Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/P48GDI5jlnQ2ce18NxqbYEfgVbI.roa
File: P48GDI5jlnQ2ce18NxqbYEfgVbI.roa (raw, json)
Hash identifier: zfRxwqH5d69DLJqHoiaX05JTjSfb52dPTNu7lE1lO1s=
Subject key identifier: 3F:8F:06:0C:8E:63:96:74:36:71:ED:7C:37:1A:9B:60:47:E0:55:B2
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 018313F28402E7D02F2132F9FD4CEB616A61
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/P48GDI5jlnQ2ce18NxqbYEfgVbI.roa
Signing time: Tue 06 Sep 2022 17:56:44 +0000
ROA not before: Tue 06 Sep 2022 17:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204478
IP address blocks: 185.108.244.0/22 maxlen: 22
185.70.68.0/22 maxlen: 22
185.41.76.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:f2:84:02:e7:d0:2f:21:32:f9:fd:4c:eb:61:6a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Sep 6 17:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f8f060c8e6396743671ed7c371a9b6047e055b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d2:f8:7c:3f:f0:bc:5d:73:f6:83:19:54:ec:
a2:ca:be:5b:34:8c:54:bb:49:98:1d:1e:c4:04:f7:
cb:4e:3f:32:94:2f:4a:43:b0:ec:bd:ea:1f:ae:61:
a9:60:4f:c8:a4:90:f9:80:7f:2f:bf:50:46:3b:3d:
b1:a3:00:96:c9:b6:06:92:01:ae:bb:1c:74:7d:8b:
8f:3d:74:fe:27:11:92:b6:a0:00:03:a6:d6:0e:01:
e5:89:0c:7d:10:c9:7b:5d:cd:e3:79:94:f0:f9:be:
ae:ae:3a:1a:7b:15:f1:23:2b:5a:63:c0:48:85:d2:
cf:43:70:d8:ab:48:87:82:9a:3c:ed:3e:4b:dc:16:
20:6c:f6:b1:05:05:5b:f9:eb:25:43:a4:5a:5f:3e:
b4:ca:a8:18:db:22:2a:b6:40:2e:06:20:b0:73:c3:
21:d2:6c:44:af:98:99:58:e1:05:32:43:32:15:06:
35:58:43:2e:84:44:0a:41:7f:9b:4d:6a:10:18:60:
23:da:55:92:15:21:87:25:da:66:e9:e7:ed:df:db:
ba:d8:ee:38:c5:3b:d0:c3:e7:c2:16:20:ab:6a:8e:
c4:77:54:85:ab:ff:94:24:ea:89:33:2b:ef:fa:e1:
70:1f:69:42:53:c3:88:61:a6:1c:87:ba:76:39:ac:
76:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8F:06:0C:8E:63:96:74:36:71:ED:7C:37:1A:9B:60:47:E0:55:B2
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/P48GDI5jlnQ2ce18NxqbYEfgVbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.76.0/22
185.70.68.0/22
185.108.244.0/22
Signature Algorithm: sha256WithRSAEncryption
82:9d:aa:a2:4c:f3:57:df:86:c7:34:46:39:58:ca:78:72:9d:
3e:5d:85:d9:45:f8:4e:7c:3b:8d:15:bb:27:3e:34:56:90:c1:
7a:e6:6d:25:46:5a:97:e7:ac:f4:64:33:77:76:dc:a3:2a:37:
22:75:64:47:5d:81:94:25:10:a6:2f:82:8d:34:f5:17:09:27:
f4:cc:9c:e7:fd:95:86:4c:72:b4:ab:02:3d:ef:ac:0e:94:f8:
22:ae:aa:34:94:71:9e:39:ce:a9:78:ed:5b:c6:d7:d8:bd:00:
4b:c7:a5:a1:ab:c0:c9:83:75:79:4b:6f:7a:51:82:92:79:b6:
1d:0e:b9:db:00:a6:76:89:63:17:cf:a8:97:74:6e:95:90:af:
d9:9c:34:bf:5b:0d:28:cf:a8:06:fc:20:97:0d:1c:fe:ff:f1:
95:f7:43:04:60:1b:30:8e:8e:7a:f0:d9:82:42:92:ae:8c:18:
a7:3f:8e:8f:f2:a9:64:1e:28:91:55:5a:6e:ac:b9:b5:8c:56:
b3:57:6c:03:41:5c:c0:1c:8f:66:a5:e5:06:5d:b9:35:46:38:
e0:73:dd:5a:ae:3e:20:f1:e5:e4:44:9d:09:1b:17:c5:ec:95:
b3:5f:17:af:a5:b0:fe:f0:a0:c0:47:b0:fd:b2:d9:a2:d3:1d:
61:71:79:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMT8oQC59AvITL5/UzrYWphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWJmNWE0NzRhZmU3MjEyMzMxNjcwZTgzMWUxMTlkYTM4
ZjI4NGYwHhcNMjIwOTA2MTc1NjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhmMDYwYzhlNjM5Njc0MzY3MWVkN2MzNzFhOWI2MDQ3ZTA1NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztL4fD/wvF1z9oMZVOyiyr5bNIxU
u0mYHR7EBPfLTj8ylC9KQ7DsveofrmGpYE/IpJD5gH8vv1BGOz2xowCWybYGkgGu
uxx0fYuPPXT+JxGStqAAA6bWDgHliQx9EMl7Xc3jeZTw+b6urjoaexXxIytaY8BI
hdLPQ3DYq0iHgpo87T5L3BYgbPaxBQVb+eslQ6RaXz60yqgY2yIqtkAuBiCwc8Mh
0mxEr5iZWOEFMkMyFQY1WEMuhEQKQX+bTWoQGGAj2lWSFSGHJdpm6eft39u62O44
xTvQw+fCFiCrao7Ed1SFq/+UJOqJMyvv+uFwH2lCU8OIYaYch7p2Oax28wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+PBgyOY5Z0NnHtfDcam2BH4FWyMB8GA1UdIwQY
MBaAFL+r9aR0r+chIzFnDoMeEZ2jjyhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWIt
ZmViYmM0YTNiNDViLzEvUDQ4R0RJNWpsblEyY2UxOE54cWJZRWZnVmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWItZmViYmM0YTNiNDVi
LzEvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSlMAwQC
uUZEAwQCuWz0MA0GCSqGSIb3DQEBCwUAA4IBAQCCnaqiTPNX34bHNEY5WMp4cp0+
XYXZRfhOfDuNFbsnPjRWkMF65m0lRlqX56z0ZDN3dtyjKjcidWRHXYGUJRCmL4KN
NPUXCSf0zJzn/ZWGTHK0qwI976wOlPgirqo0lHGeOc6peO1bxtfYvQBLx6Whq8DJ
g3V5S296UYKSebYdDrnbAKZ2iWMXz6iXdG6VkK/ZnDS/Ww0oz6gG/CCXDRz+//GV
90MEYBswjo568NmCQpKujBinP46P8qlkHiiRVVpurLm1jFazV2wDQVzAHI9mpeUG
Xbk1Rjjgc91arj4g8eXkRJ0JGxfF7JWzXxevpbD+8KDAR7D9stmi0x1hcXnp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org