Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xGDF7_CofWvLGe2MuO6iFu-dOus.roa
File: xGDF7_CofWvLGe2MuO6iFu-dOus.roa (raw, json)
Hash identifier: EvSG2tLf/Tf40P3RlemhXN0aC/OpS7PD9s9ujiQhDsI=
Subject key identifier: C4:60:C5:EF:F0:A8:7D:6B:CB:19:ED:8C:B8:EE:A2:16:EF:9D:3A:EB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0181E05C70948C032EC3D744148FD98E12D9
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xGDF7_CofWvLGe2MuO6iFu-dOus.roa
Signing time: Sat 09 Jul 2022 00:29:23 +0000
ROA not before: Sat 09 Jul 2022 00:29:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212096
IP address blocks: 185.225.20.0/22 maxlen: 22
185.218.20.0/22 maxlen: 22
193.58.144.0/22 maxlen: 22
185.228.72.0/22 maxlen: 22
185.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e0:5c:70:94:8c:03:2e:c3:d7:44:14:8f:d9:8e:12:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 9 00:29:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c460c5eff0a87d6bcb19ed8cb8eea216ef9d3aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:14:45:a2:60:ed:7c:ee:9b:f1:1e:d1:15:80:
58:9b:6b:ff:aa:e0:c0:54:b2:60:5f:36:0f:04:06:
6a:2e:b2:5c:9b:64:b6:92:42:65:bd:18:11:58:cb:
6b:40:19:ce:7f:d6:fd:f6:84:a9:c1:8f:b0:58:20:
e8:a3:8c:72:6a:eb:0d:55:67:63:05:c2:5e:9d:52:
e8:e8:e6:9b:d7:cc:a4:c5:eb:d3:ae:f1:f4:44:58:
63:3a:2a:b7:05:55:72:1a:a1:00:32:a4:c1:26:f3:
36:6c:98:17:91:6b:5f:c2:6b:70:b3:16:af:a0:d5:
9b:11:75:dd:de:b2:9a:9f:14:04:77:38:29:e0:ec:
dc:a3:62:b4:dc:e7:9d:43:5b:7c:af:16:33:f6:fc:
dc:6d:64:39:c0:82:36:61:87:a0:cd:1f:b6:c5:0e:
56:11:50:e8:a8:95:a6:44:78:6c:f7:82:49:cb:96:
d2:a1:b0:6a:17:1a:94:b3:0d:6c:96:df:81:b3:cc:
01:43:3b:a7:fc:82:3b:e6:b2:26:a9:f6:c4:80:1f:
4e:0a:e5:43:f0:5a:b3:dd:7e:f4:d4:6b:41:94:4b:
b9:1b:71:d7:b0:34:a9:41:bc:cb:47:6d:01:f6:47:
dd:f8:75:00:b8:36:0f:13:3b:94:b3:dd:0c:3b:a2:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:60:C5:EF:F0:A8:7D:6B:CB:19:ED:8C:B8:EE:A2:16:EF:9D:3A:EB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xGDF7_CofWvLGe2MuO6iFu-dOus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/22
185.218.20.0/22
185.225.20.0/22
185.228.72.0/22
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
38:5f:c9:78:df:76:41:cd:88:ed:56:4b:d5:05:3c:be:43:12:
f6:27:f9:17:19:82:48:1e:bb:5c:74:9c:50:cc:a8:58:23:c4:
e0:31:dc:91:08:d7:7e:46:25:b6:60:b5:1d:0c:56:21:fb:fc:
c0:ec:9a:6c:c0:f3:49:d1:a2:2d:03:e4:d4:4e:c0:72:8a:ff:
79:55:0c:0a:1c:fc:b4:e3:14:7f:49:d3:08:f7:63:d8:4e:11:
a5:fd:02:18:cd:0a:13:21:57:7f:c0:52:ef:16:0e:bb:be:3f:
e2:1d:89:20:1b:d5:84:79:d6:30:b4:95:57:81:be:0f:fa:f0:
c1:52:3a:fb:2a:40:a4:a1:33:43:c1:5c:90:5c:72:e3:0f:e9:
03:d3:f0:33:16:06:2e:3f:d9:cc:ae:95:a6:06:31:bf:3a:6d:
d1:12:a7:fb:e1:4d:0d:da:93:a6:a6:28:2f:4c:1c:69:f2:c1:
78:32:28:ca:5d:f0:6c:27:1d:86:c4:fc:0c:34:bc:19:69:71:
1f:53:87:50:c8:34:d3:df:10:8a:fe:cc:2d:59:d7:1a:e4:e8:
05:2c:f6:23:e4:18:de:66:e3:00:9e:5c:71:47:71:13:c9:87:
ee:ee:0d:6f:d3:fd:17:ea:d6:8f:df:0a:f6:a6:46:34:45:f4:
3f:9b:9e:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHgXHCUjAMuw9dEFI/ZjhLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwNzA5MDAyOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDYwYzVlZmYwYTg3ZDZiY2IxOWVkOGNiOGVlYTIxNmVmOWQzYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBRFomDtfO6b8R7RFYBYm2v/quDA
VLJgXzYPBAZqLrJcm2S2kkJlvRgRWMtrQBnOf9b99oSpwY+wWCDoo4xyausNVWdj
BcJenVLo6Oab18ykxevTrvH0RFhjOiq3BVVyGqEAMqTBJvM2bJgXkWtfwmtwsxav
oNWbEXXd3rKanxQEdzgp4Ozco2K03OedQ1t8rxYz9vzcbWQ5wII2YYegzR+2xQ5W
EVDoqJWmRHhs94JJy5bSobBqFxqUsw1slt+Bs8wBQzun/II75rImqfbEgB9OCuVD
8Fqz3X701GtBlEu5G3HXsDSpQbzLR20B9kfd+HUAuDYPEzuUs90MO6IR7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMRgxe/wqH1ryxntjLjuohbvnTrrMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveEdERjdfQ29mV3ZMR2UyTXVPNmlGdS1kT3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuWzMAwQC
udoUAwQCueEUAwQCueRIAwQCwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQA4X8l433ZB
zYjtVkvVBTy+QxL2J/kXGYJIHrtcdJxQzKhYI8TgMdyRCNd+RiW2YLUdDFYh+/zA
7JpswPNJ0aItA+TUTsByiv95VQwKHPy04xR/SdMI92PYThGl/QIYzQoTIVd/wFLv
Fg67vj/iHYkgG9WEedYwtJVXgb4P+vDBUjr7KkCkoTNDwVyQXHLjD+kD0/AzFgYu
P9nMrpWmBjG/Om3REqf74U0N2pOmpigvTBxp8sF4MijKXfBsJx2GxPwMNLwZaXEf
U4dQyDTT3xCK/swtWdca5OgFLPYj5BjeZuMAnlxxR3ETyYfu7g1v0/0X6taP3wr2
pkY0RfQ/m55Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org