwA7dcyhV393er7zPW3oWzI.roa
Signing time: Sat 09 Jul 2022 00:30:23 +0000
ROA not before: Sat 09 Jul 2022 00:30:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 185.126.80.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e0:5d:5a:ff:3c:27:06:5e:bd:44:0c:4a:a8:c3:d7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 9 00:30:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a65803003b75cca1577f777abef33d6de85b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:33:73:2f:f5:50:2a:4a:3d:cc:b0:ca:82:fb:
91:65:2d:d7:d5:42:0a:fe:da:f2:5f:82:5d:2d:1c:
81:d7:17:c2:c1:c6:57:04:7b:68:4a:17:5a:ae:5d:
10:14:28:bc:24:ef:4d:47:8b:93:93:41:ed:53:e3:
02:df:b0:9a:66:cb:f1:9e:35:a1:cf:69:df:52:8e:
23:74:6c:34:c3:ef:74:cb:4f:4c:24:56:a1:d6:9c:
5a:51:e7:02:a8:8e:32:2b:79:de:95:5e:c5:b3:73:
74:90:62:75:d4:3c:b1:ec:90:48:bd:8e:cf:49:ad:
15:fd:2f:b8:49:d3:35:d2:5f:73:eb:fc:b6:c5:35:
6b:e2:9a:59:60:72:0f:0c:07:33:3c:f9:ee:df:98:
77:ae:6b:66:73:87:c5:ea:36:2c:50:fb:85:b0:bc:
d8:fd:4c:35:93:6a:b1:31:ce:21:f3:9b:e2:cd:a4:
9c:9b:9f:44:b4:56:ab:b4:a7:84:25:bf:6b:11:31:
ac:45:30:2f:1a:02:c2:6b:48:0d:24:2e:91:11:dc:
db:17:88:e2:39:ab:ac:07:dd:24:e2:1b:46:b1:e9:
84:35:8f:3b:4d:4d:0a:71:b5:a4:85:7e:b2:b0:63:
d7:dd:cb:55:54:6f:2e:34:b2:4f:77:3f:49:4b:e7:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A6:58:03:00:3B:75:CC:A1:57:7F:77:7A:BE:F3:3D:6D:E8:5B:32
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/QaZYAwA7dcyhV393er7zPW3oWzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.80.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:b8:a1:71:25:dc:cd:2b:b7:36:82:fa:cb:71:80:44:e2:89:
ee:a4:5d:6b:46:5e:96:30:9c:59:71:69:06:f7:d5:56:9c:11:
71:25:4b:1e:75:48:30:9c:25:c2:d8:7d:db:52:1c:e4:fc:25:
af:76:04:d2:72:eb:d0:d8:57:a4:8c:75:d0:22:8e:97:9d:f8:
6f:33:d6:02:4a:e2:21:36:de:f0:52:da:9e:e4:ff:b2:8b:36:
65:d1:90:5f:0a:e4:8e:f0:ff:0f:c0:cd:12:41:80:5a:bd:f6:
0c:8c:e7:f2:1e:25:48:94:1b:4e:b5:59:8c:f4:92:91:31:16:
01:fa:03:55:d1:3e:9f:fe:34:b2:41:46:72:08:59:1a:3e:6c:
ff:6b:a2:8d:57:88:7d:82:37:77:47:83:c1:b2:cf:3c:76:04:
a2:74:10:ab:44:8b:36:29:6a:9e:eb:66:31:18:bd:3a:cc:df:
7b:b2:07:95:0c:dd:85:8f:78:72:96:92:42:e5:77:18:9c:3e:
5a:bb:a9:bd:d5:dc:bc:1f:b0:7e:b3:3b:c3:59:ee:82:0d:72:
8a:1a:57:42:5a:e7:eb:c4:94:cf:c6:07:92:58:d5:cc:1b:41:
e8:d6:59:cd:b5:a4:8c:cd:84:7c:bc:29:f9:e8:4d:21:eb:7e:
5b:c1:7f:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHgXVr/PCcGXr1EDEqow9feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwNzA5MDAzMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE2NTgwMzAwM2I3NWNjYTE1NzdmNzc3YWJlZjMzZDZkZTg1YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjNzL/VQKko9zLDKgvuRZS3X1UIK
/tryX4JdLRyB1xfCwcZXBHtoShdarl0QFCi8JO9NR4uTk0HtU+MC37CaZsvxnjWh
z2nfUo4jdGw0w+90y09MJFah1pxaUecCqI4yK3nelV7Fs3N0kGJ11Dyx7JBIvY7P
Sa0V/S+4SdM10l9z6/y2xTVr4ppZYHIPDAczPPnu35h3rmtmc4fF6jYsUPuFsLzY
/Uw1k2qxMc4h85vizaScm59EtFartKeEJb9rETGsRTAvGgLCa0gNJC6REdzbF4ji
OausB90k4htGsemENY87TU0KcbWkhX6ysGPX3ctVVG8uNLJPdz9JS+dL6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGmWAMAO3XMoVd/d3q+8z1t6FsyMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUWFaWUF3QTdkY3loVjM5M2VyN3pQVzNvV3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX5QMA0G
CSqGSIb3DQEBCwUAA4IBAQDOuKFxJdzNK7c2gvrLcYBE4onupF1rRl6WMJxZcWkG
99VWnBFxJUsedUgwnCXC2H3bUhzk/CWvdgTScuvQ2FekjHXQIo6XnfhvM9YCSuIh
Nt7wUtqe5P+yizZl0ZBfCuSO8P8PwM0SQYBavfYMjOfyHiVIlBtOtVmM9JKRMRYB
+gNV0T6f/jSyQUZyCFkaPmz/a6KNV4h9gjd3R4PBss88dgSidBCrRIs2KWqe62Yx
GL06zN97sgeVDN2Fj3hylpJC5XcYnD5au6m91dy8H7B+szvDWe6CDXKKGldCWufr
xJTPxgeSWNXMG0Ho1lnNtaSMzYR8vCn56E0h635bwX9j
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:26 2023 by rpki-client on console-fra.rpki-client.org