Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/h5499RvEPuuqEWkY__cBUMZEyzY.roa
File: h5499RvEPuuqEWkY__cBUMZEyzY.roa (raw, json)
Hash identifier: vhcfHw0spgcym54eOmIoX3SE2wHgg8y5zKC3apX9yfM=
Subject key identifier: 87:9E:3D:F5:1B:C4:3E:EB:AA:11:69:18:FF:F7:01:50:C6:44:CB:36
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183C655D31893FF9701ABC4B6DA74B553DA
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/h5499RvEPuuqEWkY__cBUMZEyzY.roa
Signing time: Tue 11 Oct 2022 09:17:36 +0000
ROA not before: Tue 11 Oct 2022 09:17:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59816
IP address blocks: 185.199.158.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:55:d3:18:93:ff:97:01:ab:c4:b6:da:74:b5:53:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 11 09:17:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=879e3df51bc43eebaa116918fff70150c644cb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:96:1b:57:12:1f:e9:d3:3c:43:96:b6:7c:38:
f6:12:9e:58:c2:dd:0a:7c:b5:f9:25:22:21:7d:b8:
f8:19:79:71:1e:56:6f:63:e8:9d:ed:4b:c0:86:40:
27:78:20:cf:19:21:48:61:87:e9:67:f8:4a:7d:5d:
f9:63:a4:c0:8f:33:b0:e7:3c:3d:17:f4:0d:92:32:
e3:a0:86:84:09:f9:a4:8c:96:15:93:94:c0:e3:73:
9b:06:94:36:d9:39:2d:e6:41:fb:38:65:78:9c:8d:
ab:93:d7:7f:0e:1b:bc:d4:50:27:00:53:4c:6b:bb:
0f:54:cc:c6:30:f3:33:12:01:c0:72:e3:12:de:80:
ca:e2:9d:c4:6d:ba:48:e1:01:50:c0:d7:4d:c8:d5:
c5:9f:1e:f0:cc:28:52:a7:09:91:df:ae:9d:bc:7d:
ce:11:6d:1d:b1:86:be:d6:70:45:2b:82:27:fe:a2:
aa:40:4d:c2:01:3f:3d:55:1d:ec:3e:a8:2c:a5:d9:
ad:e1:f2:28:fe:0c:ad:d8:c2:93:c9:70:8b:11:14:
96:f7:a1:e1:a0:5d:d4:dd:53:8a:ae:e6:9c:35:73:
5d:39:44:0a:c6:1f:4c:f2:9d:27:4f:9c:82:d1:c0:
b3:9f:62:a7:e4:f4:6d:18:1f:01:e6:8a:53:b8:ab:
4b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9E:3D:F5:1B:C4:3E:EB:AA:11:69:18:FF:F7:01:50:C6:44:CB:36
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/h5499RvEPuuqEWkY__cBUMZEyzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.158.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:4c:34:97:b3:6f:a9:c3:da:23:99:39:ad:93:5b:1b:51:e6:
1d:02:5b:78:d4:e6:6b:99:9c:3a:1a:46:de:c0:1a:ef:05:d8:
b6:df:87:49:d0:07:e4:0f:be:9a:b3:28:8c:2a:12:b5:53:70:
6f:40:de:ee:38:da:f4:08:cf:6a:b3:13:6b:f5:a8:8b:06:7a:
43:60:0c:44:23:82:2b:ae:0c:28:3f:6b:cc:64:55:f1:9a:09:
52:4e:f6:76:07:b0:aa:06:47:73:56:e7:22:9c:5f:24:8b:7f:
ee:71:56:25:f0:a2:bf:43:4a:cd:78:94:a6:bc:5b:28:20:02:
fb:3f:b8:2c:cd:b1:0c:bb:3c:54:aa:a1:76:e0:f0:43:31:bd:
4a:f6:97:78:bf:52:9b:28:73:d4:40:17:cc:b2:5e:9e:30:96:
96:21:38:ea:0d:bd:e1:94:00:81:71:8b:2f:66:8b:44:fd:39:
79:9f:b1:f0:40:9f:db:d2:05:ff:75:72:6a:f1:96:34:15:df:
93:13:8f:65:4c:fb:c2:52:0b:07:05:55:90:98:ea:9e:15:b0:
12:a0:f9:99:bb:b9:91:04:1e:09:dc:dd:a4:68:90:0c:62:a1:
55:2e:26:14:b8:f0:cc:95:b3:11:e1:41:be:18:b1:ac:1b:ee:
58:67:fe:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPGVdMYk/+XAavEttp0tVPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDExMDkxNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzllM2RmNTFiYzQzZWViYWExMTY5MThmZmY3MDE1MGM2NDRjYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5YbVxIf6dM8Q5a2fDj2Ep5Ywt0K
fLX5JSIhfbj4GXlxHlZvY+id7UvAhkAneCDPGSFIYYfpZ/hKfV35Y6TAjzOw5zw9
F/QNkjLjoIaECfmkjJYVk5TA43ObBpQ22Tkt5kH7OGV4nI2rk9d/Dhu81FAnAFNM
a7sPVMzGMPMzEgHAcuMS3oDK4p3EbbpI4QFQwNdNyNXFnx7wzChSpwmR366dvH3O
EW0dsYa+1nBFK4In/qKqQE3CAT89VR3sPqgspdmt4fIo/gyt2MKTyXCLERSW96Hh
oF3U3VOKruacNXNdOUQKxh9M8p0nT5yC0cCzn2Kn5PRtGB8B5opTuKtLbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeePfUbxD7rqhFpGP/3AVDGRMs2MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaDU0OTlSdkVQdXVxRVdrWV9fY0JVTVpFeXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuceeMA0G
CSqGSIb3DQEBCwUAA4IBAQAvTDSXs2+pw9ojmTmtk1sbUeYdAlt41OZrmZw6Gkbe
wBrvBdi234dJ0AfkD76asyiMKhK1U3BvQN7uONr0CM9qsxNr9aiLBnpDYAxEI4Ir
rgwoP2vMZFXxmglSTvZ2B7CqBkdzVucinF8ki3/ucVYl8KK/Q0rNeJSmvFsoIAL7
P7gszbEMuzxUqqF24PBDMb1K9pd4v1KbKHPUQBfMsl6eMJaWITjqDb3hlACBcYsv
ZotE/Tl5n7HwQJ/b0gX/dXJq8ZY0Fd+TE49lTPvCUgsHBVWQmOqeFbASoPmZu7mR
BB4J3N2kaJAMYqFVLiYUuPDMlbMR4UG+GLGsG+5YZ/42
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-fra.rpki-client.org