Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/0bht2C9W0unNMnL8lYNTJuR7FOw.roa
File: 0bht2C9W0unNMnL8lYNTJuR7FOw.roa (raw, json)
Hash identifier: xZn0WHTEyMuQE5EhjgVwNv3ZmhbtKPHO91NHbwuwBAI=
Subject key identifier: D1:B8:6D:D8:2F:56:D2:E9:CD:32:72:FC:95:83:53:26:E4:7B:14:EC
Certificate issuer: /CN=2841262acd62c90e68081a6f777375df2c3713c2
Certificate serial: 3845139E
Authority key identifier: 28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/0bht2C9W0unNMnL8lYNTJuR7FOw.roa
Signing time: Sat 01 Jan 2022 03:59:16 +0000
ROA not before: Sat 01 Jan 2022 03:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209964
IP address blocks: 185.6.0.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944051102 (0x3845139e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2841262acd62c90e68081a6f777375df2c3713c2
Validity
Not Before: Jan 1 03:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1b86dd82f56d2e9cd3272fc95835326e47b14ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:4a:57:7e:e5:32:54:e5:7b:cc:b8:91:b9:
9c:c4:c8:4c:07:05:6f:21:80:70:b2:1e:e9:70:6e:
88:d7:f7:2d:5b:cc:35:1f:6d:f9:7e:d1:1f:f3:17:
e4:60:27:fb:63:d4:40:b4:11:41:19:35:fe:01:0d:
71:c4:7f:1c:ef:64:86:be:5c:38:d7:23:98:fb:22:
c7:25:f1:3f:0f:62:b6:bd:71:51:69:84:e2:35:11:
c2:7b:4d:f8:07:7f:67:ac:27:51:eb:7d:cd:18:04:
0b:d2:dd:db:bb:88:b1:19:e2:74:ba:83:d1:48:be:
a0:ce:ca:f3:ca:4b:29:eb:cb:d9:b9:78:3e:6c:ec:
f4:58:b2:0d:b2:a0:c2:4a:cf:d7:27:56:4f:87:1b:
16:28:62:a2:83:79:de:f1:98:50:5e:a4:ee:7c:59:
29:65:73:57:db:cb:d8:17:cd:56:75:c3:cb:fb:b0:
c6:d0:42:8a:77:ce:8c:27:f0:b3:2d:a7:b2:f6:61:
71:c9:f4:1c:92:f0:49:bb:6e:d3:2e:c7:7a:3d:be:
ff:1e:90:85:31:f4:d0:b2:63:50:19:1a:46:20:a3:
5c:63:3a:b0:35:dd:09:85:a3:f5:ba:1d:0d:7b:bf:
0c:1e:85:f7:47:c2:15:21:96:7c:3d:d5:9e:bb:8f:
72:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B8:6D:D8:2F:56:D2:E9:CD:32:72:FC:95:83:53:26:E4:7B:14:EC
X509v3 Authority Key Identifier:
keyid:28:41:26:2A:CD:62:C9:0E:68:08:1A:6F:77:73:75:DF:2C:37:13:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KEEmKs1iyQ5oCBpvd3N13yw3E8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/0bht2C9W0unNMnL8lYNTJuR7FOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/032276-25dc-4c30-8a7b-95a33e12a3ad/1/KEEmKs1iyQ5oCBpvd3N13yw3E8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:71:d4:ea:a3:e6:ee:d7:e0:79:14:7d:fd:ee:e3:5a:c9:f0:
fd:5a:05:52:ed:b2:d2:31:f3:70:53:d3:69:f4:40:a5:e0:69:
