Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/pACUHLUNDjvaeiaDMFxr2nfcvJo.roa
File: pACUHLUNDjvaeiaDMFxr2nfcvJo.roa (raw, json)
Hash identifier: JfX1D1SZtlggHAO1P5vStm8U6MW02QcHK+rI1cBEdUo=
Subject key identifier: A4:00:94:1C:B5:0D:0E:3B:DA:7A:26:83:30:5C:6B:DA:77:DC:BC:9A
Certificate issuer: /CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Certificate serial: 0185012725E27D03D8A2ACF92E9870F4AF0B
Authority key identifier: 35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/pACUHLUNDjvaeiaDMFxr2nfcvJo.roa
Signing time: Sun 11 Dec 2022 12:27:00 +0000
ROA not before: Sun 11 Dec 2022 12:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201584
IP address blocks: 185.199.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:27:25:e2:7d:03:d8:a2:ac:f9:2e:98:70:f4:af:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3558bb47de354e09e0fc2cb2c1fa14d71d926ee8
Validity
Not Before: Dec 11 12:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a400941cb50d0e3bda7a2683305c6bda77dcbc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:83:8f:a4:d7:6f:0c:10:51:9d:50:75:7a:8b:
03:27:61:d8:fe:b0:1b:25:a2:2e:32:a6:72:77:58:
69:02:cf:c3:8e:6e:09:38:33:ce:b3:29:60:be:9e:
6e:3f:94:98:f0:18:99:59:5e:f8:8e:82:b8:93:16:
59:36:4b:86:a7:20:ae:64:12:36:66:d6:cb:81:92:
9a:c4:b5:eb:a0:93:1c:6c:4b:26:b2:e8:fc:0f:e5:
aa:73:9c:4c:99:a7:6e:e3:40:87:ae:dd:26:d1:64:
e2:73:82:39:f8:56:fe:3f:14:37:c8:84:64:c6:ed:
81:7b:a9:75:5c:9e:b5:8c:8d:f7:6b:16:28:9b:84:
28:bd:5d:77:3f:63:98:ec:87:58:51:f0:e3:d8:1b:
c8:2a:17:19:8c:3f:e5:01:b3:3e:2a:f7:35:28:2b:
7b:3b:52:6a:52:e2:8c:ba:8a:72:75:32:62:74:57:
f7:f1:35:50:ce:8d:93:ab:38:f8:fe:da:61:56:fd:
f8:53:d0:dc:b9:fb:d5:51:9d:d9:f1:88:54:a2:16:
c0:d5:fe:cc:d3:49:a1:d4:aa:e4:cb:5d:31:06:bb:
99:99:89:e2:38:f0:f7:e6:13:e6:aa:50:e6:20:0e:
7a:01:bc:43:51:89:ef:b2:b5:13:af:01:d8:95:6b:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:00:94:1C:B5:0D:0E:3B:DA:7A:26:83:30:5C:6B:DA:77:DC:BC:9A
X509v3 Authority Key Identifier:
keyid:35:58:BB:47:DE:35:4E:09:E0:FC:2C:B2:C1:FA:14:D7:1D:92:6E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVi7R941Tgng_CyywfoU1x2Sbug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/pACUHLUNDjvaeiaDMFxr2nfcvJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a0faca-db7f-4ed8-b11a-eec46ca82a33/1/NVi7R941Tgng_CyywfoU1x2Sbug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.209.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ae:61:0e:84:86:76:92:86:51:6a:f6:23:65:b8:21:7f:1d:
1a:fa:fc:6a:65:5b:18:39:15:26:12:7c:bd:6d:77:3c:14:2e:
ba:22:36:c4:70:78:6c:f4:8b:1c:e5:eb:9b:c9:7c:f7:56:89:
66:55:31:8d:ac:bc:0a:8f:0c:10:81:a5:e8:a4:c7:58:7a:75:
59:ff:49:e6:3e:df:11:73:97:ed:be:e1:0a:0a:15:e5:9e:31:
e3:25:f2:39:08:e9:7b:a7:ec:46:46:a9:67:e5:05:11:23:3c:
99:e7:c0:f6:c9:f8:ed:da:24:0e:f2:24:d2:85:35:3b:ba:eb:
b2:5c:6d:ba:5d:29:eb:8a:81:7c:47:b3:65:62:fa:92:ef:6f:
41:4e:2c:5d:fb:77:18:ce:0c:1c:2a:2e:b4:02:bf:00:ac:34:
2d:4a:1e:2a:c9:74:ba:02:d5:eb:61:b7:7d:d7:73:5b:14:d4:
05:d4:be:23:da:1f:09:57:4c:5b:c4:85:cc:1b:34:cf:c1:6c:
86:56:57:08:25:32:ba:56:80:fa:42:8b:a0:eb:50:d6:a0:ea:
3f:52:58:d9:98:fa:4e:1f:ae:55:cc:b9:95:b6:41:ce:37:ad:
d4:2c:dd:e2:03:22:7b:5a:f2:c6:8b:03:5a:ef:38:28:13:21:
84:64:50:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUBJyXifQPYoqz5Lphw9K8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NThiYjQ3ZGUzNTRlMDllMGZjMmNiMmMxZmExNGQ3MWQ5
MjZlZTgwHhcNMjIxMjExMTIyNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAwOTQxY2I1MGQwZTNiZGE3YTI2ODMzMDVjNmJkYTc3ZGNiYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYOPpNdvDBBRnVB1eosDJ2HY/rAb
JaIuMqZyd1hpAs/Djm4JODPOsylgvp5uP5SY8BiZWV74joK4kxZZNkuGpyCuZBI2
ZtbLgZKaxLXroJMcbEsmsuj8D+Wqc5xMmadu40CHrt0m0WTic4I5+Fb+PxQ3yIRk
xu2Be6l1XJ61jI33axYom4QovV13P2OY7IdYUfDj2BvIKhcZjD/lAbM+Kvc1KCt7
O1JqUuKMuopydTJidFf38TVQzo2Tqzj4/tphVv34U9DcufvVUZ3Z8YhUohbA1f7M
00mh1Krky10xBruZmYniOPD35hPmqlDmIA56AbxDUYnvsrUTrwHYlWuN4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQAlBy1DQ472nomgzBca9p33LyaMB8GA1UdIwQY
MBaAFDVYu0feNU4J4PwsssH6FNcdkm7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEt
ZWVjNDZjYTgyYTMzLzEvcEFDVUhMVU5EanZhZWlhRE1GeHIybmZjdkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMGZhY2EtZGI3Zi00ZWQ4LWIxMWEtZWVjNDZjYTgyYTMz
LzEvTlZpN1I5NDFUZ25nX0N5eXdmb1UxeDJTYnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucfRMA0G
CSqGSIb3DQEBCwUAA4IBAQAyrmEOhIZ2koZRavYjZbghfx0a+vxqZVsYORUmEny9
bXc8FC66IjbEcHhs9Isc5eubyXz3VolmVTGNrLwKjwwQgaXopMdYenVZ/0nmPt8R
c5ftvuEKChXlnjHjJfI5COl7p+xGRqln5QURIzyZ58D2yfjt2iQO8iTShTU7uuuy
XG26XSnrioF8R7NlYvqS729BTixd+3cYzgwcKi60Ar8ArDQtSh4qyXS6AtXrYbd9
13NbFNQF1L4j2h8JV0xbxIXMGzTPwWyGVlcIJTK6VoD6Qoug61DWoOo/UljZmPpO
H65VzLmVtkHON63ULN3iAyJ7WvLGiwNa7zgoEyGEZFDo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:51 2024 by rpki-client on console-ams.rpki-client.org