Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/O5WPHBgPWBTyDzXhayz-uhnJ9x0.roa
File: O5WPHBgPWBTyDzXhayz-uhnJ9x0.roa (raw, json)
Hash identifier: qyFqQE1vx7bSz0KGSbXtrei/Kapidcuqy0CWV7Jb5Wo=
Subject key identifier: 3B:95:8F:1C:18:0F:58:14:F2:0F:35:E1:6B:2C:FE:BA:19:C9:F7:1D
Certificate issuer: /CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Certificate serial: 0183EF67744F0FFE6E8367E26865872BAF33
Authority key identifier: 48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/O5WPHBgPWBTyDzXhayz-uhnJ9x0.roa
Signing time: Wed 19 Oct 2022 08:41:18 +0000
ROA not before: Wed 19 Oct 2022 08:41:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211612
IP address blocks: 87.249.128.0/21 maxlen: 24
178.249.208.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:67:74:4f:0f:fe:6e:83:67:e2:68:65:87:2b:af:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cb94a44349f98d409b7ddb9a053df4aef1addf
Validity
Not Before: Oct 19 08:41:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b958f1c180f5814f20f35e16b2cfeba19c9f71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:b8:5f:d2:93:f3:f2:23:c9:3f:2a:40:d0:
1a:74:37:d1:74:9b:c1:ab:0d:2f:0f:e1:46:2c:ad:
2a:bf:c5:42:85:66:09:5e:93:b8:b6:22:27:41:3f:
9b:ad:de:c6:9d:50:f2:6b:14:1f:23:60:ae:82:51:
6f:a4:e4:34:d9:a6:91:3b:3f:62:c9:62:63:97:7b:
61:b9:79:a9:56:64:a3:5a:44:04:cc:c7:44:0d:c9:
75:01:6a:9a:04:89:de:6b:ba:e8:48:c1:43:c2:96:
01:e9:b1:11:8e:31:5d:aa:28:fc:0f:6a:f2:a8:96:
8c:ef:2d:27:b9:bb:bf:0d:77:e9:b6:ed:e5:2b:a4:
71:72:1b:01:10:8c:25:9d:13:d8:7d:fb:05:c1:44:
82:d5:0f:d8:04:20:ab:eb:1d:0c:63:f9:bd:d7:d1:
5a:33:83:ec:e7:3e:ba:45:f9:9c:f4:d7:65:e2:61:
98:26:e8:f2:ec:15:46:c0:be:6d:3f:b7:f2:5a:8a:
30:4a:ca:90:3b:94:38:4f:4d:cc:5f:e2:cd:f4:76:
1b:e4:69:8a:31:23:be:bf:e6:44:19:a7:33:f0:b1:
2d:fa:ca:e1:f4:14:08:12:d4:d8:fd:6b:67:78:b0:
bc:83:61:cb:cf:d8:12:6b:64:06:43:20:f2:8b:f3:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:95:8F:1C:18:0F:58:14:F2:0F:35:E1:6B:2C:FE:BA:19:C9:F7:1D
X509v3 Authority Key Identifier:
keyid:48:CB:94:A4:43:49:F9:8D:40:9B:7D:DB:9A:05:3D:F4:AE:F1:AD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SMuUpENJ-Y1Am33bmgU99K7xrd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/O5WPHBgPWBTyDzXhayz-uhnJ9x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ac0c06-8072-4e30-95d1-a3d5533f1757/1/SMuUpENJ-Y1Am33bmgU99K7xrd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.249.128.0/21
