Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eqhWLq1nco8bbLnsCZy1hjRGDJA.roa
File: eqhWLq1nco8bbLnsCZy1hjRGDJA.roa (raw, json)
Hash identifier: M6E8geQg7RtuKQ0oXaQtVZ5IKvTfJvV4wYpOX51cXY8=
Subject key identifier: 7A:A8:56:2E:AD:67:72:8F:1B:6C:B9:EC:09:9C:B5:86:34:46:0C:90
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03BECCB5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eqhWLq1nco8bbLnsCZy1hjRGDJA.roa
Signing time: Tue 29 Mar 2022 08:40:59 +0000
ROA not before: Tue 29 Mar 2022 08:40:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 185.108.204.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62835893 (0x3beccb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 29 08:40:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7aa8562ead67728f1b6cb9ec099cb58634460c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:19:4e:e2:09:47:bf:ce:78:9a:11:4a:ea:c1:
bd:0a:44:7e:f3:03:3a:b6:25:fe:25:3a:1b:ea:4d:
bc:4e:6a:8d:f3:0c:7d:58:9a:a3:e2:e6:e5:b5:4a:
89:68:04:23:e2:d3:87:51:2d:d3:ce:a1:24:6a:68:
d4:d1:60:dc:11:df:15:b4:26:cb:96:f7:5c:7f:d4:
68:ff:f9:e6:7d:44:41:ba:71:e0:f4:7e:a2:77:74:
9c:43:59:c1:57:68:09:ed:4b:b2:b0:10:dd:19:a5:
b5:ac:83:91:11:8c:95:1a:ea:4d:fc:40:6b:2f:90:
64:e4:04:7d:ed:5f:53:4d:5f:37:ff:af:33:19:fb:
65:38:0d:5b:15:b9:44:13:8e:15:9e:69:36:17:97:
56:43:24:8e:b3:13:c9:96:01:4f:03:63:9f:1a:4c:
32:14:96:51:49:9b:7f:6c:7a:a6:8a:60:cc:a4:c0:
c0:d0:eb:7a:59:f5:02:4a:90:c7:92:6e:ce:c6:15:
56:aa:f8:63:c0:2a:7d:29:5b:29:c6:ea:c4:6f:7b:
37:fd:61:86:e1:d0:0b:63:c4:44:f3:0b:c6:2a:6a:
cc:7b:b2:ac:83:af:00:b5:6e:f1:58:ae:ff:59:8b:
07:c1:0e:4e:8e:31:96:73:53:1e:fe:f9:6d:7d:e9:
74:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A8:56:2E:AD:67:72:8F:1B:6C:B9:EC:09:9C:B5:86:34:46:0C:90
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/eqhWLq1nco8bbLnsCZy1hjRGDJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:bc:26:7c:89:f4:ad:94:33:8a:8d:3e:ef:fa:db:be:85:7c:
4b:ca:55:09:68:52:77:13:d9:9b:2e:a7:28:f8:e2:4b:00:86:
30:71:9c:f5:fb:a9:23:37:ee:29:89:4a:87:de:1f:eb:66:55:
d8:71:db:1e:00:77:37:7e:98:b1:25:0e:17:43:f3:1d:df:82:
ef:d2:14:c0:de:ad:05:19:02:d7:1a:c1:fb:39:4a:55:b4:fe:
96:e8:de:27:e0:75:c8:92:1b:a8:a7:e4:de:d9:38:15:79:9e:
e1:c8:85:20:9b:65:da:c5:12:31:0e:b0:ea:77:7f:48:38:a4:
2f:7b:ba:94:f0:c4:b7:8f:cd:a6:6b:4a:e9:55:f1:42:8d:d8:
f3:3c:ec:20:4c:09:1d:e4:75:b4:ed:c6:83:ae:e2:b7:9d:14:
c4:4e:b4:af:51:a4:9e:03:e7:f4:31:e5:68:df:88:7b:89:e1:
bc:f3:fd:3d:ad:5f:14:50:ca:17:97:66:79:ce:b9:25:73:56:
14:f4:21:8f:ea:71:98:3e:55:7b:ff:9b:1a:4b:fd:e2:b0:7d:
dc:fc:2f:7d:2f:29:53:86:b7:20:b7:26:45:44:ba:ee:af:3a:
b2:ff:51:63:84:12:1f:27:ca:35:e0:5b:95:c5:62:96:ac:7a:
71:df:14:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA77MtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDMy
OTA4NDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FhODU2MmVhZDY3
NzI4ZjFiNmNiOWVjMDk5Y2I1ODYzNDQ2MGM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAZTuIJR7/OeJoRSurBvQpEfvMDOrYl/iU6G+pNvE5qjfMM
fViao+Lm5bVKiWgEI+LTh1Et086hJGpo1NFg3BHfFbQmy5b3XH/UaP/55n1EQbpx
4PR+ond0nENZwVdoCe1LsrAQ3RmltayDkRGMlRrqTfxAay+QZOQEfe1fU01fN/+v
Mxn7ZTgNWxW5RBOOFZ5pNheXVkMkjrMTyZYBTwNjnxpMMhSWUUmbf2x6popgzKTA
wNDreln1AkqQx5JuzsYVVqr4Y8AqfSlbKcbqxG97N/1hhuHQC2PERPMLxipqzHuy
rIOvALVu8Viu/1mLB8EOTo4xlnNTHv75bX3pdB8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6qFYurWdyjxtsuewJnLWGNEYMkDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2VxaFdMcTFuY284YmJMbnNDWnkxaGpSR0RKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblszDANBgkqhkiG9w0BAQsFAAOC
AQEALLwmfIn0rZQzio0+7/rbvoV8S8pVCWhSdxPZmy6nKPjiSwCGMHGc9fupIzfu
KYlKh94f62ZV2HHbHgB3N36YsSUOF0PzHd+C79IUwN6tBRkC1xrB+zlKVbT+luje
J+B1yJIbqKfk3tk4FXme4ciFIJtl2sUSMQ6w6nd/SDikL3u6lPDEt4/NpmtK6VXx
Qo3Y8zzsIEwJHeR1tO3Gg67it50UxE60r1GkngPn9DHlaN+Ie4nhvPP9Pa1fFFDK
F5dmec65JXNWFPQhj+pxmD5Ve/+bGkv94rB93PwvfS8pU4a3ILcmRUS67q86sv9R
Y4QSHyfKNeBblcVilqx6cd8U9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org