Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V8GQBleNxsoFuPsaBshEWgn51Hc.roa
File: V8GQBleNxsoFuPsaBshEWgn51Hc.roa (raw, json)
Hash identifier: WOE3YlHoyDTLqNgfktexy8WpwcRoMx/zNqH4H1oNN/g=
Subject key identifier: 57:C1:90:06:57:8D:C6:CA:05:B8:FB:1A:06:C8:44:5A:09:F9:D4:77
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04ABA0A7
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V8GQBleNxsoFuPsaBshEWgn51Hc.roa
Signing time: Tue 28 Jun 2022 10:24:02 +0000
ROA not before: Tue 28 Jun 2022 10:24:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.225.22.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78356647 (0x4aba0a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 28 10:24:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57c19006578dc6ca05b8fb1a06c8445a09f9d477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:cb:0a:91:2e:8b:cb:cb:05:39:7d:ba:00:
30:02:97:7f:a7:eb:2e:7a:46:9f:32:09:75:9b:60:
7e:32:3f:aa:00:6e:bd:5d:2d:67:35:63:c4:63:ec:
80:d2:9e:77:56:98:c1:79:65:1d:e1:15:60:10:6b:
29:c4:6d:d8:28:0e:3a:3a:82:76:b6:ed:02:31:2f:
8a:9e:9d:40:3d:42:25:05:3e:fa:07:e5:38:d5:4e:
0c:da:cc:12:1d:06:d3:81:a8:76:f3:2f:a9:d3:97:
73:58:f5:30:d7:76:27:a8:fe:4f:09:fa:a7:aa:e2:
b6:36:ef:5a:b8:2e:af:7c:81:73:29:67:2d:08:3f:
20:31:b1:14:88:a3:ac:3a:69:c6:05:cd:a0:b0:dd:
74:80:5f:6a:c1:31:87:3a:60:47:73:06:cf:6c:04:
5e:1d:fe:d1:1a:d1:55:1b:84:7c:fd:65:cc:3e:b0:
e3:af:0d:6a:72:94:4f:b2:76:74:25:ab:e2:dc:7e:
1a:6d:c5:db:06:2d:e2:3c:aa:58:e5:3f:af:bd:e3:
e2:0f:4b:4e:18:47:8a:5c:13:73:80:0e:fc:e1:5d:
56:5a:db:26:42:38:62:c0:86:52:ab:ac:99:04:35:
98:0e:0d:20:5e:be:8a:12:67:c3:c5:2a:64:b0:81:
59:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C1:90:06:57:8D:C6:CA:05:B8:FB:1A:06:C8:44:5A:09:F9:D4:77
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V8GQBleNxsoFuPsaBshEWgn51Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.22.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:87:5b:f9:81:b9:08:8c:3c:26:ec:c7:d2:b7:a0:9a:dc:ed:
e8:63:87:93:66:47:58:1e:dc:3d:5e:70:f7:ad:43:f2:df:1f:
08:b8:4c:58:03:79:ce:c0:1c:6d:53:6e:d1:1f:8c:c8:03:0c:
b9:98:83:26:ed:b7:eb:ce:96:61:7c:19:f4:2d:60:94:59:45:
92:89:b7:c8:a2:a4:be:ed:52:1f:72:dd:b6:3c:e0:02:54:05:
2a:d5:4f:a5:c7:dd:3d:76:97:5e:4d:9e:de:fa:7f:3c:23:57:
f5:05:25:9e:08:86:61:c0:c2:74:36:3a:34:da:ac:e4:73:a8:
d7:9e:20:28:b5:fe:c8:22:5d:92:24:53:ba:9c:ab:8b:cc:98:
a8:de:37:d3:60:dd:11:cd:f0:a5:19:a5:bb:db:c6:c2:a0:9a:
68:8b:1e:c1:1c:3c:12:f5:81:01:de:55:c5:14:0b:29:d3:b2:
c7:d4:44:93:0b:ca:95:08:db:7c:09:c7:d0:a0:bc:f1:06:db:
5d:67:62:87:ab:83:15:23:b6:48:0c:50:2c:3d:ac:0b:f2:c0:
5d:05:f1:ca:cd:bf:72:e8:1e:27:13:38:90:1e:ba:d3:b2:bc:
4e:0b:9c:b7:f5:c0:bf:ef:0f:3c:74:42:3a:f1:56:4f:9b:24:
e8:c3:99:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKugpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDYy
ODEwMjQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTdjMTkwMDY1Nzhk
YzZjYTA1YjhmYjFhMDZjODQ0NWEwOWY5ZDQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFcywqRLovLywU5fboAMAKXf6frLnpGnzIJdZtgfjI/qgBu
vV0tZzVjxGPsgNKed1aYwXllHeEVYBBrKcRt2CgOOjqCdrbtAjEvip6dQD1CJQU+
+gflONVODNrMEh0G04GodvMvqdOXc1j1MNd2J6j+Twn6p6ritjbvWrgur3yBcyln
LQg/IDGxFIijrDppxgXNoLDddIBfasExhzpgR3MGz2wEXh3+0RrRVRuEfP1lzD6w
468NanKUT7J2dCWr4tx+Gm3F2wYt4jyqWOU/r73j4g9LThhHilwTc4AO/OFdVlrb
JkI4YsCGUqusmQQ1mA4NIF6+ihJnw8UqZLCBWYcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRXwZAGV43GygW4+xoGyERaCfnUdzAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L1Y4R1FCbGVOeHNvRnVQc2FCc2hFV2duNTFIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnhFjANBgkqhkiG9w0BAQsFAAOC
AQEAWodb+YG5CIw8JuzH0regmtzt6GOHk2ZHWB7cPV5w961D8t8fCLhMWAN5zsAc
bVNu0R+MyAMMuZiDJu23686WYXwZ9C1glFlFkom3yKKkvu1SH3LdtjzgAlQFKtVP
pcfdPXaXXk2e3vp/PCNX9QUlngiGYcDCdDY6NNqs5HOo154gKLX+yCJdkiRTupyr
i8yYqN4302DdEc3wpRmlu9vGwqCaaIsewRw8EvWBAd5VxRQLKdOyx9REkwvKlQjb
fAnH0KC88QbbXWdih6uDFSO2SAxQLD2sC/LAXQXxys2/cugeJxM4kB6607K8Tguc
t/XAv+8PPHRCOvFWT5sk6MOZmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org