Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8JWLxJckFMBw-Yv7CDTAM5uuRw.roa
File: S8JWLxJckFMBw-Yv7CDTAM5uuRw.roa (raw, json)
Hash identifier: suSbOJJA09tO1vVyrFIDGoW7h/ANhwdHDxOwZLCk8tY=
Subject key identifier: 4B:C2:56:2F:12:5C:90:53:01:C3:E6:2F:EC:20:D3:00:CE:6E:B9:1C
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0181D7F7C69E05F1CC68940504F7B27AC987
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8JWLxJckFMBw-Yv7CDTAM5uuRw.roa
Signing time: Thu 07 Jul 2022 09:22:28 +0000
ROA not before: Thu 07 Jul 2022 09:22:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 185.36.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:f7:c6:9e:05:f1:cc:68:94:05:04:f7:b2:7a:c9:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 7 09:22:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bc2562f125c905301c3e62fec20d300ce6eb91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b1:aa:1a:63:28:cf:f0:11:84:4c:c3:fc:b0:
08:d9:41:45:7e:ce:13:a0:5b:94:99:83:a6:b5:86:
6a:62:a9:93:5a:db:98:3a:8c:f6:79:0c:04:f9:78:
30:83:d3:e3:6b:52:6c:7c:ef:f7:0a:68:f0:34:f1:
03:58:b6:05:d3:22:84:1d:e5:ca:28:b1:55:36:2d:
63:73:23:23:60:76:1d:a8:d7:4f:fa:27:29:5c:89:
29:c4:fa:06:7b:05:d5:1a:ae:db:be:eb:f8:43:b5:
83:51:ee:b3:dc:a3:c6:4b:14:4d:7a:37:37:38:3d:
02:75:cd:71:52:17:62:56:c2:49:60:cd:7b:8c:72:
53:67:56:0e:68:6d:0c:17:32:8b:9a:4a:b7:bd:05:
fd:bd:a0:d4:36:32:be:67:22:0f:31:f4:6e:67:b2:
93:28:de:b5:ca:46:4c:2b:f8:ec:04:04:ea:cf:04:
7c:59:77:2e:d1:31:8f:ff:13:54:5d:7c:81:5c:f7:
28:c8:0c:5b:a8:eb:3f:05:3a:eb:16:79:24:52:da:
d5:e8:a7:37:b9:ab:93:8f:1a:b0:61:bf:7b:46:e2:
03:b4:e4:ca:7a:64:00:cf:db:89:51:ef:f8:05:3a:
8c:64:03:fa:44:bb:67:9a:06:1d:91:36:6f:fd:a1:
56:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C2:56:2F:12:5C:90:53:01:C3:E6:2F:EC:20:D3:00:CE:6E:B9:1C
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/S8JWLxJckFMBw-Yv7CDTAM5uuRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.206.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:46:13:1a:59:d8:8d:57:55:5b:77:55:a4:5f:3b:75:72:74:
a5:29:3b:24:be:80:1b:46:c3:e6:bd:59:db:2b:8e:31:22:90:
f4:b5:e3:a9:9a:db:4b:60:5f:1a:10:c5:f3:2b:87:a1:e2:31:
2f:a8:ac:f0:a7:0a:d4:dd:70:8d:5b:58:f2:75:d9:a7:e6:88:
18:41:ae:77:01:7f:b1:84:74:2d:1f:55:01:57:21:7e:b0:c6:
c1:cd:69:c2:00:6a:ae:67:fc:cc:2c:c4:24:10:e1:34:86:8e:
7a:3e:d5:cc:68:a4:d6:3c:8d:ab:8f:5c:17:13:99:be:90:66:
39:cc:69:33:6c:d7:bb:1b:af:4f:b3:c2:ab:7b:69:2c:6f:55:
31:20:1c:76:6d:16:76:f0:90:ff:77:df:ae:19:cb:90:d6:8c:
c6:28:a1:94:dd:3c:3c:d0:81:a7:b4:4c:ed:9c:c6:4c:64:78:
36:c8:ff:7f:bd:83:3b:8b:c9:c5:db:cd:bc:48:7d:be:ba:0f:
ad:59:52:a8:f7:26:49:67:93:2e:50:7e:17:03:24:46:e9:cc:
61:cd:6e:a4:bd:b8:15:c2:3a:2c:2e:5f:26:d2:aa:a0:35:7d:
42:37:b1:07:d9:be:bb:63:a2:8a:61:ab:7d:5b:d2:88:f7:a6:
03:a9:a7:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHX98aeBfHMaJQFBPeyesmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwNzA3MDkyMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmMyNTYyZjEyNWM5MDUzMDFjM2U2MmZlYzIwZDMwMGNlNmViOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLGqGmMoz/ARhEzD/LAI2UFFfs4T
oFuUmYOmtYZqYqmTWtuYOoz2eQwE+Xgwg9Pja1JsfO/3CmjwNPEDWLYF0yKEHeXK
KLFVNi1jcyMjYHYdqNdP+icpXIkpxPoGewXVGq7bvuv4Q7WDUe6z3KPGSxRNejc3
OD0Cdc1xUhdiVsJJYM17jHJTZ1YOaG0MFzKLmkq3vQX9vaDUNjK+ZyIPMfRuZ7KT
KN61ykZMK/jsBATqzwR8WXcu0TGP/xNUXXyBXPcoyAxbqOs/BTrrFnkkUtrV6Kc3
uauTjxqwYb97RuIDtOTKemQAz9uJUe/4BTqMZAP6RLtnmgYdkTZv/aFWOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvCVi8SXJBTAcPmL+wg0wDObrkcMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvUzhKV0x4SmNrRk1Cdy1ZdjdDRFRBTTV1dVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSTOMA0G
CSqGSIb3DQEBCwUAA4IBAQC8RhMaWdiNV1Vbd1WkXzt1cnSlKTskvoAbRsPmvVnb
K44xIpD0teOpmttLYF8aEMXzK4eh4jEvqKzwpwrU3XCNW1jyddmn5ogYQa53AX+x
hHQtH1UBVyF+sMbBzWnCAGquZ/zMLMQkEOE0ho56PtXMaKTWPI2rj1wXE5m+kGY5
zGkzbNe7G69Ps8Kre2ksb1UxIBx2bRZ28JD/d9+uGcuQ1ozGKKGU3Tw80IGntEzt
nMZMZHg2yP9/vYM7i8nF2828SH2+ug+tWVKo9yZJZ5MuUH4XAyRG6cxhzW6kvbgV
wjosLl8m0qqgNX1CN7EH2b67Y6KKYat9W9KI96YDqafF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org