Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/y5xxZK9UFChO-c4wBi7T8jsKBlQ.roa
File: y5xxZK9UFChO-c4wBi7T8jsKBlQ.roa (raw, json)
Hash identifier: 6Kll4ywuwHg/nZhiueodRsn52FVCtA5PWVAxVC05css=
Subject key identifier: CB:9C:71:64:AF:54:14:28:4E:F9:CE:30:06:2E:D3:F2:3B:0A:06:54
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03F7F52D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/y5xxZK9UFChO-c4wBi7T8jsKBlQ.roa
Signing time: Sat 16 Apr 2022 11:41:13 +0000
ROA not before: Sat 16 Apr 2022 11:41:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400040
IP address blocks: 185.225.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66581805 (0x3f7f52d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 16 11:41:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb9c7164af5414284ef9ce30062ed3f23b0a0654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:06:e6:f2:78:c1:11:5f:0b:9d:65:ef:30:
48:be:e6:04:15:6b:4a:c2:2f:ed:37:42:3e:ca:a3:
89:c8:d2:3f:e1:f5:c8:3d:41:50:55:f0:df:5f:16:
69:c5:44:59:e9:42:44:91:60:e6:0e:db:ce:9f:d7:
ed:c2:e5:3a:be:3d:bd:8b:a7:07:de:35:00:fe:b3:
21:51:90:37:c8:df:fd:0a:c6:20:44:a2:57:d9:5f:
a0:7a:0f:ef:37:a4:55:94:45:74:ea:54:3f:5d:01:
32:42:30:70:33:af:12:73:be:f5:d8:39:57:81:ad:
b9:4f:03:ff:75:cf:1e:ae:81:12:57:98:fb:13:ff:
be:3b:b6:50:31:e2:00:2e:ec:b3:81:ce:5e:ab:16:
14:6e:76:5a:75:6b:a5:fb:6e:83:89:5b:15:43:b7:
f7:77:38:0a:d0:66:b9:77:cd:fe:0a:95:3d:02:02:
21:b1:7d:17:ee:2b:b5:59:67:a0:14:8a:76:1c:0c:
31:b8:54:25:89:a5:db:7a:70:3f:d5:ca:3b:8a:31:
12:e4:5b:4f:93:02:4b:15:35:fb:dc:cd:f0:fc:49:
bc:9e:ea:1e:41:0b:3a:bd:64:7c:b7:04:3d:04:15:
b5:5d:9f:fb:c6:dc:ca:dd:7b:5c:5f:ec:f3:e4:32:
90:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9C:71:64:AF:54:14:28:4E:F9:CE:30:06:2E:D3:F2:3B:0A:06:54
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/y5xxZK9UFChO-c4wBi7T8jsKBlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:17:f8:ea:5d:08:65:8d:3d:8b:f7:47:66:34:7f:1c:e8:e7:
04:a7:bd:37:ab:a1:56:19:52:ba:5b:3e:0f:0e:0a:4e:5f:3a:
09:f0:96:31:6b:0a:b6:93:0e:9c:a6:a4:43:fa:a5:f7:42:0f:
a1:b0:67:3b:8e:95:a1:98:19:f6:d1:6c:b4:d6:ed:c8:29:6b:
41:1f:02:84:58:20:f7:c6:75:f0:01:ca:3c:b7:19:84:94:ee:
b6:da:56:87:2e:81:27:fb:fd:28:04:cb:83:77:18:3e:66:c0:
07:c0:e9:65:4d:26:a2:69:90:7e:89:22:bf:7d:61:1f:ec:d8:
24:4e:89:5a:cb:bc:f2:7a:35:d4:19:93:e4:3a:f0:c4:c5:31:
0d:91:39:03:b4:d4:dc:d6:2b:43:c1:26:54:70:f9:35:f3:a5:
38:96:e5:3b:23:64:0a:33:93:8f:80:bf:a5:37:c1:ed:be:cc:
1e:4b:4e:46:d7:27:dc:b8:38:13:24:6a:eb:1b:6b:e0:64:17:
ac:b6:00:f8:f5:0e:53:51:1c:20:f3:42:15:56:bf:ad:5e:a1:
f4:c9:c3:c9:2a:8f:1b:bf:48:21:c8:37:21:7c:f6:28:59:5f:
5b:a4:54:36:1e:1c:0a:25:2b:7f:e6:85:c0:b7:7d:b1:9e:33:
00:a2:65:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/f1LTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDQx
NjExNDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I5YzcxNjRhZjU0
MTQyODRlZjljZTMwMDYyZWQzZjIzYjBhMDY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEVBubyeMERXwudZe8wSL7mBBVrSsIv7TdCPsqjicjSP+H1
yD1BUFXw318WacVEWelCRJFg5g7bzp/X7cLlOr49vYunB941AP6zIVGQN8jf/QrG
IESiV9lfoHoP7zekVZRFdOpUP10BMkIwcDOvEnO+9dg5V4GtuU8D/3XPHq6BEleY
+xP/vju2UDHiAC7ss4HOXqsWFG52WnVrpftug4lbFUO393c4CtBmuXfN/gqVPQIC
IbF9F+4rtVlnoBSKdhwMMbhUJYml23pwP9XKO4oxEuRbT5MCSxU1+9zN8PxJvJ7q
HkELOr1kfLcEPQQVtV2f+8bcyt17XF/s8+QykJECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTLnHFkr1QUKE75zjAGLtPyOwoGVDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L3k1eHhaSzlVRkNoTy1jNHdCaTdUOGpzS0JsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnhFTANBgkqhkiG9w0BAQsFAAOC
AQEAwBf46l0IZY09i/dHZjR/HOjnBKe9N6uhVhlSuls+Dw4KTl86CfCWMWsKtpMO
nKakQ/ql90IPobBnO46VoZgZ9tFstNbtyClrQR8ChFgg98Z18AHKPLcZhJTuttpW
hy6BJ/v9KATLg3cYPmbAB8DpZU0mommQfokiv31hH+zYJE6JWsu88no11BmT5Drw
xMUxDZE5A7TU3NYrQ8EmVHD5NfOlOJblOyNkCjOTj4C/pTfB7b7MHktORtcn3Lg4
EyRq6xtr4GQXrLYA+PUOU1EcIPNCFVa/rV6h9MnDySqPG79IIcg3IXz2KFlfW6RU
Nh4cCiUrf+aFwLd9sZ4zAKJlDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:27 2023 by rpki-client on console-fra.rpki-client.org