Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/do3B2CY1A57RiQ7Ib1eYh9fFcCk.roa
File: do3B2CY1A57RiQ7Ib1eYh9fFcCk.roa (raw, json)
Hash identifier: 977xJa8P3ROmopjw3uAVpGMZ4J+Z1gwK9pdm/g+EyGE=
Subject key identifier: 76:8D:C1:D8:26:35:03:9E:D1:89:0E:C8:6F:57:98:87:D7:C5:70:29
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04BE17BD
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/do3B2CY1A57RiQ7Ib1eYh9fFcCk.roa
Signing time: Sat 02 Jul 2022 15:50:25 +0000
ROA not before: Sat 02 Jul 2022 15:50:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400040
IP address blocks: 185.225.21.0/24 maxlen: 24
185.36.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79566781 (0x4be17bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 2 15:50:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=768dc1d82635039ed1890ec86f579887d7c57029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e9:7d:9b:39:4b:72:3e:40:10:68:30:ca:5f:
6a:f4:c0:de:87:30:56:91:5e:e4:a6:c1:bc:19:05:
56:5a:14:1a:8a:90:63:36:bd:aa:69:20:40:10:95:
84:6a:6a:be:1f:05:2c:0b:2a:ef:f5:4f:2f:53:d8:
81:2c:dc:7a:e7:4b:55:d4:85:48:ac:be:29:73:d7:
d1:24:47:4d:c4:bd:50:63:8c:4a:a4:f7:39:b8:62:
e0:8c:a8:3a:b2:9e:da:6e:81:0e:46:be:a3:a5:2c:
89:cc:09:5f:07:60:f6:e4:7e:22:02:86:20:70:77:
6c:f3:21:37:c0:be:02:fd:03:06:bb:e0:73:40:46:
e8:6e:63:b6:6c:d9:b2:49:34:5e:f7:06:4b:13:ba:
84:5e:de:4b:ee:0d:eb:f5:ff:1e:ac:84:76:8c:e6:
de:de:e9:15:95:cf:dc:2d:b0:21:b6:52:75:8e:8e:
32:f1:ae:18:db:b5:76:97:57:03:bb:b0:d9:7f:41:
ce:a3:3b:a6:fe:03:c7:43:77:42:56:13:7a:f5:28:
f3:53:08:95:09:9f:b4:16:e2:f6:f3:12:35:c5:5f:
ec:62:42:e4:f7:04:03:de:48:d6:21:c6:dc:26:da:
a4:64:e0:f1:4c:e1:d1:f9:a8:67:36:89:a8:2c:16:
0d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:C1:D8:26:35:03:9E:D1:89:0E:C8:6F:57:98:87:D7:C5:70:29
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/do3B2CY1A57RiQ7Ib1eYh9fFcCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.206.0/24
185.225.21.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c7:d5:2f:b1:c7:2c:0d:5a:ac:f6:f8:c8:10:4a:ce:dd:36:
69:80:a6:4a:1b:44:b2:00:b5:96:05:6d:0d:70:5a:a6:de:de:
50:1f:5e:39:0e:ea:e9:4b:91:fb:c7:80:12:01:6b:08:84:17:
6e:37:3a:14:38:b4:92:7a:0c:0a:cd:96:ff:64:61:b0:0b:21:
b7:e8:2c:49:55:ff:49:f3:81:aa:6f:e5:5a:da:14:24:79:5f:
e6:55:52:67:64:d3:6d:38:01:7d:63:08:06:c8:1e:f2:82:f6:
e8:ad:32:55:dc:d2:ec:76:5b:25:f1:58:ab:91:7f:eb:4d:d5:
1d:09:bd:9f:e9:ae:58:2a:83:40:a5:e5:fc:a1:33:ed:dd:d7:
8d:21:5c:61:70:25:cc:e3:84:dc:d4:42:fa:ba:5e:a9:25:34:
b4:39:86:31:fe:41:0f:5e:af:3b:7a:e9:ec:69:03:a8:8d:fb:
a4:b7:56:e6:53:6e:1c:e3:4e:32:72:d3:d4:66:96:42:47:81:
e8:44:9d:50:79:55:7b:47:35:c1:b7:b4:17:df:17:b0:58:03:
b6:67:f9:75:97:d7:de:9e:c1:a9:ab:ce:c2:bf:53:2e:99:83:
1a:ca:93:a3:e8:49:a8:45:cb:07:f1:30:ef:ad:b8:fa:63:b3:
e9:6d:a1:de
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBL4XvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDcw
MjE1NTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY4ZGMxZDgyNjM1
MDM5ZWQxODkwZWM4NmY1Nzk4ODdkN2M1NzAyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbpfZs5S3I+QBBoMMpfavTA3ocwVpFe5KbBvBkFVloUGoqQ
Yza9qmkgQBCVhGpqvh8FLAsq7/VPL1PYgSzceudLVdSFSKy+KXPX0SRHTcS9UGOM
SqT3Obhi4IyoOrKe2m6BDka+o6UsicwJXwdg9uR+IgKGIHB3bPMhN8C+Av0DBrvg
c0BG6G5jtmzZskk0XvcGSxO6hF7eS+4N6/X/HqyEdozm3t7pFZXP3C2wIbZSdY6O
MvGuGNu1dpdXA7uw2X9BzqM7pv4Dx0N3QlYTevUo81MIlQmftBbi9vMSNcVf7GJC
5PcEA95I1iHG3CbapGTg8Uzh0fmoZzaJqCwWDU8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR2jcHYJjUDntGJDshvV5iH18VwKTAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2RvM0IyQ1kxQTU3UmlRN0liMWVZaDlmRmNDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkkzgMEALnhFTANBgkqhkiG9w0B
AQsFAAOCAQEABsfVL7HHLA1arPb4yBBKzt02aYCmShtEsgC1lgVtDXBapt7eUB9e
OQ7q6UuR+8eAEgFrCIQXbjc6FDi0knoMCs2W/2RhsAsht+gsSVX/SfOBqm/lWtoU
JHlf5lVSZ2TTbTgBfWMIBsge8oL26K0yVdzS7HZbJfFYq5F/603VHQm9n+muWCqD
QKXl/KEz7d3XjSFcYXAlzOOE3NRC+rpeqSU0tDmGMf5BD16vO3rp7GkDqI37pLdW
5lNuHONOMnLT1GaWQkeB6ESdUHlVe0c1wbe0F98XsFgDtmf5dZfX3p7BqavOwr9T
LpmDGsqTo+hJqEXLB/Ew7624+mOz6W2h3g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-fra.rpki-client.org