Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/85ddae-54a7-4e7b-96da-d12867b46733/1/xw3OrQEbG4v3_5cpD1Veq6s8MIY.roa
File: xw3OrQEbG4v3_5cpD1Veq6s8MIY.roa (raw, json)
Hash identifier: 2rWTCyMh3D5xOgAG8/Sxw681804VtojkFwgnIB1vHfg=
Subject key identifier: C7:0D:CE:AD:01:1B:1B:8B:F7:FF:97:29:0F:55:5E:AB:AB:3C:30:86
Certificate issuer: /CN=787aac71f17ef033cb6536795338fdc7bc0f2263
Certificate serial: 018BADAADC93F509512706A2623E119C72AF
Authority key identifier: 78:7A:AC:71:F1:7E:F0:33:CB:65:36:79:53:38:FD:C7:BC:0F:22:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHqscfF-8DPLZTZ5Uzj9x7wPImM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/85ddae-54a7-4e7b-96da-d12867b46733/1/xw3OrQEbG4v3_5cpD1Veq6s8MIY.roa
Signing time: Wed 08 Nov 2023 06:42:17 +0000
ROA not before: Wed 08 Nov 2023 06:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35571
IP address blocks: 185.141.180.0/22 maxlen: 22
87.236.80.0/21 maxlen: 21
87.236.80.0/22 maxlen: 22
87.236.84.0/23 maxlen: 23
87.236.86.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:aa:dc:93:f5:09:51:27:06:a2:62:3e:11:9c:72:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787aac71f17ef033cb6536795338fdc7bc0f2263
Validity
Not Before: Nov 8 06:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c70dcead011b1b8bf7ff97290f555eabab3c3086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:aa:3f:50:e7:2f:bb:bc:e4:f2:49:6e:21:
16:3a:85:94:05:44:c3:36:7c:a3:10:dd:60:a4:c8:
ae:bb:b3:45:f0:c4:83:47:9e:47:74:05:c6:4c:17:
03:cf:42:39:10:2b:a6:ef:5d:26:c8:23:01:0b:95:
30:82:1e:de:b1:3f:57:6f:af:87:c5:6b:87:d4:a8:
0c:22:01:a1:e0:e2:55:00:57:e5:20:dc:5d:9e:9a:
ec:0d:33:c7:f1:4b:82:c1:9c:46:11:b6:c0:6a:8e:
cd:5e:ee:60:4a:e3:e2:8f:05:62:fc:b7:7e:e0:83:
3a:99:3b:c0:cf:d9:23:b2:b7:97:e8:2c:60:5f:0b:
be:c0:c1:ee:d2:91:e3:30:70:33:40:98:10:da:b3:
fa:52:70:18:fb:ea:57:f3:67:86:28:bb:7f:e7:a3:
e5:6c:f2:d5:a0:49:be:37:78:aa:48:ab:7f:ba:9b:
80:b5:24:af:0a:90:4c:f7:0f:93:92:6d:8b:db:5c:
91:8f:9f:60:df:47:c6:d6:52:6b:28:23:65:8e:77:
e5:9e:6e:2a:8c:b3:a8:2e:fc:1b:1c:78:29:a2:06:
1f:d4:af:d8:6b:8f:8d:bf:0e:ab:6b:e5:44:51:2f:
66:55:d2:93:0b:7b:e9:b3:57:22:6c:96:75:bd:ec:
d5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0D:CE:AD:01:1B:1B:8B:F7:FF:97:29:0F:55:5E:AB:AB:3C:30:86
X509v3 Authority Key Identifier:
keyid:78:7A:AC:71:F1:7E:F0:33:CB:65:36:79:53:38:FD:C7:BC:0F:22:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHqscfF-8DPLZTZ5Uzj9x7wPImM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/85ddae-54a7-4e7b-96da-d12867b46733/1/xw3OrQEbG4v3_5cpD1Veq6s8MIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/85ddae-54a7-4e7b-96da-d12867b46733/1/eHqscfF-8DPLZTZ5Uzj9x7wPImM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.80.0/21
