Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aZVOkxqTAYVYMkNP7emiwx3TW38.roa
File: aZVOkxqTAYVYMkNP7emiwx3TW38.roa (raw, json)
Hash identifier: Z5cuxrEpIOkJKhQhco61jPSfNCll7U5JX8ryI5QjgCg=
Subject key identifier: 69:95:4E:93:1A:93:01:85:58:32:43:4F:ED:E9:A2:C3:1D:D3:5B:7F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183CDD4C54166196E22FD7AFC5A50C3D5E1
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aZVOkxqTAYVYMkNP7emiwx3TW38.roa
Signing time: Wed 12 Oct 2022 20:13:36 +0000
ROA not before: Wed 12 Oct 2022 20:13:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209782
IP address blocks: 185.126.80.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cd:d4:c5:41:66:19:6e:22:fd:7a:fc:5a:50:c3:d5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 12 20:13:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69954e931a9301855832434fede9a2c31dd35b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:01:1d:f1:c6:9f:8e:3b:81:2f:5e:b4:a3:
67:e1:ea:68:d6:13:f4:49:6c:79:d2:c5:15:98:a0:
d2:4b:7c:4a:e0:a5:5a:de:8b:0d:cc:67:c2:4f:aa:
12:76:4d:df:24:04:42:43:0e:30:fe:99:12:6a:d2:
12:b4:23:81:a5:6e:27:a3:f6:37:40:10:1a:71:89:
9c:72:14:dd:dc:f1:4b:cb:46:5c:77:34:84:d4:d4:
0d:b4:82:17:b0:72:4c:cc:fa:bb:75:46:cc:7a:05:
1c:92:67:fd:cf:91:c4:7d:a5:da:2c:4a:c4:b2:01:
b8:c2:e9:76:9a:0f:4b:a6:20:f3:b8:29:fc:d3:b3:
a4:c0:7d:64:9e:3f:b7:b0:85:b4:d1:cc:73:7f:ee:
3d:cb:5c:49:b7:9c:b8:a1:4e:55:41:c2:b6:80:f7:
66:23:51:42:eb:f0:82:06:9d:9a:7e:71:02:45:0b:
84:43:dc:6d:28:f3:4e:6d:05:ac:e7:5c:5d:9e:b2:
90:fd:f6:e0:7c:5a:b0:3b:0b:62:9b:f8:58:64:f0:
d6:0b:02:d9:27:1e:26:a6:97:6d:8a:20:0e:d5:50:
f4:17:87:98:70:e6:2a:63:6b:9f:f0:f3:43:e8:08:
ac:7e:f8:33:01:c6:3f:ce:14:6d:cb:dd:00:d3:62:
b6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:95:4E:93:1A:93:01:85:58:32:43:4F:ED:E9:A2:C3:1D:D3:5B:7F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/aZVOkxqTAYVYMkNP7emiwx3TW38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.80.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:63:70:e8:4b:66:75:7e:0f:f2:0b:4d:5e:5a:08:6c:d3:43:
62:42:2d:aa:fb:55:76:d9:58:b2:34:fd:60:dc:af:c0:53:7a:
05:0f:26:cb:42:22:87:96:20:8d:b6:9c:35:ef:93:fe:46:59:
1a:70:96:02:37:6f:ee:7e:70:b6:5e:77:76:87:7a:4f:b5:f2:
2f:b4:91:bd:ff:be:fb:06:1c:37:bf:7d:f7:b5:e6:46:54:c0:
b8:b9:54:3a:8d:11:4e:50:c7:d0:a5:61:5a:5c:85:64:a0:b1:
3d:c0:65:d7:f1:1c:e2:91:01:a1:35:5a:40:77:a9:e5:6f:58:
3d:24:4b:15:9e:b3:94:d6:92:30:bf:a2:93:f7:ea:a1:3e:95:
d8:a4:aa:cf:68:13:57:02:78:fb:42:a5:30:89:53:cf:ca:fb:
26:87:67:ab:8d:e0:56:83:05:10:ea:45:97:5f:d9:f0:e1:c9:
8d:ce:bf:db:3f:c0:ec:8a:58:94:bb:1c:29:d5:e8:74:46:f8:
9f:2b:7b:39:85:7d:72:2c:4d:5f:35:10:5b:18:86:09:be:c8:
c0:c5:fc:b6:e6:d4:69:29:f1:39:59:44:40:9f:b6:d1:1a:3b:
d5:05:fc:8c:79:b1:94:ae:d4:44:a0:37:32:d8:c3:4e:35:f7:
d7:de:16:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPN1MVBZhluIv16/FpQw9XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDEyMjAxMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk1NGU5MzFhOTMwMTg1NTgzMjQzNGZlZGU5YTJjMzFkZDM1YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEMBHfHGn447gS9etKNn4epo1hP0
SWx50sUVmKDSS3xK4KVa3osNzGfCT6oSdk3fJARCQw4w/pkSatIStCOBpW4no/Y3
QBAacYmcchTd3PFLy0ZcdzSE1NQNtIIXsHJMzPq7dUbMegUckmf9z5HEfaXaLErE
sgG4wul2mg9LpiDzuCn807OkwH1knj+3sIW00cxzf+49y1xJt5y4oU5VQcK2gPdm
I1FC6/CCBp2afnECRQuEQ9xtKPNObQWs51xdnrKQ/fbgfFqwOwtim/hYZPDWCwLZ
Jx4mppdtiiAO1VD0F4eYcOYqY2uf8PND6AisfvgzAcY/zhRty90A02K2nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmVTpMakwGFWDJDT+3posMd01t/MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvYVpWT2t4cVRBWVZZTWtOUDdlbWl3eDNUVzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX5QMA0G
CSqGSIb3DQEBCwUAA4IBAQC3Y3DoS2Z1fg/yC01eWghs00NiQi2q+1V22ViyNP1g
3K/AU3oFDybLQiKHliCNtpw175P+RlkacJYCN2/ufnC2Xnd2h3pPtfIvtJG9/777
Bhw3v333teZGVMC4uVQ6jRFOUMfQpWFaXIVkoLE9wGXX8RzikQGhNVpAd6nlb1g9
JEsVnrOU1pIwv6KT9+qhPpXYpKrPaBNXAnj7QqUwiVPPyvsmh2erjeBWgwUQ6kWX
X9nw4cmNzr/bP8DsiliUuxwp1eh0RvifK3s5hX1yLE1fNRBbGIYJvsjAxfy25tRp
KfE5WURAn7bRGjvVBfyMebGUrtREoDcy2MNONffX3hb5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org