Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZMisKU1iFR9pex1xMt0lxXHa4F4.roa
File: ZMisKU1iFR9pex1xMt0lxXHa4F4.roa (raw, json)
Hash identifier: E6R2alkaWJ+Z6wM/Cs/lHVkgBDEtu0vVFzr5aTRzJto=
Subject key identifier: 64:C8:AC:29:4D:62:15:1F:69:7B:1D:71:32:DD:25:C5:71:DA:E0:5E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183E588CEAEF44B0A6182614E2A2937175A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZMisKU1iFR9pex1xMt0lxXHa4F4.roa
Signing time: Mon 17 Oct 2022 10:41:31 +0000
ROA not before: Mon 17 Oct 2022 10:41:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212096
IP address blocks: 185.225.20.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
185.228.72.0/22 maxlen: 22
185.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:88:ce:ae:f4:4b:0a:61:82:61:4e:2a:29:37:17:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 17 10:41:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64c8ac294d62151f697b1d7132dd25c571dae05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c1:51:2e:16:6a:6b:65:77:86:18:8e:ec:30:
01:0e:b8:9f:82:5b:9d:ea:49:63:e6:99:94:4e:66:
a9:1f:a8:fe:7c:e4:31:26:ff:4e:af:19:74:2a:0c:
3e:a1:77:e8:c3:fc:89:79:f7:85:b8:76:94:7c:4f:
81:76:5c:6a:ef:52:f0:81:5e:2b:82:cc:19:9b:5f:
11:8f:39:ed:cb:96:b1:85:38:48:4f:d7:09:f4:b2:
5b:ff:65:22:00:38:b9:de:94:cd:9a:3d:9d:92:14:
fb:81:fa:71:57:d0:e7:5c:59:d5:e4:c0:28:79:94:
f3:c5:f1:96:8b:51:06:f9:cb:c6:fb:0e:a9:c3:3f:
2a:36:c3:c2:45:f1:29:5e:b4:77:ce:d3:3c:d8:f4:
a6:da:bb:59:e3:9c:88:69:70:00:3b:9b:13:12:0d:
b6:79:05:f8:26:cf:73:0f:64:0c:f0:c7:a4:1d:4c:
32:39:26:a5:1a:4a:9d:86:6e:c6:1e:53:2a:97:ce:
d5:11:83:5c:a5:59:c3:c7:96:18:b3:5b:ed:56:b8:
c5:51:78:22:a7:75:99:9e:11:5e:8d:97:89:a4:10:
14:22:cb:52:27:ff:99:33:ef:b7:f1:01:ce:e9:ae:
86:10:90:4c:a4:3f:31:21:47:77:35:01:7c:b0:1e:
bc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C8:AC:29:4D:62:15:1F:69:7B:1D:71:32:DD:25:C5:71:DA:E0:5E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZMisKU1iFR9pex1xMt0lxXHa4F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/22
185.225.20.0/22
185.228.72.0/22
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
67:ff:cf:cc:6f:1a:4c:ea:3a:3d:12:b4:0d:2b:c2:b2:d2:23:
a8:d0:a8:0a:1a:68:06:46:1f:39:4c:05:4e:0f:da:43:b7:0f:
7b:39:08:8c:ed:a4:aa:c2:ed:ee:18:34:9a:4d:c4:9f:4a:24:
0a:90:68:47:a6:cc:0d:ce:0d:74:fa:d2:56:39:f2:28:9f:a0:
96:45:d9:ff:dd:03:66:ef:fa:fd:fa:f8:a7:59:f4:d5:1a:61:
80:d6:77:58:00:cd:56:05:f5:b0:13:7d:a4:b1:9f:5a:55:4f:
56:cf:5b:54:4b:a8:51:77:7a:26:67:8e:1b:f0:e5:bd:54:1f:
0d:f4:0e:9e:8d:fd:12:1d:82:e6:bd:a3:4e:9d:09:7d:16:a3:
7f:b1:f3:be:a7:c6:57:8e:54:9c:05:73:93:58:a5:20:2d:2f:
fb:0e:1c:81:10:55:96:9d:9f:2c:45:6d:aa:2a:e8:b8:df:e1:
dd:e6:51:91:29:8e:2a:02:e1:e1:40:96:fc:93:98:c6:59:6a:
71:f0:c8:d8:f3:5e:55:7d:ac:9b:10:a1:9f:39:f6:ef:b8:0f:
51:a1:05:e9:5f:13:c3:ad:56:cd:06:0a:02:7a:d2:21:bb:56:
26:0b:b6:80:22:db:48:a6:0c:5f:aa:ed:d6:8c:87:55:5e:9f:
4b:b4:17:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPliM6u9EsKYYJhTiopNxdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDE3MTA0MTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM4YWMyOTRkNjIxNTFmNjk3YjFkNzEzMmRkMjVjNTcxZGFlMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08FRLhZqa2V3hhiO7DABDrifglud
6klj5pmUTmapH6j+fOQxJv9Orxl0Kgw+oXfow/yJefeFuHaUfE+Bdlxq71LwgV4r
gswZm18Rjznty5axhThIT9cJ9LJb/2UiADi53pTNmj2dkhT7gfpxV9DnXFnV5MAo
eZTzxfGWi1EG+cvG+w6pwz8qNsPCRfEpXrR3ztM82PSm2rtZ45yIaXAAO5sTEg22
eQX4Js9zD2QM8MekHUwyOSalGkqdhm7GHlMql87VEYNcpVnDx5YYs1vtVrjFUXgi
p3WZnhFejZeJpBAUIstSJ/+ZM++38QHO6a6GEJBMpD8xIUd3NQF8sB68rwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGTIrClNYhUfaXsdcTLdJcVx2uBeMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWk1pc0tVMWlGUjlwZXgxeE10MGx4WEhhNEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuWzMAwQC
ueEUAwQCueRIAwQCwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQBn/8/MbxpM6jo9ErQN
K8Ky0iOo0KgKGmgGRh85TAVOD9pDtw97OQiM7aSqwu3uGDSaTcSfSiQKkGhHpswN
zg10+tJWOfIon6CWRdn/3QNm7/r9+vinWfTVGmGA1ndYAM1WBfWwE32ksZ9aVU9W
z1tUS6hRd3omZ44b8OW9VB8N9A6ejf0SHYLmvaNOnQl9FqN/sfO+p8ZXjlScBXOT
WKUgLS/7DhyBEFWWnZ8sRW2qKui43+Hd5lGRKY4qAuHhQJb8k5jGWWpx8MjY815V
faybEKGfOfbvuA9RoQXpXxPDrVbNBgoCetIhu1YmC7aAIttIpgxfqu3WjIdVXp9L
tBcS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org