178.249.208.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:b2:b4:3b:d9:28:81:1a:93:93:07:ea:48:d1:7e:df:80:ea:
e9:f2:60:08:58:97:6b:12:2b:4c:05:52:88:bb:29:5e:36:e3:
22:e1:fa:8e:7d:44:4a:40:21:5e:da:70:2c:f1:c3:49:d4:9e:
e5:18:cf:84:fc:0d:b3:8c:25:e3:6e:3e:39:a8:31:ea:3c:8a:
af:47:27:ea:09:38:4b:63:61:81:47:39:36:fc:54:da:c9:59:
4f:11:76:33:b6:61:73:25:97:d5:2c:27:bb:c6:64:83:4f:6c:
e1:4f:46:d8:ff:2d:51:b1:65:22:c4:22:00:e9:1f:36:9d:94:
51:c8:a0:09:b2:71:de:5a:c1:b5:7d:da:7a:71:51:14:55:4d:
1f:90:59:a3:cf:0d:88:46:a6:20:82:a9:b0:68:6e:a0:f0:26:
e6:42:0c:fb:62:f9:f1:56:76:48:28:0f:49:20:03:d3:de:18:
69:39:fb:5d:d8:62:6a:a7:00:b5:ec:ad:b2:a4:5c:31:cf:99:
b2:e2:03:57:11:7c:22:26:4d:b8:3e:52:e4:52:d6:76:61:d4:
56:73:99:ee:88:e4:d7:be:c2:07:f0:f1:59:c6:e7:bf:4d:46:
3a:e8:cd:78:62:55:6e:cf:35:b1:ad:e4:ac:e4:8f:42:ce:a1:
7b:35:10:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPvZ3RPD/5ug2fiaGWHK68zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2I5NGE0NDM0OWY5OGQ0MDliN2RkYjlhMDUzZGY0YWVm
MWFkZGYwHhcNMjIxMDE5MDg0MTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk1OGYxYzE4MGY1ODE0ZjIwZjM1ZTE2YjJjZmViYTE5YzlmNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAa4X9KT8/IjyT8qQNAadDfRdJvB
qw0vD+FGLK0qv8VChWYJXpO4tiInQT+brd7GnVDyaxQfI2CuglFvpOQ02aaROz9i
yWJjl3thuXmpVmSjWkQEzMdEDcl1AWqaBInea7roSMFDwpYB6bERjjFdqij8D2ry
qJaM7y0nubu/DXfptu3lK6RxchsBEIwlnRPYffsFwUSC1Q/YBCCr6x0MY/m919Fa
M4Ps5z66Rfmc9Ndl4mGYJujy7BVGwL5tP7fyWoowSsqQO5Q4T03MX+LN9HYb5GmK
MSO+v+ZEGacz8LEt+srh9BQIEtTY/WtneLC8g2HLz9gSa2QGQyDyi/PLlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuVjxwYD1gU8g814Wss/roZyfcdMB8GA1UdIwQY
MBaAFEjLlKRDSfmNQJt925oFPfSu8a3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU011VXBFTkotWTFBbTMzYm1nVTk5Szd4cmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hYzBjMDYtODA3Mi00ZTMwLTk1ZDEt
YTNkNTUzM2YxNzU3LzEvTzVXUEhCZ1BXQlR5RHpYaGF5ei11aG5KOXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hYzBjMDYtODA3Mi00ZTMwLTk1ZDEtYTNkNTUzM2YxNzU3
LzEvU011VXBFTkotWTFBbTMzYm1nVTk5Szd4cmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV/mAAwQD
svnQMA0GCSqGSIb3DQEBCwUAA4IBAQCMsrQ72SiBGpOTB+pI0X7fgOrp8mAIWJdr
EitMBVKIuyleNuMi4fqOfURKQCFe2nAs8cNJ1J7lGM+E/A2zjCXjbj45qDHqPIqv
RyfqCThLY2GBRzk2/FTayVlPEXYztmFzJZfVLCe7xmSDT2zhT0bY/y1RsWUixCIA
6R82nZRRyKAJsnHeWsG1fdp6cVEUVU0fkFmjzw2IRqYggqmwaG6g8CbmQgz7Yvnx
VnZIKA9JIAPT3hhpOftd2GJqpwC17K2ypFwxz5my4gNXEXwiJk24PlLkUtZ2YdRW
c5nuiOTXvsIH8PFZxue/TUY66M14YlVuzzWxreSs5I9CzqF7NRCx
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net