Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/W_SCSEAkKMyuuGMsitLm9o5ELzU.roa
File: W_SCSEAkKMyuuGMsitLm9o5ELzU.roa (raw, json)
Hash identifier: 1plL5VYfWPnmxNz/GfaGzJxCGOmiWms9lRcKPoh37Tk=
Subject key identifier: 5B:F4:82:48:40:24:28:CC:AE:B8:63:2C:8A:D2:E6:F6:8E:44:2F:35
Certificate issuer: /CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Certificate serial: 018964C3F865F5F195C9197FE6849273E0C7
Authority key identifier: 86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/W_SCSEAkKMyuuGMsitLm9o5ELzU.roa
Signing time: Mon 17 Jul 2023 16:51:51 +0000
ROA not before: Mon 17 Jul 2023 16:51:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13020
IP address blocks: 151.216.128.0/17 maxlen: 17
2001:67c:20a1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c3:f8:65:f5:f1:95:c9:19:7f:e6:84:92:73:e0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Validity
Not Before: Jul 17 16:51:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bf48248402428ccaeb8632c8ad2e6f68e442f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d8:ca:2b:f6:bd:f2:35:89:43:9f:e3:fa:ac:
41:f2:89:26:2a:28:47:1b:b9:b7:68:35:d4:ca:49:
37:6c:65:b3:f0:9a:41:c9:5b:c0:e3:0a:d3:67:a1:
3d:a4:99:04:32:bd:ca:80:bb:e6:26:13:62:ed:f6:
0d:99:2f:bc:4d:2b:03:9a:11:5f:5b:cb:e8:8a:6d:
af:b5:e5:24:da:39:cd:4b:0a:33:12:06:15:04:2d:
ea:26:68:93:7d:72:5a:ff:61:ac:88:33:70:55:04:
80:b5:95:b8:47:19:a2:7d:01:38:f9:b6:5a:52:8f:
49:90:5d:ec:06:9c:a1:79:e3:e7:88:80:bc:00:69:
9f:a5:55:7f:07:67:6e:d4:7d:f0:1a:a5:e3:46:e9:
71:53:0b:9d:7a:bd:c0:cf:35:48:8e:9c:37:75:d1:
61:03:87:3a:a3:85:02:d0:ba:6f:be:d3:00:c3:bd:
e8:5c:38:b0:86:1a:7b:51:5b:71:e6:2b:3a:98:f5:
98:57:a9:91:59:af:00:ca:17:c3:17:7f:32:3a:6e:
ac:66:b2:08:8f:29:7b:f0:f2:75:27:6c:6c:75:2b:
98:5e:ab:14:e1:67:18:d3:34:62:26:26:2e:71:f5:
21:b5:e9:55:4b:77:c3:d6:fe:fa:c0:46:d7:33:f0:
2b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F4:82:48:40:24:28:CC:AE:B8:63:2C:8A:D2:E6:F6:8E:44:2F:35
X509v3 Authority Key Identifier:
keyid:86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/W_SCSEAkKMyuuGMsitLm9o5ELzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.128.0/17
IPv6:
2001:67c:20a1::/48
Signature Algorithm: sha256WithRSAEncryption
3e:d5:ff:e2:d5:67:07:c1:ff:40:7a:96:d2:b2:02:04:fa:b8:
7e:d2:47:4c:06:4c:2e:88:c6:8d:5f:23:ea:fc:4d:ef:6f:47:
bd:b4:ba:11:d2:99:af:7c:5a:88:63:db:d1:b4:c3:2e:47:28:
22:6b:0e:4b:0a:33:ef:ff:64:24:20:65:0c:0c:82:00:55:8a:
f6:f2:fa:6e:db:fb:43:d5:46:0c:54:c7:d3:ee:40:c5:af:09:
04:f3:6b:72:c0:dd:1b:60:30:15:fe:37:99:46:67:14:12:50:
76:41:fb:ef:24:2f:65:c4:65:88:c2:21:83:2b:3c:4b:35:6d:
b3:be:bf:9d:d9:8e:a0:3b:70:2e:e3:af:f6:e7:e6:da:67:0d:
86:39:bc:4c:95:59:bc:a2:dc:98:d9:81:79:21:7d:4f:0e:52:
04:86:d3:e1:64:98:86:53:31:c5:34:ad:fd:bf:9c:16:f4:d6:
0d:9b:72:01:39:3a:13:89:82:78:65:a9:92:53:44:3c:78:26:
03:9a:3d:4c:94:b2:d4:4a:da:d2:e2:dd:97:89:25:b8:68:c6:
29:a1:1d:5d:f9:b7:8b:c1:b0:99:e1:e3:7d:43:d5:3c:c0:b1:
1c:c2:f8:c2:e2:87:e8:40:48:42:94:f6:12:ca:c8:87:e0:a1:
89:21:a7:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlkw/hl9fGVyRl/5oSSc+DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MGQ5ZjAxYTk4YjUxNGViZDNjMjcyM2Q3ZjdlYjQ0ODMy
NmY1ZTIwHhcNMjMwNzE3MTY1MTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmY0ODI0ODQwMjQyOGNjYWViODYzMmM4YWQyZTZmNjhlNDQyZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNjKK/a98jWJQ5/j+qxB8okmKihH
G7m3aDXUykk3bGWz8JpByVvA4wrTZ6E9pJkEMr3KgLvmJhNi7fYNmS+8TSsDmhFf
W8voim2vteUk2jnNSwozEgYVBC3qJmiTfXJa/2GsiDNwVQSAtZW4RxmifQE4+bZa
Uo9JkF3sBpyheePniIC8AGmfpVV/B2du1H3wGqXjRulxUwuder3AzzVIjpw3ddFh
A4c6o4UC0LpvvtMAw73oXDiwhhp7UVtx5is6mPWYV6mRWa8AyhfDF38yOm6sZrII
jyl78PJ1J2xsdSuYXqsU4WcY0zRiJiYucfUhtelVS3fD1v76wEbXM/Ar7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFv0gkhAJCjMrrhjLIrS5vaORC81MB8GA1UdIwQY
MBaAFIYNnwGpi1FOvTwnI9f360SDJvXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQt
NjFjYjQzYzJkYjg1LzEvV19TQ1NFQWtLTXl1dUdNc2l0TG05bzVFTHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQtNjFjYjQzYzJkYjg1
LzEvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQHl9iAMA8E
AgACMAkDBwAgAQZ8IKEwDQYJKoZIhvcNAQELBQADggEBAD7V/+LVZwfB/0B6ltKy
AgT6uH7SR0wGTC6Ixo1fI+r8Te9vR720uhHSma98Wohj29G0wy5HKCJrDksKM+//
ZCQgZQwMggBVivby+m7b+0PVRgxUx9PuQMWvCQTza3LA3RtgMBX+N5lGZxQSUHZB
++8kL2XEZYjCIYMrPEs1bbO+v53ZjqA7cC7jr/bn5tpnDYY5vEyVWbyi3JjZgXkh
fU8OUgSG0+FkmIZTMcU0rf2/nBb01g2bcgE5OhOJgnhlqZJTRDx4JgOaPUyUstRK
2tLi3ZeJJbhoximhHV35t4vBsJnh431D1TzAsRzC+MLih+hASEKU9hLKyIfgoYkh
p0Y=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:36 2023 by rpki-client on console.sobornost.net