Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/l6gbxN1AbX0RNKW7PrSu_vtvlC8.roa
File: l6gbxN1AbX0RNKW7PrSu_vtvlC8.roa (raw, json)
Hash identifier: qTewSjZpkDYDSmEmT4L/E7pbm85EJzkgQPVTqyQAv5U=
Subject key identifier: 97:A8:1B:C4:DD:40:6D:7D:11:34:A5:BB:3E:B4:AE:FE:FB:6F:94:2F
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183C6690E52A4D7374BE91FD2A0200F66DE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/l6gbxN1AbX0RNKW7PrSu_vtvlC8.roa
Signing time: Tue 11 Oct 2022 09:38:37 +0000
ROA not before: Tue 11 Oct 2022 09:38:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 185.126.80.0/24 maxlen: 24
185.108.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:69:0e:52:a4:d7:37:4b:e9:1f:d2:a0:20:0f:66:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 11 09:38:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97a81bc4dd406d7d1134a5bb3eb4aefefb6f942f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d5:15:cc:aa:82:fd:39:b9:60:ee:ac:33:3a:
3b:25:30:d3:d5:9d:a3:4b:24:93:b3:4e:37:4b:6b:
bc:78:cc:95:72:ff:8f:9c:66:5c:ba:46:95:20:bf:
40:8f:2a:70:b7:bf:a7:6c:88:fd:f9:61:70:43:31:
19:1d:c7:94:3f:a0:65:af:a6:05:92:5c:75:60:64:
cf:04:5a:59:f6:7b:62:23:eb:55:81:9a:d8:b1:8e:
f8:39:c1:b4:10:38:e4:98:66:28:3b:da:30:d0:cc:
da:94:61:8e:56:13:e9:4b:be:9d:ad:a1:69:c5:e3:
54:27:6f:71:6f:2a:97:4e:c5:30:78:23:1e:6a:6a:
8d:e7:45:54:64:ca:a4:7f:b0:6a:e0:92:5d:3d:3f:
59:e0:4a:6b:a2:31:c3:f0:48:a9:a3:ce:e6:84:00:
fb:ad:c9:77:b3:93:94:8a:23:0f:bb:26:72:58:a9:
b7:b2:d1:85:cf:a9:f7:f5:e2:3c:1f:21:df:1c:59:
55:7b:c6:ca:b8:2e:3b:e0:3c:9d:a6:da:2a:f6:ad:
42:10:5b:20:4d:95:2c:7d:9b:c2:87:f6:49:4f:aa:
f2:74:11:1c:41:8e:eb:27:6a:59:ed:a0:83:7e:c0:
55:80:b0:e1:26:e9:5a:35:27:85:8b:b0:3d:08:45:
b0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A8:1B:C4:DD:40:6D:7D:11:34:A5:BB:3E:B4:AE:FE:FB:6F:94:2F
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/l6gbxN1AbX0RNKW7PrSu_vtvlC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.206.0/24
185.126.80.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ea:6e:81:00:d7:81:93:26:a1:12:0d:87:41:41:43:95:c3:
1d:0e:f1:02:98:f7:07:7d:ea:50:59:bf:ec:ac:01:a1:17:c9:
2b:0b:27:d0:b8:04:15:b2:c2:6d:0a:91:99:68:a6:3e:e6:62:
37:9d:0e:65:17:26:b0:b3:c7:3f:7e:0e:cb:4e:c6:2c:7d:13:
3f:dd:2f:50:d0:4e:fb:8b:61:a5:f3:e5:7d:03:ae:cf:46:14:
bc:49:29:b0:c1:80:ee:fa:9d:27:0a:59:69:c7:69:14:17:88:
19:df:bf:9a:15:6b:7c:3b:d4:97:a2:07:15:9e:42:6f:50:d5:
ad:78:be:a1:43:29:b0:da:aa:5e:c5:66:f6:85:83:9e:80:37:
23:a0:82:bb:66:0c:3d:a9:27:d4:19:bc:6e:32:0e:e7:b2:6d:
d7:e9:71:d9:7b:43:8b:bc:c8:94:2e:a9:6c:22:38:aa:93:c6:
29:6c:0e:55:d5:04:f7:d7:a8:00:56:7f:ec:92:1f:f6:ee:92:
ae:51:31:6d:1e:18:92:8d:05:0a:40:21:86:5a:95:5e:b7:57:
18:b2:4c:28:71:8f:3a:da:fd:1d:e2:5a:24:e8:47:7b:d6:58:
e5:71:e5:d4:8e:47:ea:45:64:8b:32:df:85:58:2e:e6:04:77:
73:9c:9c:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPGaQ5SpNc3S+kf0qAgD2beMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDExMDkzODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E4MWJjNGRkNDA2ZDdkMTEzNGE1YmIzZWI0YWVmZWZiNmY5NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9UVzKqC/Tm5YO6sMzo7JTDT1Z2j
SySTs043S2u8eMyVcv+PnGZcukaVIL9Ajypwt7+nbIj9+WFwQzEZHceUP6Blr6YF
klx1YGTPBFpZ9ntiI+tVgZrYsY74OcG0EDjkmGYoO9ow0MzalGGOVhPpS76draFp
xeNUJ29xbyqXTsUweCMeamqN50VUZMqkf7Bq4JJdPT9Z4EprojHD8Eipo87mhAD7
rcl3s5OUiiMPuyZyWKm3stGFz6n39eI8HyHfHFlVe8bKuC474Dydptoq9q1CEFsg
TZUsfZvCh/ZJT6rydBEcQY7rJ2pZ7aCDfsBVgLDhJulaNSeFi7A9CEWwmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJeoG8TdQG19ETSluz60rv77b5QvMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbDZnYnhOMUFiWDBSTktXN1ByU3VfdnR2bEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWzOAwQA
uX5QMA0GCSqGSIb3DQEBCwUAA4IBAQBq6m6BANeBkyahEg2HQUFDlcMdDvECmPcH
fepQWb/srAGhF8krCyfQuAQVssJtCpGZaKY+5mI3nQ5lFyaws8c/fg7LTsYsfRM/
3S9Q0E77i2Gl8+V9A67PRhS8SSmwwYDu+p0nCllpx2kUF4gZ37+aFWt8O9SXogcV
nkJvUNWteL6hQymw2qpexWb2hYOegDcjoIK7Zgw9qSfUGbxuMg7nsm3X6XHZe0OL
vMiULqlsIjiqk8YpbA5V1QT316gAVn/skh/27pKuUTFtHhiSjQUKQCGGWpVet1cY
skwocY862v0d4lok6Ed71ljlceXUjkfqRWSLMt+FWC7mBHdznJxS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org