Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/l8_3yXnyfaHIv9_6D0ls0jd3j8Q.roa
File: l8_3yXnyfaHIv9_6D0ls0jd3j8Q.roa (raw, json)
Hash identifier: yRg3855KPEv5UDlVNbCADHW7brA8amGKC26HD6fwf6s=
Subject key identifier: 97:CF:F7:C9:79:F2:7D:A1:C8:BF:DF:FA:0F:49:6C:D2:37:77:8F:C4
Certificate issuer: /CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Certificate serial: 0E6784F2
Authority key identifier: 35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/l8_3yXnyfaHIv9_6D0ls0jd3j8Q.roa
Signing time: Sat 01 Jan 2022 00:52:46 +0000
ROA not before: Sat 01 Jan 2022 00:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56548
IP address blocks: 185.199.208.0/24 maxlen: 24
185.199.208.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241665266 (0xe6784f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Validity
Not Before: Jan 1 00:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97cff7c979f27da1c8bfdffa0f496cd237778fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:61:8f:a7:58:f4:45:f2:81:2b:a4:2f:9c:af:
b9:35:15:24:31:c8:98:ee:59:77:da:0f:a8:59:79:
ca:50:15:cd:35:2b:46:45:79:71:a8:43:9b:37:55:
cc:c2:2b:07:54:bb:5e:a6:ce:f0:2b:47:d1:1e:81:
f9:d1:b7:e7:14:ee:5e:67:5d:3e:1d:b9:e6:de:3e:
65:3e:ad:13:51:cf:6b:bd:ee:7c:05:35:f3:c1:bd:
0d:2d:cf:d3:56:86:53:f8:ec:06:1f:ea:95:d3:27:
65:cf:9c:71:7a:e0:a2:de:5f:0f:c7:70:86:c8:8b:
6f:69:6f:09:6b:cc:5d:f9:36:d8:97:a6:7b:31:d5:
94:e0:8d:63:e7:b3:7f:9a:d7:f5:27:2a:9d:bd:ae:
98:1d:e8:82:1d:04:d0:d8:8b:7a:b4:fb:e3:e1:1b:
db:4d:cd:aa:44:2f:52:83:35:83:db:ef:a7:3a:1a:
d1:74:70:ae:26:86:af:88:4a:6c:35:9b:f0:bc:4a:
32:cb:c9:b0:2d:66:65:bc:94:f1:10:d9:a6:7c:f0:
57:51:f9:73:17:c7:d8:fa:9c:38:e1:b6:21:f9:21:
52:68:69:66:75:a8:1f:35:9c:af:2b:6c:b6:31:6b:
cd:59:38:33:cb:af:1b:3b:cb:55:54:79:d5:72:e5:
20:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CF:F7:C9:79:F2:7D:A1:C8:BF:DF:FA:0F:49:6C:D2:37:77:8F:C4
X509v3 Authority Key Identifier:
keyid:35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/l8_3yXnyfaHIv9_6D0ls0jd3j8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.208.0/22
Signature Algorithm: sha256WithRSAEncryption
11:31:9e:1b:bb:54:e0:c6:16:cf:e4:4e:a9:0b:6f:77:50:82:
f8:16:db:d3:da:08:e2:cf:46:50:13:5d:db:c1:d9:6c:0e:c4:
66:8f:d2:af:0b:df:60:eb:60:b3:fb:44:4b:94:72:42:b1:34:
4c:6a:bf:26:a5:6e:bb:f8:38:06:1b:de:49:3e:af:e4:03:a9:
62:a7:ff:41:a5:37:21:70:0b:a6:34:7b:00:51:ba:a5:ff:b1:
e6:f7:00:bf:8c:06:0d:01:9e:f9:bf:a8:f4:c6:c1:ea:cc:e9:
cb:83:1f:b3:c5:ae:11:f7:7f:8e:24:d5:74:2f:8a:a2:51:9a:
a4:76:5a:0f:8d:46:cb:42:fc:a5:8c:ba:22:4b:7c:91:fe:81:
f7:37:13:35:ad:21:72:b5:e9:dc:71:75:21:79:8f:89:2b:e3:
e8:68:42:44:94:18:d4:29:91:33:68:12:c8:79:8d:56:a5:68:
83:b4:07:39:2c:b5:17:e1:36:fa:70:31:9d:03:8c:04:53:c8:
ba:35:85:90:71:c5:65:31:e4:88:35:c9:c2:3d:71:f0:32:97:
04:16:40:cb:89:a9:5b:50:7e:ea:e2:7e:64:98:74:d5:ea:2d:
6c:3a:0f:72:f1:9f:22:26:8d:51:15:53:77:83:cf:3f:c9:28:
72:52:4c:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDmeE8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTU4YmI0N2RlMzU0ZTA5ZTBmYzJjYjJjMWZhMTRkNzFkOTI2ZWU4MB4XDTIyMDEw
MTAwNTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdjZmY3Yzk3OWYy
N2RhMWM4YmZkZmZhMGY0OTZjZDIzNzc3OGZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBhj6dY9EXygSukL5yvuTUVJDHImO5Zd9oPqFl5ylAVzTUr
RkV5cahDmzdVzMIrB1S7XqbO8CtH0R6B+dG35xTuXmddPh255t4+ZT6tE1HPa73u
fAU188G9DS3P01aGU/jsBh/qldMnZc+ccXrgot5fD8dwhsiLb2lvCWvMXfk22Jem
ezHVlOCNY+ezf5rX9Scqnb2umB3ogh0E0NiLerT74+Eb203NqkQvUoM1g9vvpzoa
0XRwriaGr4hKbDWb8LxKMsvJsC1mZbyU8RDZpnzwV1H5cxfH2PqcOOG2IfkhUmhp
ZnWoHzWcrytstjFrzVk4M8uvGzvLVVR51XLlIAsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXz/fJefJ9oci/3/oPSWzSN3ePxDAfBgNVHSMEGDAWgBQ1WLtH3jVOCeD8
LLLB+hTXHZJu6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05WaTdSOTQxVGduZ19DeXl3Zm9VMXgyU2J1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvYTBmYWNhLWRiN2YtNGVkOC1iMTFhLWVlYzQ2Y2E4MmEzMy8x
L2w4XzN5WG55ZmFISXY5XzZEMGxzMGpkM2o4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
YTBmYWNhLWRiN2YtNGVkOC1iMTFhLWVlYzQ2Y2E4MmEzMy8xL05WaTdSOTQxVGdu
Z19DeXl3Zm9VMXgyU2J1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnH0DANBgkqhkiG9w0BAQsFAAOC
AQEAETGeG7tU4MYWz+ROqQtvd1CC+Bbb09oI4s9GUBNd28HZbA7EZo/SrwvfYOtg
s/tES5RyQrE0TGq/JqVuu/g4BhveST6v5AOpYqf/QaU3IXALpjR7AFG6pf+x5vcA
v4wGDQGe+b+o9MbB6szpy4Mfs8WuEfd/jiTVdC+KolGapHZaD41Gy0L8pYy6Ikt8
kf6B9zcTNa0hcrXp3HF1IXmPiSvj6GhCRJQY1CmRM2gSyHmNVqVog7QHOSy1F+E2
+nAxnQOMBFPIujWFkHHFZTHkiDXJwj1x8DKXBBZAy4mpW1B+6uJ+ZJh01eotbDoP
cvGfIiaNURVTd4PPP8koclJMzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:51 2024 by rpki-client on console-ams.rpki-client.org