Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/w6VmJzpLCDOL7QNVUIkkqGb1dG4.roa
File: w6VmJzpLCDOL7QNVUIkkqGb1dG4.roa (raw, json)
Hash identifier: IkbHAAmaafCrYEA5pnF9wYK4FZ+f8OPQ+cPplIY4Zhw=
Subject key identifier: C3:A5:66:27:3A:4B:08:33:8B:ED:03:55:50:89:24:A8:66:F5:74:6E
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01848AE77859454DA0E8525F3EC4D890B4AE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/w6VmJzpLCDOL7QNVUIkkqGb1dG4.roa
Signing time: Fri 18 Nov 2022 13:22:16 +0000
ROA not before: Fri 18 Nov 2022 13:22:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212384
IP address blocks: 185.108.206.0/24 maxlen: 24
185.108.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:e7:78:59:45:4d:a0:e8:52:5f:3e:c4:d8:90:b4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 18 13:22:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3a566273a4b08338bed0355508924a866f5746e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:18:85:49:19:fc:86:a3:3a:1b:96:ab:0c:4b:
a8:34:62:49:d1:cf:3a:cd:ee:db:d2:68:5f:67:32:
3a:6e:0c:a5:d7:8b:8c:86:4a:28:be:4c:0a:f8:04:
82:71:ff:ba:ae:08:a8:2b:f1:0c:ac:bb:7b:11:fc:
e1:00:18:7a:01:96:8e:97:64:c4:8c:7d:a2:18:d9:
29:34:3b:a5:ef:be:10:e8:56:00:13:36:9c:32:c5:
9d:57:25:f3:f0:c1:0a:d4:a2:d1:58:d2:9e:ab:46:
c4:cc:b8:15:4a:f3:89:d1:2b:64:fd:12:a5:3e:8e:
15:88:ab:b7:b5:67:65:a1:17:51:6b:36:28:f4:79:
aa:3a:e4:21:a3:49:40:b7:ff:79:d1:36:c4:59:8c:
69:9f:a3:16:29:92:39:30:54:b5:65:41:84:70:f5:
bf:d1:b9:59:bb:0d:47:c4:f7:2c:19:29:28:15:f4:
c1:b5:dd:71:68:02:c4:83:68:78:c0:62:6b:51:03:
5f:82:0b:83:96:73:3b:3a:3d:83:d0:5d:cd:cd:7c:
d9:2f:b1:3a:82:0a:10:08:d3:e0:bf:8c:d4:04:3b:
55:2c:19:a4:95:7f:4e:e6:9e:a4:32:17:f1:06:84:
75:70:f8:bb:83:0c:72:62:5b:f7:fe:67:25:be:30:
e4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A5:66:27:3A:4B:08:33:8B:ED:03:55:50:89:24:A8:66:F5:74:6E
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/w6VmJzpLCDOL7QNVUIkkqGb1dG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.206.0/23
Signature Algorithm: sha256WithRSAEncryption
76:9d:7f:b8:40:fa:c8:ba:7b:e8:44:70:a0:3d:97:4e:2b:1a:
a9:a4:85:d3:76:e1:b0:33:5d:72:7e:22:95:b7:7d:ec:5a:14:
c7:82:e1:cc:69:39:3d:a5:78:b6:a7:3a:a6:f7:b7:64:69:d7:
19:87:f2:5a:39:2c:5d:5e:fa:15:d3:1c:e3:f8:bd:c7:56:11:
3d:a5:aa:6a:ad:be:e0:52:b2:de:af:7c:17:e7:20:5c:76:f7:
4e:9c:82:88:a1:06:c7:6d:7e:d2:0e:9b:f8:58:ee:56:0d:8c:
aa:ff:72:b7:ba:ad:81:72:97:f9:d0:11:16:e5:42:3f:27:5d:
11:b5:ec:1e:0f:5b:f7:7b:dd:fc:50:17:65:da:55:b7:96:16:
cd:c8:05:0f:0b:dc:89:9b:8a:1e:86:ea:95:d7:d9:50:65:ed:
48:42:8e:f1:40:80:af:ab:64:e4:6b:ff:c6:23:a8:1a:cc:ed:
44:19:ea:d3:28:b4:38:2f:0c:bd:6f:c4:fa:9a:97:da:24:e0:
8b:ef:08:54:1e:bf:18:29:81:38:8d:f0:0a:d4:f7:3b:a6:0a:
8a:4f:22:b8:65:8b:40:02:29:74:a4:99:51:b4:94:de:6d:e1:
78:2e:e1:5a:d4:d6:10:40:a9:fa:69:c9:08:fe:8c:88:f1:93:
3f:ce:3c:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSK53hZRU2g6FJfPsTYkLSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMTE4MTMyMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E1NjYyNzNhNGIwODMzOGJlZDAzNTU1MDg5MjRhODY2ZjU3NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxiFSRn8hqM6G5arDEuoNGJJ0c86
ze7b0mhfZzI6bgyl14uMhkoovkwK+ASCcf+6rgioK/EMrLt7EfzhABh6AZaOl2TE
jH2iGNkpNDul774Q6FYAEzacMsWdVyXz8MEK1KLRWNKeq0bEzLgVSvOJ0Stk/RKl
Po4ViKu3tWdloRdRazYo9HmqOuQho0lAt/950TbEWYxpn6MWKZI5MFS1ZUGEcPW/
0blZuw1HxPcsGSkoFfTBtd1xaALEg2h4wGJrUQNfgguDlnM7Oj2D0F3NzXzZL7E6
ggoQCNPgv4zUBDtVLBmklX9O5p6kMhfxBoR1cPi7gwxyYlv3/mclvjDkHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOlZic6Swgzi+0DVVCJJKhm9XRuMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdzZWbUp6cExDRE9MN1FOVlVJa2txR2IxZEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWzOMA0G
CSqGSIb3DQEBCwUAA4IBAQB2nX+4QPrIunvoRHCgPZdOKxqppIXTduGwM11yfiKV
t33sWhTHguHMaTk9pXi2pzqm97dkadcZh/JaOSxdXvoV0xzj+L3HVhE9papqrb7g
UrLer3wX5yBcdvdOnIKIoQbHbX7SDpv4WO5WDYyq/3K3uq2Bcpf50BEW5UI/J10R
teweD1v3e938UBdl2lW3lhbNyAUPC9yJm4oehuqV19lQZe1IQo7xQICvq2Tka//G
I6gazO1EGerTKLQ4Lwy9b8T6mpfaJOCL7whUHr8YKYE4jfAK1Pc7pgqKTyK4ZYtA
Ail0pJlRtJTebeF4LuFa1NYQQKn6ackI/oyI8ZM/zjy0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org