Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Sk5xE5t6PDfUhxMdqzvtIX7sw4A.roa
File: Sk5xE5t6PDfUhxMdqzvtIX7sw4A.roa (raw, json)
Hash identifier: pqVqnmFfpC0++D1YV5XCTP3QyWV+/N9DYI/sM4NgwEQ=
Subject key identifier: 4A:4E:71:13:9B:7A:3C:37:D4:87:13:1D:AB:3B:ED:21:7E:EC:C3:80
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03E3A9B4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Sk5xE5t6PDfUhxMdqzvtIX7sw4A.roa
Signing time: Fri 08 Apr 2022 16:57:23 +0000
ROA not before: Fri 08 Apr 2022 16:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 185.108.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65251764 (0x3e3a9b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 8 16:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a4e71139b7a3c37d487131dab3bed217eecc380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:78:e7:c1:96:39:c8:eb:d5:52:8f:9c:7b:f8:
f3:1a:df:cc:fb:d3:e9:e6:8a:68:26:46:c9:f0:70:
d8:2a:8f:70:fd:45:d6:f2:09:50:31:7c:52:e2:83:
69:0c:14:86:2d:8c:4c:31:c3:1f:14:21:be:f6:32:
2d:3a:4a:8d:c7:4f:13:74:6d:0b:81:cf:f1:e6:c0:
c7:06:0c:17:2b:60:68:5a:66:7d:60:32:4f:b9:c5:
07:1b:c9:79:e3:94:27:ff:51:cf:1d:30:cc:9c:c0:
c5:d7:26:97:04:5a:03:70:68:6a:1f:c6:e2:d0:4a:
80:27:69:d1:7e:e3:78:18:76:8c:95:66:b2:c5:65:
24:87:3b:66:dc:b4:a9:74:08:f4:f3:67:bc:64:15:
72:27:f9:ec:04:aa:55:87:b1:5c:f6:87:23:ce:54:
fb:69:71:63:ba:c7:ac:73:1a:d1:01:dc:7c:77:14:
35:46:03:47:6d:7e:47:e8:ea:a6:31:12:54:85:67:
66:71:c2:f3:0d:f2:34:d5:2a:b6:c3:d1:01:6e:e0:
0f:eb:ad:78:2e:29:b7:d5:a7:d0:2b:72:7a:33:01:
cb:31:b4:6e:1a:6c:af:ce:6f:d0:da:6f:84:92:0d:
da:3f:d2:82:57:29:fb:26:ca:17:b0:57:dc:ee:28:
f1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4E:71:13:9B:7A:3C:37:D4:87:13:1D:AB:3B:ED:21:7E:EC:C3:80
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Sk5xE5t6PDfUhxMdqzvtIX7sw4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.207.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:95:40:77:1c:9b:81:7f:31:d6:27:8a:99:81:ba:ec:da:ee:
db:35:6f:90:5c:21:4e:d2:ee:43:dc:46:a7:fe:8a:22:64:46:
b4:04:23:d0:93:92:cb:89:74:85:d5:19:a2:01:36:49:89:99:
16:41:0d:94:32:ce:bc:c9:32:6c:90:79:f4:e4:fc:bf:d8:40:
50:c3:51:3f:fa:8e:fa:bd:5a:04:13:60:08:bb:2f:c1:6b:f0:
06:52:18:7c:43:1e:54:b0:2f:9d:31:86:4f:f7:d6:a9:3a:5c:
4e:83:f1:23:f3:30:61:c4:f0:bf:0f:e7:96:7d:09:f2:0c:54:
9d:bb:f9:2e:22:c2:fd:34:ba:9d:8f:14:99:2d:c6:2b:92:e3:
a5:01:20:ba:74:f8:1d:b1:e7:23:71:9b:4e:b0:57:5f:0a:36:
14:3b:97:ad:f0:28:1d:9a:e1:94:25:3a:46:ba:67:1e:ac:60:
64:72:f6:d2:6c:28:ec:38:d4:03:d6:50:05:ed:94:d8:e2:b3:
d5:74:98:9f:92:36:c4:d8:17:ca:62:0b:51:f9:76:cb:b8:cc:
8e:a5:68:46:4e:f2:56:9f:bc:81:ab:3c:5a:12:45:35:86:03:
b3:29:64:60:d4:5a:75:4c:43:06:30:8d:90:9d:20:e1:b8:71:
3a:9c:d4:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+OptDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDQw
ODE2NTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE0ZTcxMTM5Yjdh
M2MzN2Q0ODcxMzFkYWIzYmVkMjE3ZWVjYzM4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOx458GWOcjr1VKPnHv48xrfzPvT6eaKaCZGyfBw2CqPcP1F
1vIJUDF8UuKDaQwUhi2MTDHDHxQhvvYyLTpKjcdPE3RtC4HP8ebAxwYMFytgaFpm
fWAyT7nFBxvJeeOUJ/9Rzx0wzJzAxdcmlwRaA3Boah/G4tBKgCdp0X7jeBh2jJVm
ssVlJIc7Zty0qXQI9PNnvGQVcif57ASqVYexXPaHI85U+2lxY7rHrHMa0QHcfHcU
NUYDR21+R+jqpjESVIVnZnHC8w3yNNUqtsPRAW7gD+uteC4pt9Wn0CtyejMByzG0
bhpsr85v0NpvhJIN2j/Sglcp+ybKF7BX3O4o8Z8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKTnETm3o8N9SHEx2rO+0hfuzDgDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L1NrNXhFNXQ2UERmVWh4TWRxenZ0SVg3c3c0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlszzANBgkqhkiG9w0BAQsFAAOC
AQEAxJVAdxybgX8x1ieKmYG67Nru2zVvkFwhTtLuQ9xGp/6KImRGtAQj0JOSy4l0
hdUZogE2SYmZFkENlDLOvMkybJB59OT8v9hAUMNRP/qO+r1aBBNgCLsvwWvwBlIY
fEMeVLAvnTGGT/fWqTpcToPxI/MwYcTwvw/nln0J8gxUnbv5LiLC/TS6nY8UmS3G
K5LjpQEgunT4HbHnI3GbTrBXXwo2FDuXrfAoHZrhlCU6RrpnHqxgZHL20mwo7DjU
A9ZQBe2U2OKz1XSYn5I2xNgXymILUfl2y7jMjqVoRk7yVp+8gas8WhJFNYYDsylk
YNRadUxDBjCNkJ0g4bhxOpzUkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org