0f:5c:dd:02:96:bd:13:ee:dd:cc:49:a0:91:66:8e:75:71:c3:
05:b0:cd:60:ac:af:25:87:1e:b6:3b:76:d1:c5:f9:a0:1f:76:
ca:6a:06:ad:de:ae:df:ee:82:c9:7a:63:2f:29:00:fb:1a:a3:
61:f2:3c:fb:91:e7:b4:b5:c9:88:91:26:f5:fd:f2:5d:06:43:
b7:92:a8:74:6e:58:ce:8f:aa:21:91:e2:47:d6:b8:a4:67:2c:
7c:cb:7e:f4:6d:d0:39:85:2c:30:bd:2c:4e:71:d0:64:b7:f7:
ca:8a:ac:f9:97:14:58:54:42:49:0c:b0:f5:2c:4e:45:7d:f9:
77:5c:4f:c7:76:e1:76:31:6d:1b:ab:b1:9a:bb:97:08:11:89:
5f:71:e3:cb:72:05:39:e6:a8:5b:02:e0:56:1c:41:9c:3c:e9:
35:3b:19:df:2a:61:bd:48:b2:9d:f0:96:f4:91:c1:88:91:26:
21:fd:07:e8:04:8f:34:78:cd:88:16:2e:7a:be:52:2f:8a:19:
6d:8a:ad:aa:5d:81:66:98:ab:73:85:bd:91:52:ed:9b:e1:a4:
fc:19:a2:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOEUTnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODQxMjYyYWNkNjJjOTBlNjgwODFhNmY3NzczNzVkZjJjMzcxM2MyMB4XDTIyMDEw
MTAzNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFiODZkZDgyZjU2
ZDJlOWNkMzI3MmZjOTU4MzUzMjZlNDdiMTRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeVSld+5TJU5XvMuJG5nMTITAcFbyGAcLIe6XBuiNf3LVvM
NR9t+X7RH/MX5GAn+2PUQLQRQRk1/gENccR/HO9khr5cONcjmPsixyXxPw9itr1x
UWmE4jURwntN+Ad/Z6wnUet9zRgEC9Ld27uIsRnidLqD0Ui+oM7K88pLKevL2bl4
Pmzs9FiyDbKgwkrP1ydWT4cbFihiooN53vGYUF6k7nxZKWVzV9vL2BfNVnXDy/uw
xtBCinfOjCfwsy2nsvZhccn0HJLwSbtu0y7Hej2+/x6QhTH00LJjUBkaRiCjXGM6
sDXdCYWj9bodDXu/DB6F90fCFSGWfD3VnruPcuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRuG3YL1bS6c0ycvyVg1Mm5HsU7DAfBgNVHSMEGDAWgBQoQSYqzWLJDmgI
Gm93c3XfLDcTwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tFRW1LczFpeVE1b0NCcHZkM04xM3l3M0U4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvMDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8x
LzBiaHQyQzlXMHVuTk1uTDhsWU5USnVSN0ZPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
MDMyMjc2LTI1ZGMtNGMzMC04YTdiLTk1YTMzZTEyYTNhZC8xL0tFRW1LczFpeVE1
b0NCcHZkM04xM3l3M0U4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkGADANBgkqhkiG9w0BAQsFAAOC
AQEAPXHU6qPm7tfgeRR9/e7jWsnw/VoFUu2y0jHzcFPTafRApeBpD1zdApa9E+7d
zEmgkWaOdXHDBbDNYKyvJYcetjt20cX5oB92ymoGrd6u3+6CyXpjLykA+xqjYfI8
+5HntLXJiJEm9f3yXQZDt5KodG5Yzo+qIZHiR9a4pGcsfMt+9G3QOYUsML0sTnHQ
ZLf3yoqs+ZcUWFRCSQyw9SxORX35d1xPx3bhdjFtG6uxmruXCBGJX3Hjy3IFOeao
WwLgVhxBnDzpNTsZ3yphvUiynfCW9JHBiJEmIf0H6ASPNHjNiBYuer5SL4oZbYqt
ql2BZpirc4W9kVLtm+Gk/Bmi7g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:30 2023 by rpki-client on console.sobornost.net