Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hfz73zlji1h1OaWWnV87jE1cOXs.roa
File: hfz73zlji1h1OaWWnV87jE1cOXs.roa (raw, json)
Hash identifier: BFBTy5tjfNkfZtogQuqxPFPK89hx2hgkfBwJ8OaKtFw=
Subject key identifier: 85:FC:FB:DF:39:63:8B:58:75:39:A5:96:9D:5F:3B:8C:4D:5C:39:7B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01847B23A5D2D467C85EE81875DD6516BD86
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hfz73zlji1h1OaWWnV87jE1cOXs.roa
Signing time: Tue 15 Nov 2022 11:54:04 +0000
ROA not before: Tue 15 Nov 2022 11:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212335
IP address blocks: 185.36.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:23:a5:d2:d4:67:c8:5e:e8:18:75:dd:65:16:bd:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 15 11:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85fcfbdf39638b587539a5969d5f3b8c4d5c397b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:42:3a:39:ca:4f:ea:b2:54:60:4f:57:db:41:
56:9b:c9:7c:c5:27:f5:bb:c4:02:62:6a:53:ed:57:
ac:29:fa:84:43:66:21:05:7c:0b:9d:9f:59:55:27:
23:f4:f0:c4:07:f6:c0:2c:52:cd:6c:cc:27:84:c5:
df:06:e6:42:90:f9:33:13:45:d3:d7:1b:e8:36:ba:
5a:17:22:ba:50:70:35:b4:5a:0b:d2:e0:40:3b:74:
3d:1d:93:67:3d:91:c3:c4:11:22:cc:1a:a6:7f:e3:
40:9f:ee:36:c1:0b:a4:3a:95:55:ec:35:99:37:25:
2a:99:9a:75:55:56:a7:31:0a:8e:61:f3:fb:bd:ac:
b6:54:5b:35:ff:c4:0c:51:77:81:2e:89:8c:e1:04:
6d:90:aa:9a:cd:d8:a1:e0:fd:cd:18:a9:16:9e:15:
69:8c:19:fb:85:95:36:c3:f0:3c:c1:39:78:69:cb:
34:98:08:dc:6d:99:5e:d1:32:27:82:28:a0:61:a1:
ab:24:3d:60:66:64:2a:e7:63:fc:c8:23:36:e6:d6:
a1:cf:cb:0c:89:98:c1:f9:14:9c:09:41:d6:2a:15:
43:9a:80:6d:a2:0f:5c:91:14:22:97:5b:c5:e2:bd:
0f:5c:5c:2d:be:8a:3f:75:70:2f:fb:df:7f:58:c2:
d7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:FB:DF:39:63:8B:58:75:39:A5:96:9D:5F:3B:8C:4D:5C:39:7B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hfz73zlji1h1OaWWnV87jE1cOXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.207.0/24
Signature Algorithm: sha256WithRSAEncryption
01:fd:f8:e5:84:ea:cc:c4:a5:dd:ac:bf:d0:5d:9d:66:1f:d9:
40:20:8a:d6:8a:5b:50:db:79:d7:46:e7:41:a3:0e:5e:fd:79:
fd:0a:66:c0:ac:55:a5:95:f9:21:1b:22:32:35:9b:92:24:6a:
d1:b2:4e:f9:77:8c:95:01:c1:32:58:05:f7:48:6e:12:e6:b2:
ef:f2:9c:f0:0f:c8:2e:4b:91:37:dc:71:ff:23:49:33:53:ea:
d1:c1:8b:9e:ca:74:e5:24:5d:a6:a2:22:54:d2:06:d8:90:f9:
df:99:d1:3f:8c:1b:69:28:75:5a:1e:ec:62:f2:4b:40:c6:8d:
c1:9b:0b:af:7f:c2:0f:19:de:1b:3e:2f:33:f7:4f:0a:dc:13:
c3:2d:e8:fe:d7:71:b3:3e:f4:a4:1a:67:c9:45:3c:8f:57:5f:
7d:ef:52:bf:d9:79:78:c8:06:91:f6:71:aa:fb:0c:da:12:1f:
23:59:bb:cc:05:99:36:94:bb:0d:9c:27:e1:b1:84:56:00:27:
5b:80:91:13:f6:8f:71:b0:35:f3:31:9d:fb:2f:0d:42:18:bd:
26:82:ba:13:8d:4a:d9:aa:c1:cc:b3:c2:0a:05:5d:a1:12:59:
f2:a6:4c:cc:5a:78:1a:10:dc:2e:71:27:d7:d3:48:b4:7a:2f:
ac:54:50:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR7I6XS1GfIXugYdd1lFr2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMTE1MTE1NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZjZmJkZjM5NjM4YjU4NzUzOWE1OTY5ZDVmM2I4YzRkNWMzOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokI6OcpP6rJUYE9X20FWm8l8xSf1
u8QCYmpT7VesKfqEQ2YhBXwLnZ9ZVScj9PDEB/bALFLNbMwnhMXfBuZCkPkzE0XT
1xvoNrpaFyK6UHA1tFoL0uBAO3Q9HZNnPZHDxBEizBqmf+NAn+42wQukOpVV7DWZ
NyUqmZp1VVanMQqOYfP7vay2VFs1/8QMUXeBLomM4QRtkKqazdih4P3NGKkWnhVp
jBn7hZU2w/A8wTl4acs0mAjcbZle0TIngiigYaGrJD1gZmQq52P8yCM25tahz8sM
iZjB+RScCUHWKhVDmoBtog9ckRQil1vF4r0PXFwtvoo/dXAv+99/WMLXqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX8+985Y4tYdTmllp1fO4xNXDl7MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaGZ6NzN6bGppMWgxT2FXV25WODdqRTFjT1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSTPMA0G
CSqGSIb3DQEBCwUAA4IBAQAB/fjlhOrMxKXdrL/QXZ1mH9lAIIrWiltQ23nXRudB
ow5e/Xn9CmbArFWllfkhGyIyNZuSJGrRsk75d4yVAcEyWAX3SG4S5rLv8pzwD8gu
S5E33HH/I0kzU+rRwYueynTlJF2moiJU0gbYkPnfmdE/jBtpKHVaHuxi8ktAxo3B
mwuvf8IPGd4bPi8z908K3BPDLej+13GzPvSkGmfJRTyPV19971K/2Xl4yAaR9nGq
+wzaEh8jWbvMBZk2lLsNnCfhsYRWACdbgJET9o9xsDXzMZ37Lw1CGL0mgroTjUrZ
qsHMs8IKBV2hElnypkzMWngaENwucSfX00i0ei+sVFC6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org