Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/yWIDy9kC1XNyr7NzVxOYLKYODsU.roa
File: yWIDy9kC1XNyr7NzVxOYLKYODsU.roa (raw, json)
Hash identifier: hZ7puXA+A9gx0skojAzF1Smt1NhOcULXiO/oTx5R0nU=
Subject key identifier: C9:62:03:CB:D9:02:D5:73:72:AF:B3:73:57:13:98:2C:A6:0E:0E:C5
Certificate issuer: /CN=108e1a53b1eb11d821be966dfa4af17f70cc08bd
Certificate serial: 0436E506
Authority key identifier: 10:8E:1A:53:B1:EB:11:D8:21:BE:96:6D:FA:4A:F1:7F:70:CC:08:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EI4aU7HrEdghvpZt-krxf3DMCL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/yWIDy9kC1XNyr7NzVxOYLKYODsU.roa
Signing time: Wed 09 Feb 2022 18:46:19 +0000
ROA not before: Wed 09 Feb 2022 18:46:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58286
IP address blocks: 185.240.226.0/24 maxlen: 24
185.240.224.0/24 maxlen: 24
185.240.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70706438 (0x436e506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=108e1a53b1eb11d821be966dfa4af17f70cc08bd
Validity
Not Before: Feb 9 18:46:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c96203cbd902d57372afb3735713982ca60e0ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:65:92:5d:b6:57:52:76:b5:46:67:03:58:21:
8b:12:b7:99:93:ec:6c:24:c9:16:1a:04:64:8f:54:
47:41:ff:a3:78:21:2d:07:32:f3:82:87:d3:58:ca:
9c:4b:ad:a3:df:02:44:0f:1f:e8:a9:2d:c9:12:1a:
9c:e0:fd:da:6d:b6:b0:c7:5e:7d:ca:5b:11:22:8c:
74:25:fd:92:b9:65:22:bb:75:3e:e7:27:19:91:7a:
de:f3:89:6d:9e:7b:52:fb:ce:6a:26:e2:ce:a9:c7:
25:f6:1b:8f:a3:16:c9:3e:9f:15:c6:b8:7f:83:5f:
91:e8:34:2d:b0:7b:cf:65:f5:c4:d2:d4:35:c0:4e:
d6:19:f4:8e:de:14:56:0d:49:0d:ec:90:b4:2e:6e:
0d:46:2f:9e:d5:c5:97:25:e9:35:56:a4:b7:95:84:
53:78:21:a8:a5:18:32:71:e0:7b:12:52:b8:10:2f:
fc:d2:a1:0a:65:67:8b:00:e1:94:2d:f0:57:42:23:
21:4e:c9:65:f6:63:68:ba:22:27:39:78:e4:d5:3a:
90:65:6e:92:b4:18:62:3a:ec:f7:38:c8:b6:8b:a2:
0c:9c:4e:b0:60:d8:c8:a0:4a:92:da:a5:09:18:b5:
44:18:32:45:d7:a3:86:07:4e:6f:e2:f1:43:81:48:
55:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:62:03:CB:D9:02:D5:73:72:AF:B3:73:57:13:98:2C:A6:0E:0E:C5
X509v3 Authority Key Identifier:
keyid:10:8E:1A:53:B1:EB:11:D8:21:BE:96:6D:FA:4A:F1:7F:70:CC:08:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EI4aU7HrEdghvpZt-krxf3DMCL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/yWIDy9kC1XNyr7NzVxOYLKYODsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/EI4aU7HrEdghvpZt-krxf3DMCL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.224.0/24
