Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/dffkGkLiOR5UkuBiDbgLBzbjioM.roa
File: dffkGkLiOR5UkuBiDbgLBzbjioM.roa (raw, json)
Hash identifier: Nvfk9/zRcKJuqKKMbChBadk52TGNCnZRaBifEQ+ud/Q=
Subject key identifier: 75:F7:E4:1A:42:E2:39:1E:54:92:E0:62:0D:B8:0B:07:36:E3:8A:83
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04B8EF20
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/dffkGkLiOR5UkuBiDbgLBzbjioM.roa
Signing time: Fri 01 Jul 2022 11:29:25 +0000
ROA not before: Fri 01 Jul 2022 11:29:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212096
IP address blocks: 185.225.20.0/22 maxlen: 22
185.218.20.0/22 maxlen: 22
185.126.80.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
185.228.72.0/22 maxlen: 22
185.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79228704 (0x4b8ef20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 1 11:29:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75f7e41a42e2391e5492e0620db80b0736e38a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:33:5a:6d:0c:0a:4c:5c:62:7d:30:fb:5a:
43:9e:13:71:93:71:dc:22:4c:a5:ec:45:f7:85:6d:
73:5f:e8:3a:3b:6e:14:d9:2e:6b:64:e0:fc:ac:8b:
55:75:f7:bc:ca:09:0d:8b:d6:0b:ac:89:94:5f:da:
68:cc:b9:b7:48:c4:73:e7:2b:7f:73:e0:71:72:01:
91:3e:f0:e4:ee:13:f8:bf:8d:3d:30:3a:2a:a3:1d:
b0:3a:5a:38:29:b5:ac:3b:42:24:c5:8e:58:8f:66:
eb:8f:c3:e4:8e:e8:b5:95:30:10:0b:a5:5d:74:f1:
bb:a9:58:79:a7:40:90:fe:ae:88:e6:fd:c2:75:5f:
96:28:f8:1d:00:91:dd:32:f8:94:ee:ed:61:aa:02:
1b:38:49:ea:2e:4e:c0:ef:14:f9:c5:51:80:6a:ee:
9a:85:56:5d:f5:6c:ce:9f:43:ed:e3:f1:a8:e0:76:
d7:2a:8d:1f:0d:1a:4a:eb:fe:7b:3b:d3:2b:90:87:
56:50:ea:6c:0a:c6:f1:b6:c7:18:f7:ba:ab:9a:0f:
0a:96:af:34:7f:a1:b2:cf:f8:99:3d:48:cc:c4:bf:
54:ed:d4:cf:35:c7:95:6f:f7:18:4a:ba:ed:55:0e:
d3:74:3e:0e:3c:43:f3:b9:d5:86:9f:70:7b:79:99:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F7:E4:1A:42:E2:39:1E:54:92:E0:62:0D:B8:0B:07:36:E3:8A:83
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/dffkGkLiOR5UkuBiDbgLBzbjioM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/22
185.126.80.0/22
185.218.20.0/22
185.225.20.0/22
185.228.72.0/22
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:77:8d:f9:be:02:d9:52:13:d0:7d:48:79:d0:69:c9:6c:98:
05:fc:14:44:0d:bc:b2:9d:6c:50:ae:4d:13:c4:1d:30:ee:e9:
71:ce:d3:f5:b2:0a:d4:7e:9e:3c:84:e1:0a:0d:c1:fe:7b:11:
77:b9:65:8e:c9:45:74:99:1e:71:87:16:87:c9:08:d8:2b:44:
a2:95:4f:48:1b:b1:93:36:5f:0d:6f:30:ee:0b:83:9d:1c:46:
2c:3a:d7:de:f1:04:c4:04:7d:58:f8:ec:9b:34:b0:7b:ae:5f:
e2:8d:b6:e1:56:c4:86:fa:8a:43:42:da:be:53:47:eb:f9:36:
2c:00:55:62:50:18:2e:71:f8:69:03:43:57:b2:6e:87:ae:93:
6d:2f:42:a8:b1:51:e7:b9:0d:ec:2f:7d:4b:8c:e0:ec:96:56:
f5:40:36:c7:e9:aa:fb:fb:00:50:75:7c:c5:6f:bf:f3:42:b1:
07:4c:23:fb:0c:1d:5d:58:8a:17:59:dc:3f:e4:78:39:40:1b:
7a:9b:4b:a3:f3:fd:0c:8b:45:05:86:9a:af:0c:fd:77:7b:8e:
a3:b1:4f:3f:59:7b:38:8c:eb:c1:a9:c6:81:68:08:cc:e5:83:
66:65:40:81:ed:83:07:bb:c5:ba:f7:98:ff:bf:29:a0:c1:ad:
b1:59:e7:68
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBLjvIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDcw
MTExMjkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVmN2U0MWE0MmUy
MzkxZTU0OTJlMDYyMGRiODBiMDczNmUzOGE4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkdM1ptDApMXGJ9MPtaQ54TcZNx3CJMpexF94Vtc1/oOjtu
FNkua2Tg/KyLVXX3vMoJDYvWC6yJlF/aaMy5t0jEc+crf3PgcXIBkT7w5O4T+L+N
PTA6KqMdsDpaOCm1rDtCJMWOWI9m64/D5I7otZUwEAulXXTxu6lYeadAkP6uiOb9
wnVflij4HQCR3TL4lO7tYaoCGzhJ6i5OwO8U+cVRgGrumoVWXfVszp9D7ePxqOB2
1yqNHw0aSuv+ezvTK5CHVlDqbArG8bbHGPe6q5oPCpavNH+hss/4mT1IzMS/VO3U
zzXHlW/3GEq67VUO03Q+DjxD87nVhp9we3mZYlUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBR19+QaQuI5HlSS4GINuAsHNuOKgzAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2RmZmtHa0xpT1I1VWt1QmlEYmdMQnpiamlvTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEArlszAMEArl+UAMEArnaFAMEArnh
FAMEArnkSAMEAsE6kDANBgkqhkiG9w0BAQsFAAOCAQEAbXeN+b4C2VIT0H1IedBp
yWyYBfwURA28sp1sUK5NE8QdMO7pcc7T9bIK1H6ePIThCg3B/nsRd7lljslFdJke
cYcWh8kI2CtEopVPSBuxkzZfDW8w7guDnRxGLDrX3vEExAR9WPjsmzSwe65f4o22
4VbEhvqKQ0LavlNH6/k2LABVYlAYLnH4aQNDV7Juh66TbS9CqLFR57kN7C99S4zg
7JZW9UA2x+mq+/sAUHV8xW+/80KxB0wj+wwdXViKF1ncP+R4OUAbeptLo/P9DItF
BYaarwz9d3uOo7FPP1l7OIzrwanGgWgIzOWDZmVAge2DB7vFuveY/78poMGtsVnn
aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org