Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vA-Ocdcp0K1mlVDm-YQ7ot_1DIU.roa
File: vA-Ocdcp0K1mlVDm-YQ7ot_1DIU.roa (raw, json)
Hash identifier: 5knpk68E37RFGBCEuai/rROjjt7fSIB6m5ZxvDSwPcY=
Subject key identifier: BC:0F:8E:71:D7:29:D0:AD:66:95:50:E6:F9:84:3B:A2:DF:F5:0C:85
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183139A9EBFB34A031F0ED0F917C215B460
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vA-Ocdcp0K1mlVDm-YQ7ot_1DIU.roa
Signing time: Tue 06 Sep 2022 16:20:43 +0000
ROA not before: Tue 06 Sep 2022 16:20:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 185.126.80.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.108.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:9a:9e:bf:b3:4a:03:1f:0e:d0:f9:17:c2:15:b4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Sep 6 16:20:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc0f8e71d729d0ad669550e6f9843ba2dff50c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:16:e9:6f:d7:c1:bc:bf:4d:cb:90:6c:e3:45:
2f:af:41:87:77:3b:b2:85:1d:79:99:cf:e7:19:92:
18:7d:0e:be:b1:33:8b:ad:35:3c:ed:83:e9:e8:14:
86:e1:cd:9d:d1:6e:ff:63:9e:04:d2:bd:af:69:95:
9c:b2:dc:c6:aa:80:df:f5:b2:45:ba:76:2d:93:41:
31:57:09:d7:44:8d:89:dc:5d:77:a2:4e:91:82:ae:
3b:03:11:f6:bb:ef:d5:20:ec:f1:9c:d4:3b:e6:3c:
35:51:56:0f:95:89:96:be:8e:20:2a:8b:ae:dd:77:
db:c2:7a:1a:1e:3b:bb:38:17:45:da:91:10:8a:bb:
47:3d:8c:51:13:e1:96:93:11:e7:5e:bb:af:27:29:
66:4c:5c:b3:38:43:44:21:20:c7:04:57:88:fa:bc:
c7:6f:3a:52:44:c5:e9:3c:05:50:6a:18:fb:61:bd:
56:57:48:9a:df:8d:9e:66:c7:1c:8d:c3:59:23:80:
bb:d2:38:92:f6:5b:e4:1c:c6:94:7c:99:11:cf:7a:
85:11:58:22:64:bb:79:5f:a7:05:41:73:8c:3f:fb:
a2:d1:9b:8b:33:7f:19:10:aa:76:a1:b7:f4:a3:6b:
4a:ce:c6:de:6a:49:82:8f:10:a2:fe:68:d2:93:85:
ea:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0F:8E:71:D7:29:D0:AD:66:95:50:E6:F9:84:3B:A2:DF:F5:0C:85
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vA-Ocdcp0K1mlVDm-YQ7ot_1DIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.206.0/24
185.126.80.0/24
185.199.158.0/24
Signature Algorithm: sha256WithRSAEncryption
64:92:19:0d:83:b7:13:5f:08:dc:d9:cc:92:22:6a:0c:db:f8:
fa:21:37:f0:df:8b:07:c8:c7:4e:23:71:4f:33:c7:55:06:eb:
5a:19:70:28:a7:d7:f1:d2:2e:33:73:b7:ed:76:e6:b0:ce:35:
93:19:ed:28:62:60:6b:f9:4d:23:be:8f:42:4f:06:90:97:95:
9d:d8:21:98:96:cd:ef:86:a6:c6:82:8d:c4:a9:57:35:2e:4c:
54:54:09:8f:53:98:59:64:87:dc:0b:9b:8d:de:f1:18:31:bd:
70:6c:f3:6a:37:c5:ca:f7:50:fb:60:08:56:af:f9:7e:a5:1a:
b2:d7:1e:ff:ec:b4:d4:4e:06:fb:33:14:3d:cc:97:35:d7:a8:
1d:a7:6e:14:23:4a:ee:b0:a0:bd:9b:3e:db:e2:23:f5:5f:a8:
3e:fd:dc:61:5f:1a:23:63:6b:72:95:92:8f:d7:21:e1:da:c3:
6d:4d:8c:45:31:41:f3:19:b1:4f:e8:55:2c:b5:64:9c:9c:90:
c0:4c:8c:87:6e:16:c4:bc:b0:c0:29:a3:b2:3d:47:f3:91:48:
b1:6e:b0:76:bb:be:78:a4:74:5a:65:d4:65:b4:29:ea:af:be:
f2:1d:3b:33:e0:0a:49:94:1a:f1:c9:e0:0f:fc:55:3a:5e:c3:
fd:b8:f1:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMTmp6/s0oDHw7Q+RfCFbRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwOTA2MTYyMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBmOGU3MWQ3MjlkMGFkNjY5NTUwZTZmOTg0M2JhMmRmZjUwYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRbpb9fBvL9Ny5Bs40Uvr0GHdzuy
hR15mc/nGZIYfQ6+sTOLrTU87YPp6BSG4c2d0W7/Y54E0r2vaZWcstzGqoDf9bJF
unYtk0ExVwnXRI2J3F13ok6Rgq47AxH2u+/VIOzxnNQ75jw1UVYPlYmWvo4gKouu
3XfbwnoaHju7OBdF2pEQirtHPYxRE+GWkxHnXruvJylmTFyzOENEISDHBFeI+rzH
bzpSRMXpPAVQahj7Yb1WV0ia342eZsccjcNZI4C70jiS9lvkHMaUfJkRz3qFEVgi
ZLt5X6cFQXOMP/ui0ZuLM38ZEKp2obf0o2tKzsbeakmCjxCi/mjSk4XqYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwPjnHXKdCtZpVQ5vmEO6Lf9QyFMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdkEtT2NkY3AwSzFtbFZEbS1ZUTdvdF8xRElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWzOAwQA
uX5QAwQAuceeMA0GCSqGSIb3DQEBCwUAA4IBAQBkkhkNg7cTXwjc2cySImoM2/j6
ITfw34sHyMdOI3FPM8dVButaGXAop9fx0i4zc7ftduawzjWTGe0oYmBr+U0jvo9C
TwaQl5Wd2CGYls3vhqbGgo3EqVc1LkxUVAmPU5hZZIfcC5uN3vEYMb1wbPNqN8XK
91D7YAhWr/l+pRqy1x7/7LTUTgb7MxQ9zJc116gdp24UI0rusKC9mz7b4iP1X6g+
/dxhXxojY2tylZKP1yHh2sNtTYxFMUHzGbFP6FUstWScnJDATIyHbhbEvLDAKaOy
PUfzkUixbrB2u754pHRaZdRltCnqr77yHTsz4ApJlBrxyeAP/FU6XsP9uPFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org