Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cqGhmHVqNBD_qW2XkM1ohtok1xQ.roa
File: cqGhmHVqNBD_qW2XkM1ohtok1xQ.roa (raw, json)
Hash identifier: plSdypl2gi+xMWBsSWZ79aJPK6kgNhbcJ70XeGga/jk=
Subject key identifier: 72:A1:A1:98:75:6A:34:10:FF:A9:6D:97:90:CD:68:86:DA:24:D7:14
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03D73450
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cqGhmHVqNBD_qW2XkM1ohtok1xQ.roa
Signing time: Tue 05 Apr 2022 08:07:43 +0000
ROA not before: Tue 05 Apr 2022 08:07:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.228.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64435280 (0x3d73450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 5 08:07:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72a1a198756a3410ffa96d9790cd6886da24d714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:5f:16:63:5e:60:7c:41:76:a8:13:64:3c:
c0:41:8a:d9:56:47:c2:7f:df:70:90:46:3d:0d:25:
5d:e2:3a:87:eb:aa:f1:e3:59:0a:1d:33:b6:1f:5a:
6a:d1:c7:50:e4:d6:f2:21:c4:a6:94:51:42:44:f4:
f8:16:f2:3f:fa:ef:46:a8:bb:3e:46:89:d5:dc:e9:
5d:03:c4:e4:47:45:6a:63:4b:d6:4f:cd:1c:6c:80:
4e:74:48:ca:39:13:73:b0:77:ef:b0:51:e6:e7:0b:
86:9a:6d:b5:e1:38:a6:48:3a:b4:0f:4b:97:ea:59:
fe:a8:32:6a:ec:0b:c8:b5:0c:1d:40:b1:12:0f:c2:
a7:53:a6:b0:36:b9:70:d8:ee:d5:f1:76:82:67:8d:
3c:8c:2e:ac:67:25:eb:9b:7b:52:ca:11:cf:93:d7:
b8:4f:5f:04:b5:0d:a5:d9:97:fd:0b:46:02:25:01:
44:bf:d9:dc:e1:2c:d0:e9:5e:81:47:18:9a:36:d0:
8c:c1:88:4c:fc:06:03:36:df:ab:13:ec:98:4d:3d:
77:22:64:05:e2:40:28:cb:54:7c:d3:27:66:a4:8f:
cc:6f:d4:53:14:74:13:a5:ed:ab:fc:ab:d0:0c:01:
94:79:da:f6:c4:3b:76:bc:06:ae:1c:78:09:89:2d:
48:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A1:A1:98:75:6A:34:10:FF:A9:6D:97:90:CD:68:86:DA:24:D7:14
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/cqGhmHVqNBD_qW2XkM1ohtok1xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.73.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1a:81:23:bf:45:a2:eb:96:ba:c2:d0:02:ba:21:2a:e6:bb:
31:e9:4a:0f:34:f0:a5:22:bf:97:58:c4:d2:ae:f1:ba:26:93:
3b:09:ff:f7:99:03:eb:d5:98:1a:92:a2:9d:87:11:56:f6:3a:
ae:0f:10:1b:17:53:bb:d0:aa:28:09:69:e4:95:14:c4:ef:7c:
9a:60:94:ba:91:8b:33:da:d2:4f:e3:66:3d:56:3d:93:ef:73:
47:8f:db:55:96:8d:90:93:33:90:b7:04:f7:a3:ce:cb:ae:40:
a3:50:14:2c:69:16:82:95:81:0f:1d:12:1f:2d:55:3d:36:92:
ae:9f:cc:f1:c4:21:94:dc:59:6b:74:db:2c:61:b8:a5:c5:9b:
82:be:ee:52:6d:85:f2:16:1a:ae:a8:02:de:16:2d:0d:f8:a2:
20:64:5b:85:6d:f6:30:6c:b4:14:1b:d9:5a:40:1d:d9:4a:19:
77:dc:df:3c:59:6a:9c:2d:83:dc:35:3b:db:2b:1b:6b:32:13:
61:bc:50:6b:5e:20:7d:e9:3b:32:0d:e8:01:8c:b6:60:c9:17:
78:bf:18:db:f8:cd:b6:68:5f:e0:c4:97:c1:9b:4f:24:82:62:
a2:61:ac:7e:76:69:7a:7e:ad:ee:67:70:17:0c:a4:fb:f5:6c:
73:27:bb:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9c0UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDQw
NTA4MDc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhMWExOTg3NTZh
MzQxMGZmYTk2ZDk3OTBjZDY4ODZkYTI0ZDcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPeXxZjXmB8QXaoE2Q8wEGK2VZHwn/fcJBGPQ0lXeI6h+uq
8eNZCh0zth9aatHHUOTW8iHEppRRQkT0+BbyP/rvRqi7PkaJ1dzpXQPE5EdFamNL
1k/NHGyATnRIyjkTc7B377BR5ucLhpptteE4pkg6tA9Ll+pZ/qgyauwLyLUMHUCx
Eg/Cp1OmsDa5cNju1fF2gmeNPIwurGcl65t7UsoRz5PXuE9fBLUNpdmX/QtGAiUB
RL/Z3OEs0OlegUcYmjbQjMGITPwGAzbfqxPsmE09dyJkBeJAKMtUfNMnZqSPzG/U
UxR0E6Xtq/yr0AwBlHna9sQ7drwGrhx4CYktSI8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyoaGYdWo0EP+pbZeQzWiG2iTXFDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2NxR2htSFZxTkJEX3FXMlhrTTFvaHRvazF4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnkSTANBgkqhkiG9w0BAQsFAAOC
AQEAURqBI79FouuWusLQArohKua7MelKDzTwpSK/l1jE0q7xuiaTOwn/95kD69WY
GpKinYcRVvY6rg8QGxdTu9CqKAlp5JUUxO98mmCUupGLM9rST+NmPVY9k+9zR4/b
VZaNkJMzkLcE96POy65Ao1AULGkWgpWBDx0SHy1VPTaSrp/M8cQhlNxZa3TbLGG4
pcWbgr7uUm2F8hYarqgC3hYtDfiiIGRbhW32MGy0FBvZWkAd2UoZd9zfPFlqnC2D
3DU72ysbazITYbxQa14gfek7Mg3oAYy2YMkXeL8Y2/jNtmhf4MSXwZtPJIJiomGs
fnZpen6t7mdwFwyk+/Vscye72g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org