185.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:9b:bb:27:6d:e4:7b:83:f9:8b:d3:28:8c:04:98:5e:54:c4:
42:e2:69:68:92:36:9e:63:99:8f:8b:68:04:af:e7:9a:3b:92:
60:3e:0a:84:b1:3f:6c:c4:9f:3f:93:5c:6b:84:f1:c0:02:7c:
13:22:86:d4:a7:74:de:76:9d:4a:0a:d7:4e:16:b4:a7:74:56:
1d:c3:7d:03:dd:8c:17:2f:93:35:e8:44:28:e0:7a:b8:2c:a6:
9c:59:fc:ef:73:fc:b3:37:43:aa:12:94:10:c7:19:92:24:93:
b4:43:92:58:5d:91:6d:b1:7e:80:43:62:3f:61:04:8d:ed:4a:
b5:0a:e3:52:1a:b3:10:83:21:c4:4b:d9:42:7f:a0:0d:6c:f0:
68:a7:61:03:27:d7:57:79:57:bf:02:d6:1a:76:4d:9f:51:6f:
7b:c5:0a:e8:c0:d1:13:67:a7:19:3d:2d:86:63:88:04:3f:fe:
28:57:74:6f:ec:1c:40:c4:bb:90:fa:e8:61:19:81:ba:22:69:
dd:53:86:28:04:56:f8:79:f5:5e:ef:3b:25:8c:4e:5a:12:2e:
2d:b1:0c:84:7e:fd:68:df:eb:f4:36:d7:eb:2c:da:1d:27:88:
a0:c4:e8:75:8b:fb:ae:70:63:a5:43:bf:cd:c7:84:2b:3c:13:
49:c2:60:f0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBDblBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDhlMWE1M2IxZWIxMWQ4MjFiZTk2NmRmYTRhZjE3ZjcwY2MwOGJkMB4XDTIyMDIw
OTE4NDYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk2MjAzY2JkOTAy
ZDU3MzcyYWZiMzczNTcxMzk4MmNhNjBlMGVjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBlkl22V1J2tUZnA1ghixK3mZPsbCTJFhoEZI9UR0H/o3gh
LQcy84KH01jKnEuto98CRA8f6KktyRIanOD92m22sMdefcpbESKMdCX9krllIrt1
PucnGZF63vOJbZ57UvvOaibizqnHJfYbj6MWyT6fFca4f4Nfkeg0LbB7z2X1xNLU
NcBO1hn0jt4UVg1JDeyQtC5uDUYvntXFlyXpNVakt5WEU3ghqKUYMnHgexJSuBAv
/NKhCmVniwDhlC3wV0IjIU7JZfZjaLoiJzl45NU6kGVukrQYYjrs9zjItouiDJxO
sGDYyKBKktqlCRi1RBgyRdejhgdOb+LxQ4FIVWkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTJYgPL2QLVc3Kvs3NXE5gspg4OxTAfBgNVHSMEGDAWgBQQjhpTsesR2CG+
lm36SvF/cMwIvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VJNGFVN0hyRWRnaHZwWnQta3J4ZjNETUNMMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvNzQxNjY4LWQyZTUtNGVhMi1hNTVhLWE3NTE0ZmM0ZWI0OC8x
L3lXSUR5OWtDMVhOeXI3TnpWeE9ZTEtZT0RzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
NzQxNjY4LWQyZTUtNGVhMi1hNTVhLWE3NTE0ZmM0ZWI0OC8xL0VJNGFVN0hyRWRn
aHZwWnQta3J4ZjNETUNMMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnw4AMEAbnw4jANBgkqhkiG9w0B
AQsFAAOCAQEAO5u7J23ke4P5i9MojASYXlTEQuJpaJI2nmOZj4toBK/nmjuSYD4K
hLE/bMSfP5Nca4TxwAJ8EyKG1Kd03nadSgrXTha0p3RWHcN9A92MFy+TNehEKOB6
uCymnFn873P8szdDqhKUEMcZkiSTtEOSWF2RbbF+gENiP2EEje1KtQrjUhqzEIMh
xEvZQn+gDWzwaKdhAyfXV3lXvwLWGnZNn1Fve8UK6MDRE2enGT0thmOIBD/+KFd0
b+wcQMS7kProYRmBuiJp3VOGKARW+Hn1Xu87JYxOWhIuLbEMhH79aN/r9DbX6yza
HSeIoMTodYv7rnBjpUO/zceEKzwTScJg8A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:42 2023 by rpki-client on console.sobornost.net