Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tN8G7iZSJe4NAfWs25UXNeH69ws.roa
File: tN8G7iZSJe4NAfWs25UXNeH69ws.roa (raw, json)
Hash identifier: m8qPwHxX6v+VBG3YDIdB6S7ERvvzQ2UjJe3HT4z8ypI=
Subject key identifier: B4:DF:06:EE:26:52:25:EE:0D:01:F5:AC:DB:95:17:35:E1:FA:F7:0B
Certificate issuer: /CN=8b9f258283517df19859388e13bad1ae0268a5fb
Certificate serial: 0A1A5314
Authority key identifier: 8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tN8G7iZSJe4NAfWs25UXNeH69ws.roa
Signing time: Sat 01 Jan 2022 14:58:23 +0000
ROA not before: Sat 01 Jan 2022 14:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31287
IP address blocks: 185.200.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169497364 (0xa1a5314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9f258283517df19859388e13bad1ae0268a5fb
Validity
Not Before: Jan 1 14:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4df06ee265225ee0d01f5acdb951735e1faf70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dc:e0:b7:a6:99:46:07:47:73:ee:34:a7:12:
98:c0:94:e8:87:23:a8:84:e5:d4:db:5a:c8:b4:f7:
d2:7c:76:55:f0:ae:28:5b:70:a5:bc:9b:cd:92:48:
51:71:23:00:73:54:b1:bf:f3:d2:3c:19:42:74:78:
a8:37:4e:6a:e6:29:21:b5:bc:7f:39:5c:82:ad:ef:
44:20:e1:24:94:c8:8f:8c:b2:86:e3:69:5e:d6:52:
62:ac:e9:3b:18:21:bd:40:9a:75:68:b5:01:60:ad:
36:06:16:17:6a:f4:16:29:cc:ae:5b:b7:b2:fb:01:
e0:82:fb:f1:9e:4f:45:31:d5:29:a4:dd:58:2e:65:
e4:dc:d8:81:63:60:af:27:0f:e9:37:7d:74:74:54:
71:15:2b:95:ee:ab:c6:ca:94:bf:27:df:ef:1f:81:
04:a2:26:5d:03:13:7b:cc:75:32:9b:95:da:a3:ca:
d8:55:12:a7:ef:8f:42:a9:20:1e:3d:66:29:b3:c3:
f2:b9:c2:6b:41:98:17:35:55:8e:57:61:1c:b0:00:
19:f5:08:e4:65:ba:96:52:2a:ad:a1:3b:dc:68:30:
47:d6:da:5b:62:98:6f:e9:a7:2f:bc:01:ff:47:6a:
3b:ea:a1:ce:13:ae:af:fa:7a:58:9c:c2:88:7b:45:
47:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DF:06:EE:26:52:25:EE:0D:01:F5:AC:DB:95:17:35:E1:FA:F7:0B
X509v3 Authority Key Identifier:
keyid:8B:9F:25:82:83:51:7D:F1:98:59:38:8E:13:BA:D1:AE:02:68:A5:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i58lgoNRffGYWTiOE7rRrgJopfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/tN8G7iZSJe4NAfWs25UXNeH69ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/528e21-23b2-4436-bc8b-8f5e997ab1b5/1/i58lgoNRffGYWTiOE7rRrgJopfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:8a:86:39:dc:73:5a:c6:51:9d:59:c4:23:e8:db:b9:f6:82:
95:7e:5c:5e:62:71:f7:88:c0:6e:46:82:7c:27:1d:13:9b:15:
77:06:5d:02:08:a7:72:56:e9:eb:69:f3:12:f8:fa:b2:7e:80:
74:39:81:56:8e:4b:28:b2:5b:d8:74:41:16:f2:0d:38:4b:87:
8b:11:cf:6a:7f:e4:f4:52:1f:cf:3e:22:8c:34:77:3a:c2:ab:
b6:a8:14:f7:cd:dc:b5:54:59:47:92:50:81:fc:c2:0f:51:23:
87:b3:e8:4a:a7:e7:0b:e6:24:ca:3f:67:1e:40:2b:dc:eb:e2:
7a:02:b7:d4:1e:7a:88:0b:8f:80:ca:11:5b:46:f2:ea:c2:7e:
7e:b6:1f:ab:43:a3:77:98:f1:31:72:32:e1:46:00:01:4b:1a:
24:d7:ac:78:74:57:dc:48:3f:6a:df:96:ab:5d:00:31:b9:7b:
ce:c8:db:02:59:3f:b1:f7:4b:dd:6b:e4:50:25:15:4d:57:d5:
bd:46:ff:72:d4:a7:94:e4:35:bf:82:22:dc:ee:f8:95:31:87:
1c:73:bc:46:c0:06:65:46:23:28:15:ac:5a:12:0e:76:bd:48:
ad:93:5e:3a:ae:ea:d4:03:ba:e1:05:ce:ff:65:09:84:44:2a:
a0:50:ed:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChpTFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjlmMjU4MjgzNTE3ZGYxOTg1OTM4OGUxM2JhZDFhZTAyNjhhNWZiMB4XDTIyMDEw
MTE0NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRkZjA2ZWUyNjUy
MjVlZTBkMDFmNWFjZGI5NTE3MzVlMWZhZjcwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDc4LemmUYHR3PuNKcSmMCU6IcjqITl1NtayLT30nx2VfCu
KFtwpbybzZJIUXEjAHNUsb/z0jwZQnR4qDdOauYpIbW8fzlcgq3vRCDhJJTIj4yy
huNpXtZSYqzpOxghvUCadWi1AWCtNgYWF2r0FinMrlu3svsB4IL78Z5PRTHVKaTd
WC5l5NzYgWNgrycP6Td9dHRUcRUrle6rxsqUvyff7x+BBKImXQMTe8x1MpuV2qPK
2FUSp++PQqkgHj1mKbPD8rnCa0GYFzVVjldhHLAAGfUI5GW6llIqraE73GgwR9ba
W2KYb+mnL7wB/0dqO+qhzhOur/p6WJzCiHtFR78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS03wbuJlIl7g0B9azblRc14fr3CzAfBgNVHSMEGDAWgBSLnyWCg1F98ZhZ
OI4TutGuAmil+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k1OGxnb05SZmZHWVdUaU9FN3JScmdKb3Bmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8x
L3ROOEc3aVpTSmU0TkFmV3MyNVVYTmVINjl3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NTI4ZTIxLTIzYjItNDQzNi1iYzhiLThmNWU5OTdhYjFiNS8xL2k1OGxnb05SZmZH
WVdUaU9FN3JScmdKb3Bmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnIKDANBgkqhkiG9w0BAQsFAAOC
AQEAaoqGOdxzWsZRnVnEI+jbufaClX5cXmJx94jAbkaCfCcdE5sVdwZdAginclbp
62nzEvj6sn6AdDmBVo5LKLJb2HRBFvINOEuHixHPan/k9FIfzz4ijDR3OsKrtqgU
983ctVRZR5JQgfzCD1Ejh7PoSqfnC+Ykyj9nHkAr3OviegK31B56iAuPgMoRW0by
6sJ+frYfq0Ojd5jxMXIy4UYAAUsaJNeseHRX3Eg/at+Wq10AMbl7zsjbAlk/sfdL
3WvkUCUVTVfVvUb/ctSnlOQ1v4Ii3O74lTGHHHO8RsAGZUYjKBWsWhIOdr1IrZNe
Oq7q1AO64QXO/2UJhEQqoFDtKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:28 2024 by rpki-client on console-ams.rpki-client.org