Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cN_ACUalWxnl7Oc_mgVWgZGMgbA.roa
File: cN_ACUalWxnl7Oc_mgVWgZGMgbA.roa (raw, json)
Hash identifier: GQOOVhDCqpd/Bi3ZFsud4i8ZIM43rFUA1NFE9YbA2xw=
Subject key identifier: 70:DF:C0:09:46:A5:5B:19:E5:EC:E7:3F:9A:05:56:81:91:8C:81:B0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01830D95586BA6C83EAFD0C9AC7F4DCD117D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cN_ACUalWxnl7Oc_mgVWgZGMgbA.roa
Signing time: Mon 05 Sep 2022 12:17:14 +0000
ROA not before: Mon 05 Sep 2022 12:17:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 185.199.156.0/24 maxlen: 24
185.194.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:95:58:6b:a6:c8:3e:af:d0:c9:ac:7f:4d:cd:11:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 5 12:17:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70dfc00946a55b19e5ece73f9a055681918c81b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:e2:4a:44:6a:4b:76:29:86:6a:61:1d:8e:
03:58:e4:f7:d2:70:be:5b:50:fc:f7:49:09:f5:e4:
4c:78:1b:8d:31:57:69:ae:77:6b:da:49:b8:dd:35:
45:1a:dd:71:f6:13:c3:9e:32:35:fb:87:aa:00:73:
92:74:52:1d:ff:73:a3:2f:c6:8d:ab:90:77:1a:a4:
bd:54:5d:a3:f1:7a:81:76:97:df:5a:2f:91:75:3d:
c6:ee:e2:05:5d:4f:18:23:5d:45:0e:bd:80:b8:1d:
38:3c:ac:d5:d6:9e:03:d2:e6:9e:22:79:a4:f5:a0:
7d:68:c9:ce:5b:b4:6c:e4:77:ef:b5:60:da:12:4d:
02:9c:dc:70:bb:06:25:6d:21:d4:cc:16:39:eb:c1:
66:6d:67:c4:ba:72:55:1d:71:8b:85:60:02:a6:a4:
6f:3f:01:be:b7:14:a4:74:bc:1b:43:8e:75:c9:95:
cd:c2:42:7c:e7:a0:5c:b9:73:ad:2b:20:b3:27:11:
a5:fd:62:8b:fc:42:92:2b:ff:26:73:b3:62:fa:c2:
cd:b3:fc:0e:a1:fa:fe:92:ce:cd:e8:82:ea:1c:bc:
28:28:0c:b3:e6:63:f4:ac:7f:d7:8e:ca:ba:20:f7:
47:4a:f5:cb:1a:bd:fa:4c:8c:d8:d7:6c:09:5f:06:
d2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DF:C0:09:46:A5:5B:19:E5:EC:E7:3F:9A:05:56:81:91:8C:81:B0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cN_ACUalWxnl7Oc_mgVWgZGMgbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.179.0/24
185.199.156.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:06:aa:95:1b:e9:93:26:a0:fa:7f:b3:45:53:00:93:8e:97:
68:7e:d9:34:ac:2b:f0:d9:2d:35:5c:bf:f9:27:40:01:b7:98:
9a:e5:c8:ad:e7:4d:1f:75:76:94:48:bb:f5:38:48:b1:83:7f:
56:c7:49:a9:63:48:d2:29:de:a9:06:8b:60:10:67:c5:f7:9d:
0a:be:8f:e4:ac:72:e4:c8:71:09:cc:0b:a6:5c:53:24:6b:24:
2a:67:2a:67:d3:08:92:d0:46:9c:16:8d:17:c5:7b:75:58:1b:
ab:81:1a:60:fa:ff:c3:e8:17:ca:92:50:a8:43:7b:5e:9a:8c:
7e:8c:09:21:14:ba:d1:36:5c:b6:ec:81:c6:40:d4:7f:8b:07:
da:ed:06:aa:db:3f:7f:91:97:e6:a3:de:68:ec:a5:ba:bb:7b:
45:f7:c2:5b:23:70:43:f0:62:52:95:78:51:b9:15:54:3a:19:
22:be:47:f3:5d:d6:0d:2c:b4:ab:88:60:d4:97:35:5f:0f:83:
af:30:a1:d8:fa:a6:fe:34:f1:8d:4b:0d:d6:dd:3d:3b:4d:93:
ac:39:18:44:6f:6d:ba:87:f3:08:7b:55:20:1e:e9:61:24:92:
5d:0d:81:5f:30:a8:2d:a6:c9:0a:5b:a9:08:45:ed:42:cb:4e:
97:fd:06:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMNlVhrpsg+r9DJrH9NzRF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwOTA1MTIxNzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRmYzAwOTQ2YTU1YjE5ZTVlY2U3M2Y5YTA1NTY4MTkxOGM4MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvbiSkRqS3YphmphHY4DWOT30nC+
W1D890kJ9eRMeBuNMVdprndr2km43TVFGt1x9hPDnjI1+4eqAHOSdFId/3OjL8aN
q5B3GqS9VF2j8XqBdpffWi+RdT3G7uIFXU8YI11FDr2AuB04PKzV1p4D0uaeInmk
9aB9aMnOW7Rs5HfvtWDaEk0CnNxwuwYlbSHUzBY568FmbWfEunJVHXGLhWACpqRv
PwG+txSkdLwbQ451yZXNwkJ856BcuXOtKyCzJxGl/WKL/EKSK/8mc7Ni+sLNs/wO
ofr+ks7N6ILqHLwoKAyz5mP0rH/Xjsq6IPdHSvXLGr36TIzY12wJXwbSJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDfwAlGpVsZ5eznP5oFVoGRjIGwMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvY05fQUNVYWxXeG5sN09jX21nVldnWkdNZ2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucKzAwQA
ucecMA0GCSqGSIb3DQEBCwUAA4IBAQDOBqqVG+mTJqD6f7NFUwCTjpdoftk0rCvw
2S01XL/5J0ABt5ia5cit500fdXaUSLv1OEixg39Wx0mpY0jSKd6pBotgEGfF950K
vo/krHLkyHEJzAumXFMkayQqZypn0wiS0EacFo0XxXt1WBurgRpg+v/D6BfKklCo
Q3temox+jAkhFLrRNly27IHGQNR/iwfa7Qaq2z9/kZfmo95o7KW6u3tF98JbI3BD
8GJSlXhRuRVUOhkivkfzXdYNLLSriGDUlzVfD4OvMKHY+qb+NPGNSw3W3T07TZOs
ORhEb226h/MIe1UgHulhJJJdDYFfMKgtpskKW6kIRe1Cy06X/QZe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org