Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/n0n0OvHwkyZ0mjmV82YEa634Z6k.roa
File: n0n0OvHwkyZ0mjmV82YEa634Z6k.roa (raw, json)
Hash identifier: iHMEzJSQEfDkkSu7qhPvyTHgNGv+P5BWtbpY0qnPsJ0=
Subject key identifier: 9F:49:F4:3A:F1:F0:93:26:74:9A:39:95:F3:66:04:6B:AD:F8:67:A9
Certificate issuer: /CN=6531785b623492ed0c99ed79c7db7404ad4cb171
Certificate serial: E8DF
Authority key identifier: 65:31:78:5B:62:34:92:ED:0C:99:ED:79:C7:DB:74:04:AD:4C:B1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZTF4W2I0ku0Mme15x9t0BK1MsXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/n0n0OvHwkyZ0mjmV82YEa634Z6k.roa
Signing time: Tue 19 Apr 2022 11:27:40 +0000
ROA not before: Tue 19 Apr 2022 11:27:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 185.178.228.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59615 (0xe8df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6531785b623492ed0c99ed79c7db7404ad4cb171
Validity
Not Before: Apr 19 11:27:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f49f43af1f09326749a3995f366046badf867a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5a:13:ae:c3:d4:45:ac:c3:6f:c3:86:a7:11:
98:a2:e5:25:df:d5:f2:36:bc:4a:2f:56:31:77:e1:
00:dd:f0:fa:2c:d5:1c:b1:8a:2b:e4:0f:c0:2e:c4:
12:de:d6:6e:3a:f7:81:25:5b:31:0a:11:6e:b7:36:
2e:cd:c9:53:05:93:f8:04:8f:16:60:39:e4:2f:2c:
56:4a:39:8e:e5:45:1c:dd:70:ec:18:30:07:83:2e:
30:e1:e5:cf:73:e8:1b:3f:6a:17:79:bb:44:c3:47:
b9:02:99:ef:c2:1c:3a:2b:34:32:c8:e0:96:d9:b4:
44:6a:8d:c6:57:22:be:66:2a:77:c3:9c:ef:e8:f8:
0d:6c:4e:3b:e2:16:4c:c2:42:31:03:c3:8a:ba:7d:
86:4e:df:29:96:e9:58:9c:48:f2:35:6c:37:bc:07:
7b:3a:ba:0a:b7:e8:9b:54:f9:e3:a1:c2:4b:b7:c7:
7a:a7:03:7e:1c:a7:d1:73:e5:95:c6:4a:47:95:62:
41:dc:da:fe:23:f5:f8:8c:f9:d3:ed:2e:86:9a:f6:
3f:7b:1c:ac:96:a6:96:a4:e5:22:0d:f5:78:80:38:
ca:9a:f0:3e:4c:01:1c:a7:7f:67:a0:89:7a:90:61:
6d:39:e2:70:e8:68:a4:e8:21:2e:88:5f:63:9a:79:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:49:F4:3A:F1:F0:93:26:74:9A:39:95:F3:66:04:6B:AD:F8:67:A9
X509v3 Authority Key Identifier:
keyid:65:31:78:5B:62:34:92:ED:0C:99:ED:79:C7:DB:74:04:AD:4C:B1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTF4W2I0ku0Mme15x9t0BK1MsXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/n0n0OvHwkyZ0mjmV82YEa634Z6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1b1db0-cee4-441b-93e3-126ce081529a/1/ZTF4W2I0ku0Mme15x9t0BK1MsXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.228.0/22
Signature Algorithm: sha256WithRSAEncryption
