Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/Ui3qOGEwhlj7Y57CkXCo8mauAas.roa
File: Ui3qOGEwhlj7Y57CkXCo8mauAas.roa (raw, json)
Hash identifier: eEygNn+LbI3XhnkRFAWCb6ANWAMJpdhAyAIDfKHIdUk=
Subject key identifier: 52:2D:EA:38:61:30:86:58:FB:63:9E:C2:91:70:A8:F2:66:AE:01:AB
Certificate issuer: /CN=36261c261756fa03ac57d1bfc4db856ef808975a
Certificate serial: 01856BD33CB86C66A04CEA68AC18E1A5FD65
Authority key identifier: 36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/Ui3qOGEwhlj7Y57CkXCo8mauAas.roa
Signing time: Sun 01 Jan 2023 05:34:43 +0000
ROA not before: Sun 01 Jan 2023 05:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 185.35.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:3c:b8:6c:66:a0:4c:ea:68:ac:18:e1:a5:fd:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36261c261756fa03ac57d1bfc4db856ef808975a
Validity
Not Before: Jan 1 05:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=522dea3861308658fb639ec29170a8f266ae01ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:04:8d:13:d1:04:ac:6e:03:9f:8a:9c:0b:ea:
74:61:33:07:38:c1:37:b1:c2:01:0a:53:a0:47:77:
26:4a:ee:80:fc:fe:2c:10:cb:cd:f8:42:cd:de:18:
a8:a9:6b:20:97:21:b2:4f:49:fd:4a:4b:94:b3:59:
e2:41:83:c0:fe:cb:35:8a:57:7d:d1:7e:75:aa:4f:
a8:bb:0f:a8:eb:82:8d:7f:8c:af:8b:d4:c7:35:12:
23:cd:f5:f8:aa:8a:7e:1c:2c:cc:8a:15:53:fc:ec:
9c:8d:a5:63:42:86:f6:7c:52:c3:0e:1b:c7:c8:13:
a9:83:34:14:02:6b:a2:0d:59:40:2e:41:20:8f:44:
70:19:03:c6:5c:d0:71:2e:a1:98:99:61:45:b6:64:
d6:f8:42:a7:ba:e3:94:48:f6:c1:8d:f4:a6:20:29:
dd:78:3e:b5:1c:2d:54:89:f6:9a:d7:4d:d8:fa:96:
7b:ae:b1:e1:c0:95:19:9c:5e:59:e4:c9:64:ac:89:
ce:ef:76:94:c1:7d:d8:67:9b:29:0d:48:ee:15:0b:
8f:5a:65:7a:e7:4a:22:68:62:1b:8a:9b:79:7a:d3:
d5:71:cf:8a:ce:b8:7d:0e:24:0b:c6:ea:04:22:26:
a7:2e:33:45:02:63:14:7a:1c:2c:80:4b:7d:c3:51:
27:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2D:EA:38:61:30:86:58:FB:63:9E:C2:91:70:A8:F2:66:AE:01:AB
X509v3 Authority Key Identifier:
keyid:36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/Ui3qOGEwhlj7Y57CkXCo8mauAas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.78.0/24
Signature Algorithm: sha256WithRSAEncryption
01:65:3c:8f:5b:f9:42:b2:bc:c0:0e:db:30:72:51:5c:8a:2c:
26:b3:25:10:3e:c4:cc:1e:ac:ac:01:84:bc:cb:d8:27:2a:e1:
b8:dd:88:6f:a6:3d:c2:e4:ae:7e:79:f7:d2:cc:40:86:c9:da:
b0:f4:dd:71:78:20:3e:d4:55:61:62:27:bd:72:9c:c6:4a:0f:
16:51:ae:cd:c6:1e:9b:20:3c:58:99:51:4d:90:ee:9a:55:93:
10:95:bf:a7:a3:34:6d:f3:2d:af:35:a7:6f:9b:99:75:4d:54:
c0:7d:f0:9a:3a:80:e0:b3:a7:79:ff:fc:69:99:7f:29:2c:de:
a6:25:31:ae:4f:cb:d1:9a:7e:24:f3:3c:9a:40:18:ef:9d:17:
f0:5f:6e:11:77:d4:8d:eb:8d:52:29:6f:4d:0a:80:aa:4a:51:
30:71:f9:f7:79:c7:64:2f:67:1e:98:c3:e9:4e:74:13:a7:2e:
c8:1a:2b:48:0b:30:5d:33:de:e6:3b:d0:74:40:b6:72:fa:d2:
1f:88:21:c5:18:23:ce:08:77:ee:7e:34:73:9f:e5:44:84:99:
98:4f:0c:3c:ee:ef:68:5f:a0:0b:a4:c1:8f:ce:50:26:9b:40:
90:9b:c5:2e:d4:6b:c5:86:89:aa:47:0a:9c:61:bc:07:7b:18:
48:ea:fb:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr0zy4bGagTOporBjhpf1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjYxYzI2MTc1NmZhMDNhYzU3ZDFiZmM0ZGI4NTZlZjgw
ODk3NWEwHhcNMjMwMTAxMDUzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJkZWEzODYxMzA4NjU4ZmI2MzllYzI5MTcwYThmMjY2YWUwMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwSNE9EErG4Dn4qcC+p0YTMHOME3
scIBClOgR3cmSu6A/P4sEMvN+ELN3hioqWsglyGyT0n9SkuUs1niQYPA/ss1ild9
0X51qk+ouw+o64KNf4yvi9THNRIjzfX4qop+HCzMihVT/OycjaVjQob2fFLDDhvH
yBOpgzQUAmuiDVlALkEgj0RwGQPGXNBxLqGYmWFFtmTW+EKnuuOUSPbBjfSmICnd
eD61HC1Uifaa103Y+pZ7rrHhwJUZnF5Z5MlkrInO73aUwX3YZ5spDUjuFQuPWmV6
50oiaGIbipt5etPVcc+Kzrh9DiQLxuoEIianLjNFAmMUehwsgEt9w1EnFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIt6jhhMIZY+2OewpFwqPJmrgGrMB8GA1UdIwQY
MBaAFDYmHCYXVvoDrFfRv8TbhW74CJdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTIt
NDQyYzA4MGFlNTQxLzEvVWkzcU9HRXdobGo3WTU3Q2tYQ284bWF1QWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTItNDQyYzA4MGFlNTQx
LzEvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSNOMA0G
CSqGSIb3DQEBCwUAA4IBAQABZTyPW/lCsrzADtswclFciiwmsyUQPsTMHqysAYS8
y9gnKuG43Yhvpj3C5K5+effSzECGydqw9N1xeCA+1FVhYie9cpzGSg8WUa7Nxh6b
IDxYmVFNkO6aVZMQlb+nozRt8y2vNadvm5l1TVTAffCaOoDgs6d5//xpmX8pLN6m
JTGuT8vRmn4k8zyaQBjvnRfwX24Rd9SN641SKW9NCoCqSlEwcfn3ecdkL2cemMPp
TnQTpy7IGitICzBdM97mO9B0QLZy+tIfiCHFGCPOCHfufjRzn+VEhJmYTww87u9o
X6ALpMGPzlAmm0CQm8Uu1GvFhomqRwqcYbwHexhI6vsF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:45 2024 by rpki-client on console-ams.rpki-client.org