Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/dlHmGMB0W_Bjl27IGYFbPlbVrm4.roa
File: dlHmGMB0W_Bjl27IGYFbPlbVrm4.roa (raw, json)
Hash identifier: aGifFGyzvDrQz3XK+SXHJz/qaF6JkCFmDAbkFjs9Y7s=
Subject key identifier: 76:51:E6:18:C0:74:5B:F0:63:97:6E:C8:19:81:5B:3E:56:D5:AE:6E
Certificate issuer: /CN=36261c261756fa03ac57d1bfc4db856ef808975a
Certificate serial: 04EFCD55
Authority key identifier: 36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/dlHmGMB0W_Bjl27IGYFbPlbVrm4.roa
Signing time: Tue 08 Feb 2022 15:01:37 +0000
ROA not before: Tue 08 Feb 2022 15:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64267
IP address blocks: 185.35.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82824533 (0x4efcd55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36261c261756fa03ac57d1bfc4db856ef808975a
Validity
Not Before: Feb 8 15:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7651e618c0745bf063976ec819815b3e56d5ae6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:05:70:e4:42:40:35:40:36:43:79:46:f1:33:
55:65:c9:27:f4:f2:41:12:35:3d:86:82:04:99:d6:
df:84:d5:a7:0e:bc:3b:08:6f:4e:df:0a:9b:e1:e3:
0d:31:28:53:76:9e:98:a1:a0:19:f7:0f:43:a0:3c:
c3:8a:14:7b:ec:69:6e:2d:85:aa:d3:68:36:e4:84:
44:55:2a:53:f4:42:49:6c:dd:9d:13:40:9e:23:49:
d5:4d:77:33:da:58:a8:98:27:c9:8e:e4:73:35:9a:
d3:de:3b:ba:dd:b2:d6:d9:4b:3d:d8:cc:85:d6:80:
76:56:1a:97:3a:8c:e5:c6:47:29:56:1d:69:8f:e1:
92:05:f3:9b:55:32:37:3a:9b:80:36:11:b8:3e:b6:
fb:a0:ce:60:9c:a4:ac:64:44:8e:4c:e9:72:d9:7e:
3b:f3:71:44:82:da:b8:09:df:5e:55:8d:f4:2d:99:
5f:37:e7:ff:f9:70:bb:7e:54:fd:48:1f:96:37:5d:
7d:8c:03:d0:3c:3f:5e:1b:b2:28:85:51:ce:59:93:
8d:00:58:28:99:36:1a:74:c1:89:32:dd:9b:27:77:
c9:f5:2a:b3:a3:bc:6a:59:76:3b:18:96:a5:82:17:
0f:a8:8c:ff:d0:1d:86:3f:72:06:7b:7a:74:dd:48:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:E6:18:C0:74:5B:F0:63:97:6E:C8:19:81:5B:3E:56:D5:AE:6E
X509v3 Authority Key Identifier:
keyid:36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/dlHmGMB0W_Bjl27IGYFbPlbVrm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.78.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3b:a3:3a:3d:fb:3b:a2:7f:27:6e:80:e8:80:43:1e:6f:4b:
8c:5d:66:8d:82:81:d1:47:0b:75:1d:7b:cc:fd:5d:8c:58:04:
91:b0:dd:4d:f3:67:5f:b4:f0:d4:b2:bf:12:65:23:fd:9b:49:
96:53:75:60:ae:9a:e6:26:4d:ec:8b:fd:8a:c6:96:1e:7e:00:
1c:54:a8:39:94:44:e7:df:14:59:a3:96:5f:10:dc:13:bc:6c:
37:7c:89:2c:ad:51:6f:71:1a:65:0c:69:4a:9c:7a:d7:96:aa:
16:08:02:1a:9c:da:c6:96:62:42:ec:31:9e:85:bc:a7:c6:09:
a5:61:cb:58:16:40:26:19:3b:09:af:df:5e:55:2d:0c:70:54:
2f:f5:b2:03:bb:74:ce:46:b4:b9:30:63:7f:84:3d:25:76:0c:
86:d4:44:6c:d1:b6:58:e5:f9:da:b1:57:da:6a:26:95:45:0c:
bd:0e:91:4f:31:2b:d6:75:b4:0d:99:28:da:aa:68:c7:88:d4:
73:e1:ad:8b:8c:a4:67:b4:4b:bb:5d:be:82:08:4f:3f:e6:0c:
1c:1a:25:35:c5:0e:f4:12:20:b1:fd:44:68:ef:a2:9b:24:4a:
f2:57:b7:be:c4:24:6e:1e:26:dc:f7:de:46:51:93:70:6e:78:
55:7c:ab:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBO/NVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjI2MWMyNjE3NTZmYTAzYWM1N2QxYmZjNGRiODU2ZWY4MDg5NzVhMB4XDTIyMDIw
ODE1MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY1MWU2MThjMDc0
NWJmMDYzOTc2ZWM4MTk4MTViM2U1NmQ1YWU2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsFcORCQDVANkN5RvEzVWXJJ/TyQRI1PYaCBJnW34TVpw68
OwhvTt8Km+HjDTEoU3aemKGgGfcPQ6A8w4oUe+xpbi2FqtNoNuSERFUqU/RCSWzd
nRNAniNJ1U13M9pYqJgnyY7kczWa0947ut2y1tlLPdjMhdaAdlYalzqM5cZHKVYd
aY/hkgXzm1UyNzqbgDYRuD62+6DOYJykrGREjkzpctl+O/NxRILauAnfXlWN9C2Z
Xzfn//lwu35U/UgfljddfYwD0Dw/XhuyKIVRzlmTjQBYKJk2GnTBiTLdmyd3yfUq
s6O8all2OxiWpYIXD6iM/9Adhj9yBnt6dN1IiksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR2UeYYwHRb8GOXbsgZgVs+VtWubjAfBgNVHSMEGDAWgBQ2JhwmF1b6A6xX
0b/E24Vu+AiXWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05pWWNKaGRXLWdPc1Y5R194TnVGYnZnSWwxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvMGJhYjFmLTkyZDYtNDJmMC1iOTUyLTQ0MmMwODBhZTU0MS8x
L2RsSG1HTUIwV19CamwyN0lHWUZiUGxiVnJtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
MGJhYjFmLTkyZDYtNDJmMC1iOTUyLTQ0MmMwODBhZTU0MS8xL05pWWNKaGRXLWdP
c1Y5R194TnVGYnZnSWwxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkjTjANBgkqhkiG9w0BAQsFAAOC
AQEAejujOj37O6J/J26A6IBDHm9LjF1mjYKB0UcLdR17zP1djFgEkbDdTfNnX7Tw
1LK/EmUj/ZtJllN1YK6a5iZN7Iv9isaWHn4AHFSoOZRE598UWaOWXxDcE7xsN3yJ
LK1Rb3EaZQxpSpx615aqFggCGpzaxpZiQuwxnoW8p8YJpWHLWBZAJhk7Ca/fXlUt
DHBUL/WyA7t0zka0uTBjf4Q9JXYMhtREbNG2WOX52rFX2momlUUMvQ6RTzEr1nW0
DZko2qpox4jUc+Gti4ykZ7RLu12+gghPP+YMHBolNcUO9BIgsf1EaO+imyRK8le3
vsQkbh4m3PfeRlGTcG54VXyrQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:45 2024 by rpki-client on console-fra.rpki-client.org