Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/3byayplKQ4h0LQbUd4Q0ZYAC2zA.roa
File: 3byayplKQ4h0LQbUd4Q0ZYAC2zA.roa (raw, json)
Hash identifier: F3fmSry+pX/DASxSHhMwaBjTZGc7yZIGbkF0BYEGjOM=
Subject key identifier: DD:BC:9A:CA:99:4A:43:88:74:2D:06:D4:77:84:34:65:80:02:DB:30
Certificate issuer: /CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Certificate serial: 012A3443
Authority key identifier: BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/3byayplKQ4h0LQbUd4Q0ZYAC2zA.roa
Signing time: Wed 30 Mar 2022 10:11:22 +0000
ROA not before: Wed 30 Mar 2022 10:11:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 193.42.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19543107 (0x12a3443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Validity
Not Before: Mar 30 10:11:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddbc9aca994a4388742d06d4778434658002db30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d1:ae:c2:98:43:7f:c4:02:58:a9:49:19:ad:
ad:b5:60:59:1f:12:ba:58:c3:db:9d:4d:2e:59:49:
28:6b:57:86:13:70:8b:f8:be:e9:94:1a:f2:0f:da:
89:15:86:e9:04:bd:99:17:aa:4e:71:fb:e5:26:9f:
ec:56:9f:66:43:7d:95:22:20:a6:52:b0:c3:bc:0b:
01:07:8c:f9:d9:21:50:9d:01:d0:ef:c3:e1:e5:08:
e0:70:ab:72:c4:a7:79:1b:dc:64:9b:84:25:3a:76:
bb:e2:ed:29:b0:c2:56:ea:ca:e7:5b:98:2e:47:fe:
85:92:ac:9c:52:cf:f4:0a:2d:42:a9:ff:00:8d:5a:
1a:d0:00:a6:50:13:4a:ed:1f:d0:57:10:81:45:6d:
81:ce:cf:37:80:27:5f:f5:e9:2f:b6:77:d3:f6:70:
7c:c8:97:7e:96:ae:44:c0:c2:fa:14:cd:ba:19:53:
b0:81:e2:f0:5d:19:49:94:a7:a6:01:e3:bc:20:8f:
53:9b:99:5b:ec:6a:7b:e1:6d:3a:4d:83:43:63:cf:
91:a8:5e:2d:10:77:66:5a:76:d9:12:55:58:61:5c:
68:6e:26:10:88:10:2a:98:f8:10:3a:dd:fb:57:42:
09:b2:45:6d:51:48:d7:88:cd:70:52:a9:ce:9c:84:
d7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:9A:CA:99:4A:43:88:74:2D:06:D4:77:84:34:65:80:02:DB:30
X509v3 Authority Key Identifier:
keyid:BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/3byayplKQ4h0LQbUd4Q0ZYAC2zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/vkCzwr54Ndeze1gmEC-HRqUZnUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.210.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b3:1a:a6:d8:ec:f1:f8:fd:40:0b:a6:ae:8f:dd:16:39:72:
67:5f:19:52:51:b7:03:58:7a:ed:f9:93:32:9a:52:5a:5e:73:
91:2f:ef:15:3e:98:36:c5:4c:51:e3:8a:bf:82:c4:e5:43:62:
93:17:c0:10:25:a5:0a:30:b7:09:15:3f:88:a0:25:35:ff:c1:
70:78:06:e9:a4:54:4e:fd:95:19:d9:38:a5:47:ee:41:41:30:
56:f5:37:78:63:de:e2:03:16:87:a9:e3:03:48:ad:07:71:59:
8e:09:b0:24:a3:e5:2b:b9:50:b6:80:29:06:b7:08:12:2e:3d:
4e:27:27:3e:69:57:45:0c:1b:8a:b1:64:db:4d:c8:70:82:6d:
3c:21:bf:cc:67:6b:ed:c5:9a:64:b1:ec:aa:de:c1:09:0f:f8:
ce:aa:bd:73:a9:84:72:dd:c3:48:1f:c6:97:d7:11:38:a4:e2:
a4:18:63:d3:0a:be:f8:e2:8c:de:12:c4:64:6d:be:fb:95:b1:
4e:1c:73:fc:80:24:52:87:71:0c:2d:90:b1:e9:2b:a2:49:e5:
e9:e0:8d:9e:c7:bf:b3:30:16:e9:6a:f3:15:f4:1c:9e:1d:75:
21:1c:b9:4d:ee:ae:4f:47:5c:2e:d3:c0:f0:7b:c7:9b:2b:cf:
1f:77:ef:90
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASo0QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQwYjNjMmJlNzgzNWQ3YjM3YjU4MjYxMDJmODc0NmE1MTk5ZDQ5MB4XDTIyMDMz
MDEwMTEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRiYzlhY2E5OTRh
NDM4ODc0MmQwNmQ0Nzc4NDM0NjU4MDAyZGIzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjRrsKYQ3/EAlipSRmtrbVgWR8SuljD251NLllJKGtXhhNw
i/i+6ZQa8g/aiRWG6QS9mReqTnH75Saf7FafZkN9lSIgplKww7wLAQeM+dkhUJ0B
0O/D4eUI4HCrcsSneRvcZJuEJTp2u+LtKbDCVurK51uYLkf+hZKsnFLP9AotQqn/
AI1aGtAAplATSu0f0FcQgUVtgc7PN4AnX/XpL7Z30/ZwfMiXfpauRMDC+hTNuhlT
sIHi8F0ZSZSnpgHjvCCPU5uZW+xqe+FtOk2DQ2PPkaheLRB3Zlp22RJVWGFcaG4m
EIgQKpj4EDrd+1dCCbJFbVFI14jNcFKpzpyE16cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdvJrKmUpDiHQtBtR3hDRlgALbMDAfBgNVHSMEGDAWgBS+QLPCvng117N7
WCYQL4dGpRmdSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrQ3p3cjU0TmRlemUxZ21FQy1IUnFVWm5Vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8x
LzNieWF5cGxLUTRoMExRYlVkNFEwWllBQzJ6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8xL3ZrQ3p3cjU0TmRl
emUxZ21FQy1IUnFVWm5Vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEq0jANBgkqhkiG9w0BAQsFAAOC
AQEAL7Maptjs8fj9QAumro/dFjlyZ18ZUlG3A1h67fmTMppSWl5zkS/vFT6YNsVM
UeOKv4LE5UNikxfAECWlCjC3CRU/iKAlNf/BcHgG6aRUTv2VGdk4pUfuQUEwVvU3
eGPe4gMWh6njA0itB3FZjgmwJKPlK7lQtoApBrcIEi49TicnPmlXRQwbirFk203I
cIJtPCG/zGdr7cWaZLHsqt7BCQ/4zqq9c6mEct3DSB/Gl9cROKTipBhj0wq++OKM
3hLEZG2++5WxThxz/IAkUodxDC2Qsekroknl6eCNnse/szAW6WrzFfQcnh11IRy5
Te6uT0dcLtPA8HvHmyvPH3fvkA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net