Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bRUh4vUDIjdp1RS490cLeijBlpQ.roa
File: bRUh4vUDIjdp1RS490cLeijBlpQ.roa (raw, json)
Hash identifier: xiO3v3PZrMQni+5xl2kXd5+oDKZ6CsODeB10+F8ndvo=
Subject key identifier: 6D:15:21:E2:F5:03:22:37:69:D5:14:B8:F7:47:0B:7A:28:C1:96:94
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04ACAB91
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bRUh4vUDIjdp1RS490cLeijBlpQ.roa
Signing time: Tue 28 Jun 2022 10:24:03 +0000
ROA not before: Tue 28 Jun 2022 10:24:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.225.21.0/24 maxlen: 24
185.218.21.0/24 maxlen: 24
185.214.110.0/24 maxlen: 24
185.214.109.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78424977 (0x4acab91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 28 10:24:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d1521e2f503223769d514b8f7470b7a28c19694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:be:d3:88:39:22:70:f9:99:a9:6f:8d:eb:f3:
b6:1d:21:d0:0c:48:9f:bb:81:c2:9e:ae:24:9f:84:
75:17:29:bd:bd:e5:49:8d:da:7e:0f:42:e8:50:cc:
de:9b:07:30:2d:85:98:3e:5a:85:e6:3c:ea:94:f5:
99:06:26:5c:12:a0:e3:ed:cc:70:59:f7:0b:df:54:
a1:54:47:fd:60:5f:7d:6d:ac:8e:6a:0e:18:4f:2e:
3b:3b:d0:7a:fb:fd:66:90:67:66:7f:fa:6d:87:63:
b6:1a:99:f8:63:0b:0d:ba:a5:53:19:b7:3c:a3:6a:
b2:91:cf:62:8b:d2:4b:64:e3:ef:14:80:b3:5a:58:
18:15:48:e1:24:b2:ce:a8:78:60:97:73:97:46:4c:
aa:4c:37:bd:16:4f:c1:6a:b0:63:57:32:a7:8c:81:
f8:d6:e8:16:5d:ee:2b:ec:3b:f9:46:0b:8c:1c:b5:
20:5a:36:39:61:b3:94:07:78:97:0c:ff:cd:40:22:
98:81:6b:11:17:6e:2a:f5:40:fa:59:79:e5:0a:0d:
d3:ec:9f:1f:f0:06:8d:3c:9c:18:6c:6c:4a:2b:bb:
49:8e:65:5b:2a:34:bb:dd:61:db:01:55:b4:d4:60:
c9:fd:13:28:9b:b8:1d:e1:02:ef:0b:56:9b:ab:8b:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:15:21:E2:F5:03:22:37:69:D5:14:B8:F7:47:0B:7A:28:C1:96:94
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/bRUh4vUDIjdp1RS490cLeijBlpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.109.0-185.214.110.255
185.218.21.0/24
185.225.21.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c9:fb:b1:87:28:ca:2c:1c:7f:1e:c8:db:c3:6b:19:e9:df:
f9:34:f4:a5:72:14:ba:a3:2a:ee:67:10:a0:dd:76:1a:77:b1:
ae:08:1e:16:68:96:af:21:23:b9:fa:07:00:fd:9f:58:12:aa:
39:a1:9b:06:ad:14:80:6d:1d:72:9b:bc:b9:8c:91:50:5f:93:
d3:9a:b5:8f:d8:db:59:5f:ac:f1:1b:46:66:81:6f:38:b8:d1:
61:ec:28:93:d4:59:a7:8e:fd:1b:22:90:c8:34:76:1c:02:39:
4c:d2:1a:28:dc:96:56:70:73:16:31:cd:0d:c4:70:5e:b5:02:
49:c5:a4:37:98:0e:ff:39:04:57:34:9a:33:68:0c:91:b5:4d:
fb:43:de:50:f0:69:6d:d1:02:fb:2b:d5:db:75:2f:e3:a5:78:
54:76:cd:ef:6c:4d:7a:8d:64:f2:85:63:db:9e:68:ff:50:b8:
da:ad:38:01:5e:4b:94:d2:3c:1d:95:61:fb:42:27:9c:3d:09:
b5:6c:7f:91:2b:da:86:3d:ac:ce:75:37:8c:4b:61:01:7a:c2:
83:7f:a0:24:e2:e3:70:62:46:5e:32:cb:40:42:4a:69:b8:2d:
44:88:e1:be:80:40:fc:04:65:52:5e:02:58:f5:81:99:41:d9:
e8:9c:ef:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBKyrkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDYy
ODEwMjQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxNTIxZTJmNTAz
MjIzNzY5ZDUxNGI4Zjc0NzBiN2EyOGMxOTY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIS+04g5InD5malvjevzth0h0AxIn7uBwp6uJJ+EdRcpvb3l
SY3afg9C6FDM3psHMC2FmD5aheY86pT1mQYmXBKg4+3McFn3C99UoVRH/WBffW2s
jmoOGE8uOzvQevv9ZpBnZn/6bYdjthqZ+GMLDbqlUxm3PKNqspHPYovSS2Tj7xSA
s1pYGBVI4SSyzqh4YJdzl0ZMqkw3vRZPwWqwY1cyp4yB+NboFl3uK+w7+UYLjBy1
IFo2OWGzlAd4lwz/zUAimIFrERduKvVA+ll55QoN0+yfH/AGjTycGGxsSiu7SY5l
Wyo0u91h2wFVtNRgyf0TKJu4HeEC7wtWm6uLF48CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRtFSHi9QMiN2nVFLj3Rwt6KMGWlDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2JSVWg0dlVESWpkcDFSUzQ5MGNMZWlqQmxwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAudZtAwQAudZuAwQAudoVAwQA
ueEVMA0GCSqGSIb3DQEBCwUAA4IBAQBwyfuxhyjKLBx/Hsjbw2sZ6d/5NPSlchS6
oyruZxCg3XYad7GuCB4WaJavISO5+gcA/Z9YEqo5oZsGrRSAbR1ym7y5jJFQX5PT
mrWP2NtZX6zxG0ZmgW84uNFh7CiT1Fmnjv0bIpDINHYcAjlM0hoo3JZWcHMWMc0N
xHBetQJJxaQ3mA7/OQRXNJozaAyRtU37Q95Q8Glt0QL7K9XbdS/jpXhUds3vbE16
jWTyhWPbnmj/ULjarTgBXkuU0jwdlWH7QiecPQm1bH+RK9qGPazOdTeMS2EBesKD
f6Ak4uNwYkZeMstAQkppuC1EiOG+gED8BGVSXgJY9YGZQdnonO8B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org