Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/0ScIW6rm6U9wa3OjDZYGQBazD1k.roa
File: 0ScIW6rm6U9wa3OjDZYGQBazD1k.roa (raw, json)
Hash identifier: W8aU9RpV41hu4A8oEwGqwrRiYi4ATuRDXT37Pc+shFk=
Subject key identifier: D1:27:08:5B:AA:E6:E9:4F:70:6B:73:A3:0D:96:06:40:16:B3:0F:59
Certificate issuer: /CN=fa55d2877132aaadcdf54058acbf9e07eddb598c
Certificate serial: 06B8AF88
Authority key identifier: FA:55:D2:87:71:32:AA:AD:CD:F5:40:58:AC:BF:9E:07:ED:DB:59:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/0ScIW6rm6U9wa3OjDZYGQBazD1k.roa
Signing time: Sat 01 Jan 2022 10:04:17 +0000
ROA not before: Sat 01 Jan 2022 10:04:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25009
IP address blocks: 185.21.112.0/22 maxlen: 24
82.96.128.0/18 maxlen: 24
2a03:240::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112766856 (0x6b8af88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa55d2877132aaadcdf54058acbf9e07eddb598c
Validity
Not Before: Jan 1 10:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d127085baae6e94f706b73a30d96064016b30f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a9:3a:bc:49:e2:a2:fe:05:f1:65:21:f4:c7:
0b:4f:6e:4d:cd:8d:97:44:24:f8:33:00:4e:92:30:
ae:2e:f7:75:42:8b:ac:45:c1:e7:f3:9f:d0:8e:65:
c2:3c:45:7b:df:ce:61:2b:f5:13:32:d2:66:15:e7:
fc:a0:dc:f3:7c:7a:e0:52:1d:af:74:67:42:b6:6c:
56:dd:36:27:58:ce:39:d7:cb:60:09:9c:7c:cd:bd:
62:13:53:94:27:5d:ee:91:80:fc:88:65:88:e1:4a:
73:05:a4:27:98:de:bf:ab:6d:9e:3a:b3:ea:51:22:
5f:56:96:a3:bc:ad:05:c3:16:06:fb:13:c6:d2:b0:
28:ab:db:2e:c0:4d:06:24:d9:ab:f3:98:ff:d7:53:
82:38:a8:3a:1e:a6:59:a2:95:42:a0:f1:f6:44:79:
9f:2e:35:22:dc:ad:cf:61:45:f9:a3:fc:4f:30:e6:
bf:b7:97:bf:d8:37:10:2a:f2:13:c0:df:f8:39:ad:
a7:d9:d5:41:db:7e:06:a9:fc:72:fb:b4:80:98:d1:
a3:93:b9:df:07:20:70:c8:14:7e:c6:5b:37:e4:32:
47:ee:bf:67:d8:39:5e:f4:c5:14:37:95:b0:e9:36:
9e:48:6f:87:88:29:20:05:ce:e8:9e:d1:62:f6:49:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:27:08:5B:AA:E6:E9:4F:70:6B:73:A3:0D:96:06:40:16:B3:0F:59
X509v3 Authority Key Identifier:
keyid:FA:55:D2:87:71:32:AA:AD:CD:F5:40:58:AC:BF:9E:07:ED:DB:59:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/0ScIW6rm6U9wa3OjDZYGQBazD1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.128.0/18
185.21.112.0/22
IPv6:
2a03:240::/32
Signature Algorithm: sha256WithRSAEncryption
62:62:03:00:d0:b1:ad:47:b5:37:16:49:4d:13:24:96:31:ec:
be:c1:58:f6:c1:04:ce:90:56:71:76:c2:ac:87:98:c2:a1:4d:
