Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ftf4KgPuoqIIzANCsKAoh4BslQ8.roa
File: ftf4KgPuoqIIzANCsKAoh4BslQ8.roa (raw, json)
Hash identifier: fJlwh9NudZoD3MNCMUb0yLL6mgL7dNQz4YNPko/MNfU=
Subject key identifier: 7E:D7:F8:2A:03:EE:A2:A2:08:CC:03:42:B0:A0:28:87:80:6C:95:0F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04562E7A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ftf4KgPuoqIIzANCsKAoh4BslQ8.roa
Signing time: Wed 25 May 2022 07:46:14 +0000
ROA not before: Wed 25 May 2022 07:46:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212096
IP address blocks: 185.225.20.0/22 maxlen: 22
185.218.20.0/22 maxlen: 22
185.126.80.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
185.199.156.0/22 maxlen: 22
185.228.72.0/22 maxlen: 22
185.194.176.0/22 maxlen: 22
185.36.204.0/22 maxlen: 22
185.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72756858 (0x4562e7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 25 07:46:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ed7f82a03eea2a208cc0342b0a02887806c950f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:92:c5:8a:89:2f:b8:e5:a5:17:45:2f:94:1e:
a6:9e:f0:12:d6:5a:98:04:ed:3a:71:f9:78:a1:dd:
46:c1:c9:b8:0d:c6:70:bb:11:b4:25:a4:e9:08:3b:
b1:09:1c:8f:d5:df:da:15:a8:5c:35:e8:ab:af:ff:
33:77:91:87:f7:42:f6:56:2d:bb:35:c6:91:4f:39:
86:ba:7e:58:77:6b:f3:4a:22:af:47:a1:ac:7f:ef:
39:41:19:46:5a:d1:06:bc:d7:b9:3c:46:fd:87:99:
ec:7b:05:ef:7b:8e:ea:01:e4:65:80:1e:c3:a5:10:
cf:6d:70:ea:3f:df:18:51:c4:62:07:93:ac:d7:8a:
e2:fa:41:c8:75:03:50:05:86:fb:7c:49:b1:ba:48:
71:3f:86:38:b8:95:af:fa:56:7c:44:79:dc:dc:e4:
95:90:97:31:5f:c6:ed:a2:a1:60:18:9b:98:b1:57:
2b:4e:5c:9d:89:f9:65:45:28:9d:3d:16:28:19:46:
a0:ad:2d:b8:19:f6:3c:12:6e:d7:9b:dd:3b:b6:d1:
be:f6:91:11:f0:a5:26:2c:eb:34:30:b6:12:25:44:
f7:76:19:14:07:35:d9:ae:ce:e5:f8:36:4d:ae:03:
58:bb:cc:e8:82:6f:f4:a0:02:40:f1:d0:8a:5f:c6:
34:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D7:F8:2A:03:EE:A2:A2:08:CC:03:42:B0:A0:28:87:80:6C:95:0F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ftf4KgPuoqIIzANCsKAoh4BslQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/22
185.108.204.0/22
185.126.80.0/22
185.194.176.0/22
185.199.156.0/22
185.218.20.0/22
185.225.20.0/22
185.228.72.0/22
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:44:dd:ce:79:71:80:9c:d9:94:b8:16:c5:31:0c:0c:ac:2b:
66:73:be:93:6a:59:0c:21:1b:2e:53:a3:69:d8:38:80:4d:cb:
20:37:40:6b:2f:3a:56:5e:f6:c2:ba:8b:9b:b8:18:e0:f8:cf:
18:2f:07:5d:d0:13:4d:d3:ee:a4:e8:7a:6c:90:ba:a4:83:4c:
db:ec:c7:8a:85:f5:de:e5:1a:6a:9a:d9:b5:78:ed:d0:13:60:
4b:9e:d5:8e:39:de:8b:52:55:e0:40:e8:0b:a9:d3:74:91:1c:
cd:6f:7a:fe:e6:35:77:7c:38:e6:6e:d4:49:14:fe:38:6b:74:
9d:38:9b:44:ee:d2:47:58:45:53:0a:e1:58:b4:6c:37:a5:f8:
98:c4:77:10:8f:ac:75:eb:39:ec:2a:82:0f:15:98:58:3f:d8:
fc:7e:6c:d3:a4:1e:bf:27:65:af:a0:af:37:2f:65:b9:9c:72:
f3:a7:61:87:fe:eb:bd:01:f6:54:11:b7:d4:07:a6:bb:93:02:
2e:7a:9d:ba:ef:8e:66:e1:c4:66:c7:5f:24:85:d9:b4:d4:af:
45:7b:87:29:92:03:97:b8:8c:63:f0:a0:2f:3b:fe:62:22:90:
70:e0:53:46:ed:b6:94:8d:59:93:9c:03:04:5a:15:b6:75:23:
98:0f:3a:a4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBFYuejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDUy
NTA3NDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VkN2Y4MmEwM2Vl
YTJhMjA4Y2MwMzQyYjBhMDI4ODc4MDZjOTUwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKSxYqJL7jlpRdFL5Qepp7wEtZamATtOnH5eKHdRsHJuA3G
cLsRtCWk6Qg7sQkcj9Xf2hWoXDXoq6//M3eRh/dC9lYtuzXGkU85hrp+WHdr80oi
r0ehrH/vOUEZRlrRBrzXuTxG/YeZ7HsF73uO6gHkZYAew6UQz21w6j/fGFHEYgeT
rNeK4vpByHUDUAWG+3xJsbpIcT+GOLiVr/pWfER53NzklZCXMV/G7aKhYBibmLFX
K05cnYn5ZUUonT0WKBlGoK0tuBn2PBJu15vdO7bRvvaREfClJizrNDC2EiVE93YZ
FAc12a7O5fg2Ta4DWLvM6IJv9KACQPHQil/GNEUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBR+1/gqA+6iogjMA0KwoCiHgGyVDzAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2Z0ZjRLZ1B1b3FJSXpBTkNzS0FvaDRCc2xROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEArkkzAMEArlszAMEArl+UAMEArnC
sAMEArnHnAMEArnaFAMEArnhFAMEArnkSAMEAsE6kDANBgkqhkiG9w0BAQsFAAOC
AQEADUTdznlxgJzZlLgWxTEMDKwrZnO+k2pZDCEbLlOjadg4gE3LIDdAay86Vl72
wrqLm7gY4PjPGC8HXdATTdPupOh6bJC6pINM2+zHioX13uUaaprZtXjt0BNgS57V
jjnei1JV4EDoC6nTdJEczW96/uY1d3w45m7USRT+OGt0nTibRO7SR1hFUwrhWLRs
N6X4mMR3EI+sdes57CqCDxWYWD/Y/H5s06Qevydlr6CvNy9luZxy86dhh/7rvQH2
VBG31Aemu5MCLnqduu+OZuHEZsdfJIXZtNSvRXuHKZIDl7iMY/CgLzv+YiKQcOBT
Ru22lI1Zk5wDBFoVtnUjmA86pA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org