185.141.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:fc:4b:46:c5:ba:10:f5:d1:f6:7c:a6:f8:58:06:56:fc:b0:
11:b9:f1:ca:6f:5a:d8:d2:21:8c:36:e0:11:a3:d6:ed:cc:0f:
ef:93:22:2d:b3:c8:fe:bb:73:1a:09:74:75:55:0b:d3:0b:ec:
9b:56:d0:3b:11:f4:3d:6f:45:ff:fb:a7:61:f4:48:77:8a:d5:
b4:21:94:24:a2:53:3c:2f:cc:24:cd:41:be:df:1e:43:9a:35:
18:0c:92:e9:f8:a0:5d:f5:e6:32:48:ee:d0:42:ba:33:fc:af:
7c:96:47:d5:ad:0b:d6:c7:db:a1:63:60:fa:1d:5b:7a:9d:91:
33:ab:45:c6:e1:fe:76:23:d5:7a:3b:7d:0c:87:bd:3a:56:57:
1f:bf:f5:a4:a9:ec:85:13:8c:c9:c8:7b:0d:c1:de:e9:e1:01:
82:d7:a7:7b:43:8d:99:3b:66:79:2e:eb:49:84:38:a3:6d:12:
3e:e4:bd:8f:18:ff:0e:7c:f6:9f:70:19:fc:d8:70:7d:b3:72:
ac:fa:94:09:fb:6c:f7:15:e8:4a:5c:a6:8d:e4:42:38:40:e1:
8e:99:e7:1c:89:8d:fe:cc:f2:02:81:a3:50:8d:4b:b5:73:db:
38:0c:b0:20:6f:6c:fc:f5:65:b3:ae:81:42:5a:1c:50:1a:4d:
63:9a:56:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYutqtyT9QlRJwaiYj4RnHKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2FhYzcxZjE3ZWYwMzNjYjY1MzY3OTUzMzhmZGM3YmMw
ZjIyNjMwHhcNMjMxMTA4MDY0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBkY2VhZDAxMWIxYjhiZjdmZjk3MjkwZjU1NWVhYmFiM2MzMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFSqP1DnL7u85PJJbiEWOoWUBUTD
NnyjEN1gpMiuu7NF8MSDR55HdAXGTBcDz0I5ECum710myCMBC5Uwgh7esT9Xb6+H
xWuH1KgMIgGh4OJVAFflINxdnprsDTPH8UuCwZxGEbbAao7NXu5gSuPijwVi/Ld+
4IM6mTvAz9kjsreX6CxgXwu+wMHu0pHjMHAzQJgQ2rP6UnAY++pX82eGKLt/56Pl
bPLVoEm+N3iqSKt/upuAtSSvCpBM9w+Tkm2L21yRj59g30fG1lJrKCNljnflnm4q
jLOoLvwbHHgpogYf1K/Ya4+Nvw6ra+VEUS9mVdKTC3vps1cibJZ1vezVWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMcNzq0BGxuL9/+XKQ9VXqurPDCGMB8GA1UdIwQY
MBaAFHh6rHHxfvAzy2U2eVM4/ce8DyJjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhxc2NmRi04RFBMWlRaNVV6ajl4N3dQSW1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy84NWRkYWUtNTRhNy00ZTdiLTk2ZGEt
ZDEyODY3YjQ2NzMzLzEveHczT3JRRWJHNHYzXzVjcEQxVmVxNnM4TUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy84NWRkYWUtNTRhNy00ZTdiLTk2ZGEtZDEyODY3YjQ2NzMz
LzEvZUhxc2NmRi04RFBMWlRaNVV6ajl4N3dQSW1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV+xQAwQC
uY20MA0GCSqGSIb3DQEBCwUAA4IBAQCj/EtGxboQ9dH2fKb4WAZW/LARufHKb1rY
0iGMNuARo9btzA/vkyIts8j+u3MaCXR1VQvTC+ybVtA7EfQ9b0X/+6dh9Eh3itW0
IZQkolM8L8wkzUG+3x5DmjUYDJLp+KBd9eYySO7QQroz/K98lkfVrQvWx9uhY2D6
HVt6nZEzq0XG4f52I9V6O30Mh706Vlcfv/WkqeyFE4zJyHsNwd7p4QGC16d7Q42Z
O2Z5LutJhDijbRI+5L2PGP8OfPafcBn82HB9s3Ks+pQJ+2z3FehKXKaN5EI4QOGO
mecciY3+zPICgaNQjUu1c9s4DLAgb2z89WWzroFCWhxQGk1jmlaS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:04 2024 by rpki-client on console-ams.rpki-client.org