Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xvEErZCvYwMx3eeNNsZvRfeITGA.roa
File: xvEErZCvYwMx3eeNNsZvRfeITGA.roa (raw, json)
Hash identifier: MU1ExVBP6fZDu/+QDeCGb4I2t05hRlyV7ZOWgsmOKKo=
Subject key identifier: C6:F1:04:AD:90:AF:63:03:31:DD:E7:8D:36:C6:6F:45:F7:88:4C:60
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03C397DB
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xvEErZCvYwMx3eeNNsZvRfeITGA.roa
Signing time: Wed 30 Mar 2022 08:43:19 +0000
ROA not before: Wed 30 Mar 2022 08:43:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 185.36.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63150043 (0x3c397db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 30 08:43:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6f104ad90af630331dde78d36c66f45f7884c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5b:ea:98:7d:bb:73:9e:c3:1e:99:db:4e:9b:
0d:01:52:f0:c0:86:03:9f:83:87:68:99:12:2b:c1:
fd:aa:d1:66:b5:c0:c0:17:7e:54:35:47:6a:30:57:
13:bb:91:9c:c8:d6:04:23:f7:e0:91:2a:58:3f:e0:
b3:80:d7:4d:5e:45:5b:f5:f8:00:b6:b2:04:dd:6f:
7e:d5:a1:de:9a:b7:48:86:57:f9:2e:9e:77:d5:d9:
b5:28:fa:c8:71:af:68:dc:e9:81:42:9e:34:6c:a6:
d9:8b:15:2f:ea:5c:20:e4:c2:d8:6b:4a:07:74:bc:
c3:fd:dd:a4:27:a0:10:a4:7f:16:0a:a0:bc:ad:60:
75:2f:bd:35:6c:25:36:da:3c:55:f9:31:15:1e:68:
02:19:80:a3:f7:ce:5a:f3:74:58:17:03:5b:4a:14:
32:1a:f0:4b:d6:ac:31:27:09:e8:59:7b:ab:01:2e:
1f:a8:8d:94:6d:bc:e9:f6:69:b0:ef:7d:a5:cf:29:
e7:b5:8c:34:99:25:44:2f:c1:eb:aa:83:5a:d5:0f:
d3:cd:ce:ac:37:fe:f3:46:d3:f4:2a:e9:e8:78:7b:
4b:ac:6c:d8:d2:a3:87:43:25:a7:83:8e:79:df:00:
fd:3f:69:b8:8b:3f:6a:16:55:b9:11:f0:63:01:2b:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F1:04:AD:90:AF:63:03:31:DD:E7:8D:36:C6:6F:45:F7:88:4C:60
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xvEErZCvYwMx3eeNNsZvRfeITGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.206.0/24
Signature Algorithm: sha256WithRSAEncryption
40:9e:3d:f7:1d:4c:5a:8e:5f:a4:48:94:e0:b9:90:ba:95:f5:
ab:79:0b:65:a8:a2:c6:04:de:c4:ad:15:02:71:d1:a0:4b:8b:
ca:e1:4d:71:56:87:75:8e:02:57:9f:c4:a8:68:eb:6d:ac:20:
11:81:60:1e:5f:be:c6:2e:89:86:fd:7c:6d:8d:35:8a:3f:5b:
c9:b5:93:21:21:13:20:3c:f6:21:d7:61:6b:53:9a:2e:21:8f:
f2:b3:eb:61:42:97:a8:2b:e7:5e:e2:9c:dc:81:f9:b3:3e:68:
00:7f:20:a8:c6:78:4f:c8:6d:f4:87:6a:2d:79:20:13:25:b3:
7a:6f:95:55:2e:54:6b:12:a9:3b:30:2b:5f:43:01:0b:f8:a4:
d2:f0:09:86:6a:3a:70:c2:08:7c:e0:26:bb:25:b9:e3:0d:eb:
8a:85:81:2c:b9:fa:64:e1:23:3f:0b:2a:ef:da:00:6e:87:0f:
3f:40:0e:d7:34:34:96:b9:68:f6:7d:39:a5:4c:e6:ab:25:cf:
c9:ac:5f:28:e2:58:fb:91:d9:42:5a:eb:51:de:c7:d5:de:65:
30:ba:71:ea:c7:a8:4b:3e:78:6f:58:e5:1c:24:d4:65:38:ca:
4e:f6:d1:9e:37:70:c7:5b:51:6f:22:4d:d3:99:34:36:6f:b8:
2b:29:4c:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8OX2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDMz
MDA4NDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZmMTA0YWQ5MGFm
NjMwMzMxZGRlNzhkMzZjNjZmNDVmNzg4NGM2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNb6ph9u3Oewx6Z206bDQFS8MCGA5+Dh2iZEivB/arRZrXA
wBd+VDVHajBXE7uRnMjWBCP34JEqWD/gs4DXTV5FW/X4ALayBN1vftWh3pq3SIZX
+S6ed9XZtSj6yHGvaNzpgUKeNGym2YsVL+pcIOTC2GtKB3S8w/3dpCegEKR/Fgqg
vK1gdS+9NWwlNto8VfkxFR5oAhmAo/fOWvN0WBcDW0oUMhrwS9asMScJ6Fl7qwEu
H6iNlG286fZpsO99pc8p57WMNJklRC/B66qDWtUP083OrDf+80bT9Crp6Hh7S6xs
2NKjh0Mlp4OOed8A/T9puIs/ahZVuRHwYwEr8nMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTG8QStkK9jAzHd5402xm9F94hMYDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L3h2RUVyWkN2WXdNeDNlZU5Oc1p2UmZlSVRHQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkkzjANBgkqhkiG9w0BAQsFAAOC
AQEAQJ499x1MWo5fpEiU4LmQupX1q3kLZaiixgTexK0VAnHRoEuLyuFNcVaHdY4C
V5/EqGjrbawgEYFgHl++xi6Jhv18bY01ij9bybWTISETIDz2Iddha1OaLiGP8rPr
YUKXqCvnXuKc3IH5sz5oAH8gqMZ4T8ht9IdqLXkgEyWzem+VVS5UaxKpOzArX0MB
C/ik0vAJhmo6cMIIfOAmuyW54w3rioWBLLn6ZOEjPwsq79oAbocPP0AO1zQ0lrlo
9n05pUzmqyXPyaxfKOJY+5HZQlrrUd7H1d5lMLpx6seoSz54b1jlHCTUZTjKTvbR
njdwx1tRbyJN05k0Nm+4KylMjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org