Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yLMIuEuu9ia0mFKlIeDLmxYbrHA.roa
File: yLMIuEuu9ia0mFKlIeDLmxYbrHA.roa (raw, json)
Hash identifier: 1z8x5VTX85HwXulx4/jvYGaoRgxHLVtgkzgDmCa8bhs=
Subject key identifier: C8:B3:08:B8:4B:AE:F6:26:B4:98:52:A5:21:E0:CB:9B:16:1B:AC:70
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 03DAEA76
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yLMIuEuu9ia0mFKlIeDLmxYbrHA.roa
Signing time: Tue 05 Apr 2022 11:28:13 +0000
ROA not before: Tue 05 Apr 2022 11:28:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 185.228.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64678518 (0x3daea76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 5 11:28:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8b308b84baef626b49852a521e0cb9b161bac70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:59:a3:d0:7e:c4:64:e0:a7:51:e4:c9:ee:08:
8f:ec:00:9f:9f:08:20:e3:c3:30:9e:5d:0b:89:45:
e4:20:7f:76:91:7f:5b:9e:9d:7b:7e:22:12:57:ba:
c8:b6:bd:4a:f1:7d:74:c2:a8:e5:8a:a0:ce:63:f8:
fa:99:16:2a:38:46:8a:2c:a0:80:8d:bc:2b:e2:12:
b7:2d:0d:47:f0:76:db:8e:b2:3b:14:4c:cb:1a:74:
38:ad:ee:55:4e:2e:85:aa:17:bb:62:ca:3a:4d:80:
72:4b:bc:5e:42:2d:ef:aa:ca:ab:44:11:b6:9b:cf:
c7:de:07:e8:f8:ed:37:59:ee:53:c9:21:b1:7b:e5:
1d:7f:23:d5:0d:bc:a3:ec:6a:5b:9c:f6:cd:3e:a6:
cd:4d:6a:72:67:c5:56:9d:a0:15:d8:e8:b1:0d:d1:
94:3f:8d:01:ee:dd:3f:e4:d5:54:57:e7:19:8d:c9:
8e:ba:7b:65:67:03:4b:8d:8f:af:1f:6d:0f:88:68:
98:59:0b:f2:2e:07:87:28:12:24:27:65:12:2f:5d:
df:e4:80:12:e5:b4:14:ac:17:c8:33:e0:26:c4:d3:
d2:36:83:98:c6:46:51:21:14:80:cd:08:c0:ef:bb:
7a:e9:b7:95:be:28:5c:29:43:1f:a8:39:38:68:aa:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B3:08:B8:4B:AE:F6:26:B4:98:52:A5:21:E0:CB:9B:16:1B:AC:70
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/yLMIuEuu9ia0mFKlIeDLmxYbrHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.72.0/24
Signature Algorithm: sha256WithRSAEncryption
01:db:de:28:5e:fc:bd:52:ed:68:72:bd:2d:c2:e7:8d:a9:d2:
4b:0f:2c:a8:6d:7a:5f:37:89:b6:55:55:08:da:60:a8:61:55:
30:07:df:99:35:50:cb:5f:a6:59:4a:5f:7d:ad:ab:76:04:f4:
43:e4:45:1c:b3:5e:12:1f:95:ec:9c:37:ab:4e:3e:a9:3f:ba:
43:fb:64:e0:f8:76:8d:b6:e1:55:2d:ab:a6:83:fd:20:4c:e0:
82:04:5f:dd:a4:3f:24:cb:c7:27:29:aa:ed:cf:d2:b0:f6:a6:
cc:f1:7f:5c:af:55:c6:20:aa:93:a9:69:0a:c3:d0:14:17:50:
e6:8d:d2:03:52:3a:35:ec:76:1e:0f:29:27:35:1e:a3:43:22:
04:6c:b3:39:83:3b:0c:18:1c:44:d1:2c:28:e7:39:cd:d4:87:
42:0c:b0:e8:ed:5f:0e:69:15:f1:36:fc:d2:2e:c3:e0:b2:85:
b9:d6:5a:1f:34:ce:cf:74:29:09:21:38:51:1e:da:1d:98:11:
d6:d1:0d:e9:8f:b7:6b:ea:77:e1:0c:06:03:ce:b2:b1:6a:13:
c9:8c:d9:b4:18:f9:70:8c:16:84:9b:6e:d5:1f:31:15:0a:b0:
84:c0:cb:f8:03:dc:d8:2e:0d:e8:88:b2:cc:ee:49:2e:58:5c:
c5:e1:de:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9rqdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjhiZmI4YTVlZWU0OTA4MmVhNjI4ZGYyNWE0YTVkNTBmM2FhOWIzMB4XDTIyMDQw
NTExMjgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhiMzA4Yjg0YmFl
ZjYyNmI0OTg1MmE1MjFlMGNiOWIxNjFiYWM3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5Zo9B+xGTgp1Hkye4Ij+wAn58IIOPDMJ5dC4lF5CB/dpF/
W56de34iEle6yLa9SvF9dMKo5YqgzmP4+pkWKjhGiiyggI28K+ISty0NR/B2246y
OxRMyxp0OK3uVU4uhaoXu2LKOk2Acku8XkIt76rKq0QRtpvPx94H6PjtN1nuU8kh
sXvlHX8j1Q28o+xqW5z2zT6mzU1qcmfFVp2gFdjosQ3RlD+NAe7dP+TVVFfnGY3J
jrp7ZWcDS42Prx9tD4homFkL8i4HhygSJCdlEi9d3+SAEuW0FKwXyDPgJsTT0jaD
mMZGUSEUgM0IwO+7eum3lb4oXClDH6g5OGiqNikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIswi4S672JrSYUqUh4MubFhuscDAfBgNVHSMEGDAWgBQ2i/uKXu5JCC6m
KN8lpKXVDzqpszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05vdjdpbDd1U1FndXBpamZKYVNsMVE4NnFiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8x
L3lMTUl1RXV1OWlhMG1GS2xJZURMbXhZYnJIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YWE1OGMzLWU3MDYtNGE0OS1hN2M1LTBhZTJlOTIyYTI5Mi8xL05vdjdpbDd1U1Fn
dXBpamZKYVNsMVE4NnFiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnkSDANBgkqhkiG9w0BAQsFAAOC
AQEAAdveKF78vVLtaHK9LcLnjanSSw8sqG16XzeJtlVVCNpgqGFVMAffmTVQy1+m
WUpffa2rdgT0Q+RFHLNeEh+V7Jw3q04+qT+6Q/tk4Ph2jbbhVS2rpoP9IEzgggRf
3aQ/JMvHJymq7c/SsPamzPF/XK9VxiCqk6lpCsPQFBdQ5o3SA1I6Nex2Hg8pJzUe
o0MiBGyzOYM7DBgcRNEsKOc5zdSHQgyw6O1fDmkV8Tb80i7D4LKFudZaHzTOz3Qp
CSE4UR7aHZgR1tEN6Y+3a+p34QwGA86ysWoTyYzZtBj5cIwWhJtu1R8xFQqwhMDL
+APc2C4N6IiyzO5JLlhcxeHeUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org