30:b0:d1:8d:f8:3a:0a:a8:c1:51:17:cc:67:6b:c5:ef:58:8f:
de:c9:4c:cc:99:8f:36:cb:00:bd:a5:8f:cb:ba:8a:8e:7d:21:
30:f9:62:31:e3:c1:f9:ef:d2:f4:93:ab:64:17:91:77:1c:e3:
1e:a2:e9:1d:2e:49:48:a1:d0:63:31:25:f6:4d:bb:07:89:f4:
5e:35:be:73:e3:62:09:95:8b:77:82:1c:16:79:10:60:87:0f:
99:0a:ef:24:77:47:34:01:f6:5f:b8:05:a0:b8:52:d7:f9:7b:
d9:66:bb:79:aa:c0:37:02:3e:b0:37:5b:cc:8a:4f:06:67:62:
30:b4:38:08:e5:62:56:a3:61:d2:e5:0c:87:69:b9:21:f7:14:
c7:31:8e:49:f0:35:e4:12:fe:80:4f:b8:9f:b2:72:dd:f1:a3:
48:f9:de:d6:91:06:14:7e:fe:5a:c0:99:a3:17:2c:0f:b0:e6:
8b:80:1d:48:e7:6e:1b:a2:f1:e3:c4:37:4b:00:a8:27:0a:10:
14:de:2c:1a:45:c5:a4:52:ac:4b:4b:d6:bd:3b:d7:dc:27:21:
e6:8d:c6:94:61:cd:a8:bd:6d:d4:04:3c:ef:ed:de:b2:da:e4:
e3:6f:f0:43:4f:7d:c7:58:75:00:c7:f4:e9:f5:2e:50:ef:5e:
7e:4a:2d:55
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAOjfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY1
MzE3ODViNjIzNDkyZWQwYzk5ZWQ3OWM3ZGI3NDA0YWQ0Y2IxNzEwHhcNMjIwNDE5
MTEyNzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZjQ5ZjQzYWYxZjA5
MzI2NzQ5YTM5OTVmMzY2MDQ2YmFkZjg2N2E5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtloTrsPURazDb8OGpxGYouUl39XyNrxKL1Yxd+EA3fD6LNUc
sYor5A/ALsQS3tZuOveBJVsxChFutzYuzclTBZP4BI8WYDnkLyxWSjmO5UUc3XDs
GDAHgy4w4eXPc+gbP2oXebtEw0e5Apnvwhw6KzQyyOCW2bREao3GVyK+Zip3w5zv
6PgNbE474hZMwkIxA8OKun2GTt8plulYnEjyNWw3vAd7OroKt+ibVPnjocJLt8d6
pwN+HKfRc+WVxkpHlWJB3Nr+I/X4jPnT7S6GmvY/exyslqaWpOUiDfV4gDjKmvA+
TAEcp39noIl6kGFtOeJw6Gik6CEuiF9jmnm6VQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJ9J9Drx8JMmdJo5lfNmBGut+GepMB8GA1UdIwQYMBaAFGUxeFtiNJLtDJnt
ecfbdAStTLFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WlRGNFcySTBrdTBNbWUxNXg5dDBCSzFNc1hFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy8xYjFkYjAtY2VlNC00NDFiLTkzZTMtMTI2Y2UwODE1MjlhLzEv
bjBuME92SHdreVowbWptVjgyWUVhNjM0WjZrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8x
YjFkYjAtY2VlNC00NDFiLTkzZTMtMTI2Y2UwODE1MjlhLzEvWlRGNFcySTBrdTBN
bWUxNXg5dDBCSzFNc1hFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubLkMA0GCSqGSIb3DQEBCwUAA4IB
AQAwsNGN+DoKqMFRF8xna8XvWI/eyUzMmY82ywC9pY/LuoqOfSEw+WIx48H579L0
k6tkF5F3HOMeoukdLklIodBjMSX2TbsHifReNb5z42IJlYt3ghwWeRBghw+ZCu8k
d0c0AfZfuAWguFLX+XvZZrt5qsA3Aj6wN1vMik8GZ2IwtDgI5WJWo2HS5QyHabkh
9xTHMY5J8DXkEv6AT7ifsnLd8aNI+d7WkQYUfv5awJmjFywPsOaLgB1I524bovHj
xDdLAKgnChAU3iwaRcWkUqxLS9a9O9fcJyHmjcaUYc2ovW3UBDzv7d6y2uTjb/BD
T33HWHUAx/Tp9S5Q715+Si1V
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:00 2023 by rpki-client on console.sobornost.net