Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/he-W8Z7w9S8_iH-AwQUuKxzG360.roa
File: he-W8Z7w9S8_iH-AwQUuKxzG360.roa (raw, json)
Hash identifier: rkNEgTylSVgTC46IjSUEYqIz25LlxXMEBBfsMSLU2VU=
Subject key identifier: 85:EF:96:F1:9E:F0:F5:2F:3F:88:7F:80:C1:05:2E:2B:1C:C6:DF:AD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 04669193
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/he-W8Z7w9S8_iH-AwQUuKxzG360.roa
Signing time: Tue 31 May 2022 17:02:13 +0000
ROA not before: Tue 31 May 2022 17:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 185.199.150.0/24 maxlen: 24
185.36.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73830803 (0x4669193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 31 17:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85ef96f19ef0f52f3f887f80c1052e2b1cc6dfad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:96:ee:61:89:df:c0:3f:a3:a6:da:9c:fa:ad:
8c:6d:83:75:10:db:9a:5a:68:a2:c6:af:d8:50:8c:
37:a1:67:59:b2:70:3f:63:59:b1:23:5f:db:9e:e0:
ea:c0:b0:28:f7:01:b1:39:42:2c:bd:41:90:86:98:
74:2c:c0:69:8a:b8:d1:06:d2:dc:b0:a8:f2:dd:fa:
d5:ec:17:6e:10:aa:15:a0:04:5f:95:bc:d3:93:71:
82:5d:74:50:46:d8:f2:64:f7:da:6f:46:e0:f8:79:
c5:96:3a:56:ff:ca:e7:7c:82:7f:29:ec:35:71:2a:
38:57:d5:a0:76:4e:38:39:28:5a:f2:82:10:e3:9e:
20:50:79:95:93:77:7d:34:88:85:3c:ef:d0:69:82:
5a:fe:49:88:ca:1d:cd:84:47:8d:55:e2:5d:24:42:
8f:c9:fd:e8:b2:1a:28:19:60:86:1b:8b:38:f9:f9:
f6:84:15:34:79:2e:5c:57:d8:27:b3:31:dc:b8:21:
94:c1:aa:72:20:2f:69:e8:da:66:61:61:a4:47:c5:
b6:36:e4:45:b9:76:6b:22:09:80:75:4b:e3:bc:14:
9e:d3:60:25:71:de:38:e6:b2:53:74:61:90:cc:0c:
ac:55:78:98:53:4e:44:3c:d9:00:6c:d1:fd:34:a6:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EF:96:F1:9E:F0:F5:2F:3F:88:7F:80:C1:05:2E:2B:1C:C6:DF:AD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/he-W8Z7w9S8_iH-AwQUuKxzG360.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.206.0/24
185.199.150.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a2:87:69:dc:21:55:b8:40:0c:d4:b2:bd:99:87:0e:78:04:
20:85:c6:2b:cb:8a:3e:0f:14:cb:1f:b3:37:9e:a9:e8:50:a0:
50:2e:1d:1e:7b:1c:12:76:cc:33:a2:0d:40:91:f9:0a:04:3f:
41:6e:8e:0c:a1:4a:e2:06:9e:da:20:48:b8:ef:0e:07:89:75:
78:ff:6c:40:60:48:49:51:b9:a5:26:e7:39:14:2a:cb:30:4b:
98:1a:b1:0d:0b:2d:a4:01:fe:2b:9b:ce:11:2b:b4:e0:a9:ec:
04:bb:ba:fd:01:34:fb:d9:f6:3e:49:fd:0b:cf:d9:f2:0d:4a:
08:aa:42:f0:7a:98:67:ea:a2:c0:2b:55:d8:68:e6:08:07:38:
03:0f:33:23:51:01:0e:1a:57:12:13:2d:30:da:c1:2f:a4:cb:
23:f7:e6:89:6e:3b:e4:bf:de:76:ab:05:e2:75:c5:2e:49:90:
0d:94:80:e4:54:7e:3d:a7:73:2b:b5:f2:df:25:e6:d4:9b:cd:
ae:4f:cf:c5:b7:2d:6a:11:98:e3:84:55:04:e5:b5:d0:28:b6:
63:a1:a4:89:fb:a4:80:45:e3:c6:7e:cd:fb:0d:c3:57:5f:cc:
6c:9b:f0:2e:1f:fa:67:0f:cb:d7:56:41:46:09:0e:81:59:c0:
80:ac:b3:86
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBGaRkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDUz
MTE3MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVlZjk2ZjE5ZWYw
ZjUyZjNmODg3ZjgwYzEwNTJlMmIxY2M2ZGZhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeW7mGJ38A/o6banPqtjG2DdRDbmlpoosav2FCMN6FnWbJw
P2NZsSNf257g6sCwKPcBsTlCLL1BkIaYdCzAaYq40QbS3LCo8t361ewXbhCqFaAE
X5W805Nxgl10UEbY8mT32m9G4Ph5xZY6Vv/K53yCfynsNXEqOFfVoHZOODkoWvKC
EOOeIFB5lZN3fTSIhTzv0GmCWv5JiModzYRHjVXiXSRCj8n96LIaKBlghhuLOPn5
9oQVNHkuXFfYJ7Mx3LghlMGqciAvaejaZmFhpEfFtjbkRbl2ayIJgHVL47wUntNg
JXHeOOayU3RhkMwMrFV4mFNORDzZAGzR/TSm9+0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSF75bxnvD1Lz+If4DBBS4rHMbfrTAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L2hlLVc4Wjd3OVM4X2lILUF3UVV1S3h6RzM2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkkzgMEALnHljANBgkqhkiG9w0B
AQsFAAOCAQEAhqKHadwhVbhADNSyvZmHDngEIIXGK8uKPg8Uyx+zN56p6FCgUC4d
HnscEnbMM6INQJH5CgQ/QW6ODKFK4gae2iBIuO8OB4l1eP9sQGBISVG5pSbnORQq
yzBLmBqxDQstpAH+K5vOESu04KnsBLu6/QE0+9n2Pkn9C8/Z8g1KCKpC8HqYZ+qi
wCtV2GjmCAc4Aw8zI1EBDhpXEhMtMNrBL6TLI/fmiW475L/edqsF4nXFLkmQDZSA
5FR+PadzK7Xy3yXm1JvNrk/PxbctahGY44RVBOW10Ci2Y6GkifukgEXjxn7N+w3D
V1/MbJvwLh/6Zw/L11ZBRgkOgVnAgKyzhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org