cf:d8:92:7d:6b:46:93:a5:c1:78:67:38:03:ae:76:7e:59:cf:
6a:d5:65:13:bf:71:03:c3:c0:a0:01:75:52:91:e2:32:f7:db:
bb:30:0a:45:cd:b7:c6:26:5a:71:ce:f1:b9:f8:a0:22:f4:0d:
43:57:db:b7:c6:45:db:81:44:98:e0:af:c4:99:65:35:05:09:
8e:29:e5:9e:3c:63:38:01:c3:76:26:ec:9a:53:26:b4:d4:80:
e5:f3:65:2e:d7:5c:3c:36:dc:1f:37:e1:80:03:85:51:09:28:
2b:01:38:7d:40:fd:95:70:59:45:78:a7:46:8e:87:3a:7e:19:
9f:7c:f2:2b:a8:d0:cd:fb:87:c4:28:a3:75:68:66:08:65:83:
07:c6:75:3f:de:23:37:f5:15:34:df:86:8b:72:f9:03:8e:b8:
87:cc:f0:11:5a:5c:b0:65:7d:fd:dd:15:dd:97:22:7a:6f:41:
e1:e7:a7:86:d9:0b:34:3c:94:44:9f:c5:9a:a5:6d:b2:7e:5c:
c8:09:cb:d8:cd:21:e6:84:d5:11:3d:65:ed:19:60:2a:13:c6:
1e:6b:62:81
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBriviDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTU1ZDI4NzcxMzJhYWFkY2RmNTQwNThhY2JmOWUwN2VkZGI1OThjMB4XDTIyMDEw
MTEwMDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEyNzA4NWJhYWU2
ZTk0ZjcwNmI3M2EzMGQ5NjA2NDAxNmIzMGY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKpOrxJ4qL+BfFlIfTHC09uTc2Nl0Qk+DMATpIwri73dUKL
rEXB5/Of0I5lwjxFe9/OYSv1EzLSZhXn/KDc83x64FIdr3RnQrZsVt02J1jOOdfL
YAmcfM29YhNTlCdd7pGA/IhliOFKcwWkJ5jev6ttnjqz6lEiX1aWo7ytBcMWBvsT
xtKwKKvbLsBNBiTZq/OY/9dTgjioOh6mWaKVQqDx9kR5ny41Itytz2FF+aP8TzDm
v7eXv9g3ECryE8Df+Dmtp9nVQdt+Bqn8cvu0gJjRo5O53wcgcMgUfsZbN+QyR+6/
Z9g5XvTFFDeVsOk2nkhvh4gpIAXO6J7RYvZJTUMCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTRJwhbqubpT3Brc6MNlgZAFrMPWTAfBgNVHSMEGDAWgBT6VdKHcTKqrc31
QFisv54H7dtZjDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbFhTaDNFeXFxM045VUJZckwtZUItM2JXWXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzAyLzkyZDIwOC1hMjJhLTQyMWMtOGM1Yi1lYWY5ZGE0YWRlZjYv
MS8wU2NJVzZybTZVOXdhM09qRFpZR1FCYXpEMWsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAy
LzkyZDIwOC1hMjJhLTQyMWMtOGM1Yi1lYWY5ZGE0YWRlZjYvMS8xLWxYU2gzRXlx
cTNOOVVCWXJMLWVCLTNiV1l3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGUmCAAwQCuRVwMA0EAgACMAcD
BQAqAwJAMA0GCSqGSIb3DQEBCwUAA4IBAQBiYgMA0LGtR7U3FklNEySWMey+wVj2
wQTOkFZxdsKsh5jCoU3P2JJ9a0aTpcF4ZzgDrnZ+Wc9q1WUTv3EDw8CgAXVSkeIy
99u7MApFzbfGJlpxzvG5+KAi9A1DV9u3xkXbgUSY4K/EmWU1BQmOKeWePGM4AcN2
JuyaUya01IDl82Uu11w8NtwfN+GAA4VRCSgrATh9QP2VcFlFeKdGjoc6fhmffPIr
qNDN+4fEKKN1aGYIZYMHxnU/3iM39RU034aLcvkDjriHzPARWlywZX393RXdlyJ6
b0Hh56eG2Qs0PJREn8WapW2yflzICcvYzSHmhNURPWXtGWAqE8Yea2KB
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:32 2023 by rpki-client on console.sobornost.net