Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/8GvjMzoWpJ27tHPuwLY51EPpL4g.roa
File: 8GvjMzoWpJ27tHPuwLY51EPpL4g.roa (raw, json)
Hash identifier: B3PrUGvSNS+m5rUkBfJ34rm8+ugcZj2sDNz2q4mryrA=
Subject key identifier: F0:6B:E3:33:3A:16:A4:9D:BB:B4:73:EE:C0:B6:39:D4:43:E9:2F:88
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 01857169B8AA63B49125D42A10A5F1430394
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/8GvjMzoWpJ27tHPuwLY51EPpL4g.roa
Signing time: Mon 02 Jan 2023 07:37:11 +0000
ROA not before: Mon 02 Jan 2023 07:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202264
IP address blocks: 185.40.216.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:b8:aa:63:b4:91:25:d4:2a:10:a5:f1:43:03:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Jan 2 07:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f06be3333a16a49dbbb473eec0b639d443e92f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bb:5d:3e:27:44:df:66:a6:52:17:6e:f8:ec:
97:26:7b:9b:8c:bd:4b:e8:f3:c7:3f:6a:21:79:c0:
b1:61:3c:13:48:cb:e7:6a:44:19:3b:d3:40:3e:23:
7c:4d:36:0c:65:94:5b:1b:21:2e:e3:e1:9e:ce:3e:
95:72:38:b1:8b:32:b2:b4:1d:49:78:cd:0b:e1:a4:
e9:cc:48:b4:83:46:fe:f9:1c:1e:ad:bf:77:e1:2d:
59:61:19:60:fc:e9:69:c3:81:89:b7:25:4a:c9:77:
20:42:33:27:ae:24:a2:32:09:9d:3b:a2:2a:d0:a4:
7d:c8:1c:c1:ef:70:5e:32:d5:3a:b6:27:21:56:80:
26:d9:07:fb:72:7e:46:b0:3b:a9:e6:c1:e7:1f:23:
de:29:69:7d:a8:17:35:4b:8f:51:8d:e6:ed:c9:67:
d5:b7:d5:4e:11:bc:44:98:a4:19:f8:7d:6e:d2:58:
d3:5f:23:8a:ab:fc:c3:c8:f9:fb:93:1f:1e:73:39:
66:4a:84:06:ce:56:0c:5a:0d:7d:f9:3a:b9:e4:dc:
26:ac:11:3c:c0:e3:99:49:38:f8:8f:d9:63:91:8d:
88:59:27:70:3f:57:9e:ad:31:95:9d:d0:fd:32:e3:
05:11:e2:74:22:58:90:2a:a5:b4:3e:16:31:da:c9:
a9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6B:E3:33:3A:16:A4:9D:BB:B4:73:EE:C0:B6:39:D4:43:E9:2F:88
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/8GvjMzoWpJ27tHPuwLY51EPpL4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.216.0/22
Signature Algorithm: sha256WithRSAEncryption
73:c4:d9:1d:fa:2a:0b:c1:01:24:ab:a1:9e:6c:ba:95:5f:0b:
ca:aa:74:ff:8a:27:72:61:5e:cf:03:50:63:1e:15:88:42:75:
43:bd:12:81:90:b8:47:6c:17:2f:61:5e:44:52:fb:2f:33:01:
77:d3:cf:f5:2a:ee:d4:b9:21:36:42:28:64:ea:f4:be:37:93:
56:d0:d1:c7:7d:8b:c2:9e:2c:54:98:46:cd:34:14:d4:bf:70:
2a:b7:ec:82:4b:a1:d4:0d:be:31:b0:e0:8c:45:90:06:0c:e1:
71:41:e8:f6:a8:af:a9:25:24:4a:42:7e:11:2a:94:95:a9:3d:
f6:5c:b3:1d:e2:fa:1a:9a:84:79:dc:e3:cd:91:e1:e6:3e:7a:
8c:94:d8:44:87:1d:8a:e6:ec:86:27:6a:02:c2:4c:da:ad:7e:
30:5b:6f:ae:4a:f5:7b:e7:9a:12:41:28:58:e3:e4:5b:bb:36:
ef:64:ae:40:8f:81:a3:db:90:5a:45:a1:c4:16:95:d3:cd:ff:
5e:3c:cc:8e:e1:2a:45:ef:e7:e3:9c:86:30:59:22:73:23:2f:
74:71:f6:75:8a:28:0f:41:4d:42:6f:b3:fc:81:c5:a8:75:2c:
1f:de:a7:30:1d:55:8d:d7:e7:57:d1:9b:cc:4b:06:e7:47:ea:
36:ab:98:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxabiqY7SRJdQqEKXxQwOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWJmNWE0NzRhZmU3MjEyMzMxNjcwZTgzMWUxMTlkYTM4
ZjI4NGYwHhcNMjMwMTAyMDczNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZiZTMzMzNhMTZhNDlkYmJiNDczZWVjMGI2MzlkNDQzZTkyZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibtdPidE32amUhdu+OyXJnubjL1L
6PPHP2ohecCxYTwTSMvnakQZO9NAPiN8TTYMZZRbGyEu4+Gezj6VcjixizKytB1J
eM0L4aTpzEi0g0b++Rwerb934S1ZYRlg/Olpw4GJtyVKyXcgQjMnriSiMgmdO6Iq
0KR9yBzB73BeMtU6tichVoAm2Qf7cn5GsDup5sHnHyPeKWl9qBc1S49RjebtyWfV
t9VOEbxEmKQZ+H1u0ljTXyOKq/zDyPn7kx8eczlmSoQGzlYMWg19+Tq55NwmrBE8
wOOZSTj4j9ljkY2IWSdwP1eerTGVndD9MuMFEeJ0IliQKqW0PhYx2smpVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBr4zM6FqSdu7Rz7sC2OdRD6S+IMB8GA1UdIwQY
MBaAFL+r9aR0r+chIzFnDoMeEZ2jjyhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWIt
ZmViYmM0YTNiNDViLzEvOEd2ak16b1dwSjI3dEhQdXdMWTUxRVBwTDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWItZmViYmM0YTNiNDVi
LzEvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSjYMA0G
CSqGSIb3DQEBCwUAA4IBAQBzxNkd+ioLwQEkq6GebLqVXwvKqnT/iidyYV7PA1Bj
HhWIQnVDvRKBkLhHbBcvYV5EUvsvMwF308/1Ku7UuSE2Qihk6vS+N5NW0NHHfYvC
nixUmEbNNBTUv3Aqt+yCS6HUDb4xsOCMRZAGDOFxQej2qK+pJSRKQn4RKpSVqT32
XLMd4voamoR53OPNkeHmPnqMlNhEhx2K5uyGJ2oCwkzarX4wW2+uSvV755oSQShY
4+RbuzbvZK5Aj4Gj25BaRaHEFpXTzf9ePMyO4SpF7+fjnIYwWSJzIy90cfZ1iigP
QU1Cb7P8gcWodSwf3qcwHVWN1+dX0ZvMSwbnR+o2q5iN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org