Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xUunBF4fm2ygWah3KD5w-LJSsU0.roa
File: xUunBF4fm2ygWah3KD5w-LJSsU0.roa (raw, json)
Hash identifier: zYwyrY/oVzNR+QrL6XRSytTKRxzASJ/nCv6e4DXrbjk=
Subject key identifier: C5:4B:A7:04:5E:1F:9B:6C:A0:59:A8:77:28:3E:70:F8:B2:52:B1:4D
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0183CDD4C4D5FF60A89B8009A2DC48AAFD03
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xUunBF4fm2ygWah3KD5w-LJSsU0.roa
Signing time: Wed 12 Oct 2022 20:13:36 +0000
ROA not before: Wed 12 Oct 2022 20:13:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 185.108.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cd:d4:c4:d5:ff:60:a8:9b:80:09:a2:dc:48:aa:fd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 12 20:13:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c54ba7045e1f9b6ca059a877283e70f8b252b14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:dd:99:37:8d:6b:87:7b:57:23:0f:84:1e:
de:da:54:fa:d4:07:ad:f1:e0:a8:56:ce:36:4e:ac:
69:d8:ca:47:04:99:30:31:eb:4a:38:e8:4c:2a:9a:
40:1f:0d:94:2c:3a:de:6c:88:a5:98:46:bc:dc:5c:
56:cb:4b:3c:7f:00:4b:56:15:87:d0:6b:68:cb:2e:
86:ed:98:c0:f3:41:1a:e0:8c:e0:17:a5:ba:af:91:
92:08:f4:b3:b5:4f:e7:e1:dc:12:0f:40:53:2f:e8:
2f:44:50:f1:d4:fb:a4:39:dc:00:e5:5b:ab:17:72:
48:c7:57:a3:e0:cb:14:ee:55:31:2f:27:a4:37:a2:
08:2b:8c:36:5a:f6:74:d8:5b:b0:8c:66:57:92:cf:
c9:9b:a3:fa:20:5c:83:05:33:f7:5f:c2:c8:07:75:
65:a9:4e:8b:fe:40:82:78:db:5b:dd:18:35:eb:3f:
8e:12:65:3c:6c:c5:ee:a4:15:15:91:4a:6e:a6:6d:
b7:07:8a:48:02:25:67:ae:fa:3b:fd:ed:66:ba:50:
20:22:97:4a:27:4a:bc:05:15:02:f0:fa:be:d2:23:
a0:8c:a5:a4:6d:2a:41:c4:36:fd:9c:c0:0f:cf:94:
0c:14:6a:48:89:8d:9a:2c:7b:73:12:f5:9f:54:bd:
0d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4B:A7:04:5E:1F:9B:6C:A0:59:A8:77:28:3E:70:F8:B2:52:B1:4D
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xUunBF4fm2ygWah3KD5w-LJSsU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.206.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:fe:6b:3c:1e:3c:8f:f6:d3:f7:68:66:52:33:1c:76:bc:8b:
a0:ff:12:97:ae:c5:61:24:81:84:d0:ae:37:97:17:47:f1:94:
dd:d9:be:01:aa:e3:38:e6:c3:1c:60:48:04:27:77:0f:ef:fa:
65:39:56:3c:d1:ba:ad:c7:ab:f5:f6:89:7d:72:e7:bb:0b:1e:
56:35:a8:3a:07:3d:91:21:43:62:2f:c8:a4:11:8b:a7:00:8e:
c2:73:57:cb:ee:53:1d:05:62:d4:b4:03:80:ac:0a:5a:98:3b:
06:dc:1f:73:6d:d7:60:3d:3c:07:2d:3a:c3:cc:d0:d9:61:7f:
28:f9:12:32:ad:a6:a9:32:5e:b2:fa:23:f3:7f:e1:81:10:8a:
30:db:a8:12:20:b5:e0:ca:9d:bf:24:9e:21:d6:04:91:5f:b4:
1a:7b:0b:a5:54:9f:6b:f8:c6:3a:04:dd:7d:10:87:5a:4b:a5:
f8:63:26:b8:cc:3d:38:58:74:de:60:01:53:c6:57:74:0a:ea:
2f:18:bc:3f:c9:9e:d6:a0:22:1a:85:8c:aa:71:1e:ad:f0:66:
c6:88:ac:f4:f3:b1:ef:aa:96:d7:bd:05:60:23:1a:5f:03:d2:
2f:bc:fd:c7:2b:5f:9b:58:70:f4:ee:80:92:40:be:00:d0:ab:
63:47:94:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPN1MTV/2Com4AJotxIqv0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMDEyMjAxMzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRiYTcwNDVlMWY5YjZjYTA1OWE4NzcyODNlNzBmOGIyNTJiMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQTdmTeNa4d7VyMPhB7e2lT61Aet
8eCoVs42Tqxp2MpHBJkwMetKOOhMKppAHw2ULDrebIilmEa83FxWy0s8fwBLVhWH
0Gtoyy6G7ZjA80Ea4IzgF6W6r5GSCPSztU/n4dwSD0BTL+gvRFDx1PukOdwA5Vur
F3JIx1ej4MsU7lUxLyekN6IIK4w2WvZ02FuwjGZXks/Jm6P6IFyDBTP3X8LIB3Vl
qU6L/kCCeNtb3Rg16z+OEmU8bMXupBUVkUpupm23B4pIAiVnrvo7/e1mulAgIpdK
J0q8BRUC8Pq+0iOgjKWkbSpBxDb9nMAPz5QMFGpIiY2aLHtzEvWfVL0N3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVLpwReH5tsoFmodyg+cPiyUrFNMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveFV1bkJGNGZtMnlnV2FoM0tENXctTEpTc1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWzOMA0G
CSqGSIb3DQEBCwUAA4IBAQC2/ms8HjyP9tP3aGZSMxx2vIug/xKXrsVhJIGE0K43
lxdH8ZTd2b4BquM45sMcYEgEJ3cP7/plOVY80bqtx6v19ol9cue7Cx5WNag6Bz2R
IUNiL8ikEYunAI7Cc1fL7lMdBWLUtAOArApamDsG3B9zbddgPTwHLTrDzNDZYX8o
+RIyraapMl6y+iPzf+GBEIow26gSILXgyp2/JJ4h1gSRX7QaewulVJ9r+MY6BN19
EIdaS6X4Yya4zD04WHTeYAFTxld0CuovGLw/yZ7WoCIahYyqcR6t8GbGiKz087Hv
qpbXvQVgIxpfA9IvvP3HK1+bWHD07oCSQL4A0KtjR5RE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org