Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/nAU5b0DXcbVIVIrCr797Ps4DQTk.roa
File: nAU5b0DXcbVIVIrCr797Ps4DQTk.roa (raw, json)
Hash identifier: Foc3H+0ebctPWX2s8HrWgnrbb/1jyAfIFuXtIvLgjFI=
Subject key identifier: 9C:05:39:6F:40:D7:71:B5:48:54:8A:C2:AF:BF:7B:3E:CE:03:41:39
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 0AC726A3
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/nAU5b0DXcbVIVIrCr797Ps4DQTk.roa
Signing time: Mon 04 Apr 2022 13:15:25 +0000
ROA not before: Mon 04 Apr 2022 13:15:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202264
IP address blocks: 185.40.216.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180823715 (0xac726a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Apr 4 13:15:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c05396f40d771b548548ac2afbf7b3ece034139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:00:87:67:50:29:ff:3d:4d:bd:66:8d:42:
67:7c:5b:d9:96:35:8e:45:9b:6c:25:0b:c3:43:16:
53:31:69:cc:98:7e:4f:3a:28:b5:86:61:fc:e7:71:
90:fe:22:fe:a4:16:15:94:90:c3:df:6d:cf:ac:45:
d0:f7:aa:17:7f:f5:86:52:d3:58:ce:dd:ed:9c:36:
74:d5:fe:a6:cb:f2:9d:08:8f:7e:71:ab:52:8f:c6:
59:cd:6a:b3:ef:02:b1:d4:09:a4:92:2b:6c:a7:e8:
a6:72:2d:db:cf:41:65:1f:23:e2:b5:e0:cd:64:50:
6b:5e:6b:2a:42:31:5b:14:a9:65:47:b2:00:75:1c:
6b:21:1f:8b:d4:20:a5:a9:93:b0:1e:ff:d1:db:9a:
ed:a8:8c:34:c9:9b:c2:2c:9c:08:3d:2a:4e:aa:48:
43:db:51:43:21:ca:4f:a8:ca:23:d7:a4:9d:c2:3b:
97:2a:52:cd:4c:58:81:f4:e3:ad:91:bd:79:63:5e:
3e:53:c0:f6:66:20:7e:45:44:df:03:7a:2b:67:bf:
af:d0:0c:32:1d:ad:db:99:05:d9:0f:f1:91:5d:e9:
e7:83:f6:75:de:e3:33:1e:70:d4:fc:70:22:38:94:
45:51:2b:6c:df:de:7a:17:a2:48:74:c3:6c:16:bd:
11:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:05:39:6F:40:D7:71:B5:48:54:8A:C2:AF:BF:7B:3E:CE:03:41:39
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/nAU5b0DXcbVIVIrCr797Ps4DQTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.216.0/22
Signature Algorithm: sha256WithRSAEncryption
81:72:98:a5:e2:2a:bd:30:c6:7f:90:c1:91:13:e4:f2:73:be:
07:b6:89:2f:54:b8:36:dd:11:73:92:6c:a8:98:f2:61:ba:44:
5b:01:ae:03:16:ae:c9:7d:7c:b0:95:3f:67:47:5b:a6:57:a4:
91:3d:40:32:0d:67:39:86:b4:4b:c6:8d:52:72:c4:60:65:78:
29:d6:b9:2e:3a:00:4d:52:ea:58:b5:ab:40:cb:d4:7e:c7:84:
f6:53:80:42:bf:43:a3:28:1a:7a:41:8c:53:20:c5:71:ff:25:
cf:50:e4:af:53:31:ef:95:97:f1:67:e0:88:54:d1:3a:9e:23:
75:39:1a:13:ee:a6:2f:ab:95:22:13:13:60:72:e7:97:9f:93:
38:69:2e:73:12:bf:0b:62:fe:27:63:1e:64:26:b1:b2:b3:d9:
f3:62:ca:a5:7b:66:88:95:a6:7b:30:7d:a3:a5:05:16:e2:69:
5a:7b:64:a0:99:9b:a7:07:a8:65:a1:08:ed:f4:29:9b:c5:d6:
76:cd:2b:7b:f9:cf:57:1f:a7:f8:d3:de:61:c4:52:0c:84:f1:
0b:da:84:cd:2e:ee:d1:10:82:34:82:0a:64:b4:01:87:fc:64:
8b:77:55:90:36:d4:99:97:83:83:3d:89:a4:3a:22:ec:a9:e9:
4d:b6:7b:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECscmozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmFiZjVhNDc0YWZlNzIxMjMzMTY3MGU4MzFlMTE5ZGEzOGYyODRmMB4XDTIyMDQw
NDEzMTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMwNTM5NmY0MGQ3
NzFiNTQ4NTQ4YWMyYWZiZjdiM2VjZTAzNDEzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4zAIdnUCn/PU29Zo1CZ3xb2ZY1jkWbbCULw0MWUzFpzJh+
TzootYZh/OdxkP4i/qQWFZSQw99tz6xF0PeqF3/1hlLTWM7d7Zw2dNX+psvynQiP
fnGrUo/GWc1qs+8CsdQJpJIrbKfopnIt289BZR8j4rXgzWRQa15rKkIxWxSpZUey
AHUcayEfi9QgpamTsB7/0dua7aiMNMmbwiycCD0qTqpIQ9tRQyHKT6jKI9ekncI7
lypSzUxYgfTjrZG9eWNePlPA9mYgfkVE3wN6K2e/r9AMMh2t25kF2Q/xkV3p54P2
dd7jMx5w1PxwIjiURVErbN/eeheiSHTDbBa9ETcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBScBTlvQNdxtUhUisKvv3s+zgNBOTAfBgNVHSMEGDAWgBS/q/WkdK/nISMx
Zw6DHhGdo48oTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y2djFwSFN2NXlFak1XY09neDRSbmFPUEtFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8x
L25BVTViMERYY2JWSVZJckNyNzk3UHM0RFFUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8xL3Y2djFwSFN2NXlF
ak1XY09neDRSbmFPUEtFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArko2DANBgkqhkiG9w0BAQsFAAOC
AQEAgXKYpeIqvTDGf5DBkRPk8nO+B7aJL1S4Nt0Rc5JsqJjyYbpEWwGuAxauyX18
sJU/Z0dbplekkT1AMg1nOYa0S8aNUnLEYGV4Kda5LjoATVLqWLWrQMvUfseE9lOA
Qr9DoygaekGMUyDFcf8lz1Dkr1Mx75WX8WfgiFTROp4jdTkaE+6mL6uVIhMTYHLn
l5+TOGkucxK/C2L+J2MeZCaxsrPZ82LKpXtmiJWmezB9o6UFFuJpWntkoJmbpweo
ZaEI7fQpm8XWds0re/nPVx+n+NPeYcRSDITxC9qEzS7u0RCCNIIKZLQBh/xki3dV
kDbUmZeDgz2JpDoi7KnpTbZ7Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org