Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/_GmS8s_weSVd8DQosyjSfYOko1Q.roa
File: _GmS8s_weSVd8DQosyjSfYOko1Q.roa (raw, json)
Hash identifier: LJgmgg5ankUY015b0kNbSjb6+nvsbNX3tFgVFXj+rLg=
Subject key identifier: FC:69:92:F2:CF:F0:79:25:5D:F0:34:28:B3:28:D2:7D:83:A4:A3:54
Certificate issuer: /CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Certificate serial: F5E08D
Authority key identifier: BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/_GmS8s_weSVd8DQosyjSfYOko1Q.roa
Signing time: Tue 08 Mar 2022 13:14:51 +0000
ROA not before: Tue 08 Mar 2022 13:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39120
IP address blocks: 185.197.142.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16113805 (0xf5e08d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Validity
Not Before: Mar 8 13:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc6992f2cff079255df03428b328d27d83a4a354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:03:bc:05:93:37:d1:80:32:4d:7d:88:f4:
d4:26:80:43:30:9e:4b:d0:94:0e:5b:ee:4c:e1:29:
8b:02:4a:fc:b8:8b:b5:e5:41:dc:a5:12:5b:b3:94:
71:e9:04:ec:8f:25:af:d3:c0:6b:4a:b0:9c:8b:a0:
15:a8:df:fd:22:c7:6e:82:76:ca:85:aa:05:87:98:
e4:cd:8b:f1:3e:00:72:1a:5d:42:6d:b0:f0:43:10:
29:00:80:d7:30:02:ff:9a:67:c6:24:00:4d:af:c9:
ba:97:3f:51:5a:8e:3e:59:c8:d4:b0:de:32:e2:ad:
7f:03:e3:51:a0:22:f9:6a:fc:fb:fe:ab:47:2f:59:
f8:ad:7e:ee:67:c2:04:f2:d7:af:e2:39:4b:57:54:
4c:5f:cf:cf:d2:56:9b:61:d3:55:b3:87:e6:eb:1f:
b8:0e:d7:65:8a:4f:5c:c8:97:cc:f2:fc:8c:3b:58:
71:58:40:db:48:4a:cb:72:88:a6:a6:ac:17:7d:7d:
cf:fb:62:6c:8b:e7:9a:39:f3:e7:1b:61:e2:40:cc:
9c:dc:17:58:72:d4:43:63:8c:f0:8e:be:86:94:f9:
87:df:06:90:1f:b7:77:95:07:8a:05:ca:b6:30:9e:
2e:f3:3b:7c:14:85:e6:8e:af:b4:e0:25:bf:3c:6b:
15:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:69:92:F2:CF:F0:79:25:5D:F0:34:28:B3:28:D2:7D:83:A4:A3:54
X509v3 Authority Key Identifier:
keyid:BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/_GmS8s_weSVd8DQosyjSfYOko1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/vkCzwr54Ndeze1gmEC-HRqUZnUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.142.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:e0:ba:b3:84:9b:c8:aa:e7:a8:6c:f1:3a:9f:c8:c3:5d:31:
ff:f0:ea:9b:d8:4e:04:da:24:96:5d:ea:3e:21:3b:0d:39:d5:
cc:fe:0c:6d:19:a7:b0:41:57:2b:63:f4:a7:52:f3:13:a5:9b:
fd:4d:b7:52:fd:09:b8:52:a0:17:34:ea:10:4a:9d:13:f5:06:
a6:c7:33:b4:ef:e9:16:8c:de:54:8a:37:d3:9a:76:96:67:e9:
7e:e2:44:ac:30:f4:11:05:65:32:81:5d:60:c9:43:59:29:6b:
3b:1b:b8:c9:4a:34:08:72:1b:99:03:ad:eb:b5:5a:d2:d9:65:
63:c1:77:98:6e:6a:a8:a0:75:b9:de:cb:ae:1a:5d:b6:c2:d1:
fe:d3:c5:b4:6e:11:c5:5f:21:61:f3:79:af:f9:24:23:7e:ff:
8f:52:7d:30:fb:5f:62:d1:7f:5f:9b:4b:40:15:eb:e1:3c:6c:
8d:3a:2f:94:e8:16:5a:fb:d4:e9:9c:d8:e0:33:68:d5:4c:d2:
c4:67:2d:2f:2a:74:a8:ab:1d:e7:37:b9:5f:bb:a7:60:60:74:
b6:24:51:93:48:14:24:66:e9:1f:fb:fc:d4:85:0c:2c:a0:21:
b4:14:67:20:b4:0e:01:2e:7a:30:fd:6d:e2:c3:dc:9b:8e:ed:
ae:67:63:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPXgjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQwYjNjMmJlNzgzNWQ3YjM3YjU4MjYxMDJmODc0NmE1MTk5ZDQ5MB4XDTIyMDMw
ODEzMTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM2OTkyZjJjZmYw
NzkyNTVkZjAzNDI4YjMyOGQyN2Q4M2E0YTM1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfGA7wFkzfRgDJNfYj01CaAQzCeS9CUDlvuTOEpiwJK/LiL
teVB3KUSW7OUcekE7I8lr9PAa0qwnIugFajf/SLHboJ2yoWqBYeY5M2L8T4Achpd
Qm2w8EMQKQCA1zAC/5pnxiQATa/Jupc/UVqOPlnI1LDeMuKtfwPjUaAi+Wr8+/6r
Ry9Z+K1+7mfCBPLXr+I5S1dUTF/Pz9JWm2HTVbOH5usfuA7XZYpPXMiXzPL8jDtY
cVhA20hKy3KIpqasF319z/tibIvnmjnz5xth4kDMnNwXWHLUQ2OM8I6+hpT5h98G
kB+3d5UHigXKtjCeLvM7fBSF5o6vtOAlvzxrFQsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8aZLyz/B5JV3wNCizKNJ9g6SjVDAfBgNVHSMEGDAWgBS+QLPCvng117N7
WCYQL4dGpRmdSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrQ3p3cjU0TmRlemUxZ21FQy1IUnFVWm5Vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8x
L19HbVM4c193ZVNWZDhEUW9zeWpTZllPa28xUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YzcxNjM2LWVkZDgtNGQxMS04NWU4LWI4MzRmYWY2YWNlZC8xL3ZrQ3p3cjU0TmRl
emUxZ21FQy1IUnFVWm5Vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnFjjANBgkqhkiG9w0BAQsFAAOC
AQEAvOC6s4SbyKrnqGzxOp/Iw10x//Dqm9hOBNokll3qPiE7DTnVzP4MbRmnsEFX
K2P0p1LzE6Wb/U23Uv0JuFKgFzTqEEqdE/UGpscztO/pFozeVIo305p2lmfpfuJE
rDD0EQVlMoFdYMlDWSlrOxu4yUo0CHIbmQOt67Va0tllY8F3mG5qqKB1ud7Lrhpd
tsLR/tPFtG4RxV8hYfN5r/kkI37/j1J9MPtfYtF/X5tLQBXr4TxsjTovlOgWWvvU
6ZzY4DNo1UzSxGctLyp0qKsd5ze5X7unYGB0tiRRk0gUJGbpH/v81IUMLKAhtBRn
ILQOAS56MP1t4sPcm47trmdjUQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net