Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/VsztIQvuOJ2UxbRF_pj-HRQf3-o.roa
File: VsztIQvuOJ2UxbRF_pj-HRQf3-o.roa (raw, json)
Hash identifier: 8gDiGx2RpCm9J4Zi2kYq5c80iiOj7kDbsQCDlvwEDlE=
Subject key identifier: 56:CC:ED:21:0B:EE:38:9D:94:C5:B4:45:FE:98:FE:1D:14:1F:DF:EA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03B84E6F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/VsztIQvuOJ2UxbRF_pj-HRQf3-o.roa
Signing time: Sun 27 Mar 2022 15:30:29 +0000
ROA not before: Sun 27 Mar 2022 15:30:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 185.225.20.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.199.148.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.228.74.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.194.176.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62410351 (0x3b84e6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 27 15:30:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56cced210bee389d94c5b445fe98fe1d141fdfea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4a:f7:84:04:9d:a8:81:51:27:c4:9f:f8:e0:
e9:09:c5:2d:17:ac:a3:2d:88:c0:e2:08:50:7c:f3:
27:75:c9:56:01:be:7b:80:53:be:2e:02:38:57:1c:
8e:7a:4a:10:0d:49:c9:02:67:b7:00:11:77:2a:9b:
8a:06:73:5c:a2:f1:93:2d:29:81:9b:34:fd:cd:2b:
12:25:35:4a:8e:45:5b:69:29:b4:1e:1b:8c:a7:a5:
3c:2f:08:29:b5:fb:23:d9:91:01:dc:28:ad:9c:59:
dd:dc:94:1d:d5:a5:d8:f3:00:c9:5f:2f:e3:53:6f:
ce:e1:15:fc:bc:60:14:ab:fe:c7:cd:61:33:cb:fa:
df:7e:4d:68:b8:3d:eb:b8:1b:74:ac:5b:e5:a6:30:
eb:8d:e1:3f:99:73:7f:94:ec:88:9c:6e:f6:57:ab:
84:f1:36:64:9b:88:c1:ea:4c:f5:69:58:9b:78:f0:
88:b5:be:ae:6c:9a:b1:2c:94:0e:4d:dd:cf:25:56:
f0:f1:64:1c:d9:5e:6b:50:e3:45:a2:69:04:33:4a:
fd:5a:96:c9:ee:99:58:6d:97:9d:93:b1:84:fc:21:
3f:28:64:15:14:30:5b:e5:96:48:34:e2:94:1c:f7:
91:45:1c:0b:73:3d:cb:31:e2:0a:5e:bf:a5:ae:1b:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CC:ED:21:0B:EE:38:9D:94:C5:B4:45:FE:98:FE:1D:14:1F:DF:EA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/VsztIQvuOJ2UxbRF_pj-HRQf3-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/24
185.126.81.0/24
185.194.176.0/24
185.199.148.0/24
185.214.108.0/24
185.218.20.0/24
185.225.20.0/24
185.228.74.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:a0:32:53:66:3b:74:e5:e7:28:95:f2:d7:37:35:55:0c:e9:
b2:a7:28:ab:ca:a1:9b:27:33:77:0d:c1:fd:69:f4:f7:04:aa:
6b:70:be:c9:94:b8:43:9c:a2:e6:0d:a7:27:ae:79:b8:26:c0:
5c:7a:6f:22:f7:9b:fc:fb:59:da:ad:8c:10:dc:a3:1c:06:2d:
6e:3d:22:4f:44:42:b9:af:5f:1b:2d:2a:9a:f2:05:06:9e:48:
0b:b1:9e:92:bb:38:7a:9b:47:23:4c:44:3c:eb:a5:27:c6:d9:
cd:16:5f:f9:12:0e:9d:f3:ee:fe:0d:c2:0d:17:c4:36:18:ca:
0c:0a:12:8b:ff:34:89:63:02:01:36:cf:6a:e9:99:36:d1:96:
c8:43:bf:bd:da:fe:fc:ba:a9:63:fd:c9:9a:f2:58:58:12:9f:
37:82:cb:07:16:8e:6d:35:93:99:a7:ad:26:05:1d:db:cd:24:
27:52:82:90:5e:91:6c:52:44:4d:6c:2f:0e:68:d0:91:01:5e:
88:71:08:21:5f:43:4c:72:51:8c:dc:b0:52:12:a1:4a:80:f3:
42:a3:cc:aa:a5:88:ec:9e:41:be:4d:84:45:2e:a0:72:3c:f8:
93:4c:1f:cc:14:81:a5:0e:f9:1a:5d:83:19:fe:09:84:94:3f:
1d:e3:b8:dc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEA7hObzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDMy
NzE1MzAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZjY2VkMjEwYmVl
Mzg5ZDk0YzViNDQ1ZmU5OGZlMWQxNDFmZGZlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNK94QEnaiBUSfEn/jg6QnFLResoy2IwOIIUHzzJ3XJVgG+
e4BTvi4COFccjnpKEA1JyQJntwARdyqbigZzXKLxky0pgZs0/c0rEiU1So5FW2kp
tB4bjKelPC8IKbX7I9mRAdworZxZ3dyUHdWl2PMAyV8v41NvzuEV/LxgFKv+x81h
M8v6335NaLg967gbdKxb5aYw643hP5lzf5TsiJxu9lerhPE2ZJuIwepM9WlYm3jw
iLW+rmyasSyUDk3dzyVW8PFkHNlea1DjRaJpBDNK/VqWye6ZWG2XnZOxhPwhPyhk
FRQwW+WWSDTilBz3kUUcC3M9yzHiCl6/pa4bmSECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRWzO0hC+44nZTFtEX+mP4dFB/f6jAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L1ZzenRJUXZ1T0oyVXhiUkZfcGotSFJRZjMtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEALkkzAMEALl+UQMEALnCsAMEALnH
lAMEALnWbAMEALnaFAMEALnhFAMEALnkSjANBgkqhkiG9w0BAQsFAAOCAQEAuaAy
U2Y7dOXnKJXy1zc1VQzpsqcoq8qhmyczdw3B/Wn09wSqa3C+yZS4Q5yi5g2nJ655
uCbAXHpvIveb/PtZ2q2MENyjHAYtbj0iT0RCua9fGy0qmvIFBp5IC7Gekrs4eptH
I0xEPOulJ8bZzRZf+RIOnfPu/g3CDRfENhjKDAoSi/80iWMCATbPaumZNtGWyEO/
vdr+/LqpY/3JmvJYWBKfN4LLBxaObTWTmaetJgUd280kJ1KCkF6RbFJETWwvDmjQ
kQFeiHEIIV9DTHJRjNywUhKhSoDzQqPMqqWI7J5Bvk2ERS6gcjz4k0wfzBSBpQ75
Gl2DGf4JhJQ/HeO43A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org