Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/aR7dRFJg-8LKn2DTIn4IzcSJZtw.roa
File: aR7dRFJg-8LKn2DTIn4IzcSJZtw.roa (raw, json)
Hash identifier: gSExqUiFZnPCJvbuCZVTGCV4jTlp8yFp9K0YUlK4kaI=
Subject key identifier: 69:1E:DD:44:52:60:FB:C2:CA:9F:60:D3:22:7E:08:CD:C4:89:66:DC
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018A80F19BA1BE8EAEB5EE276EB5B2FBD555
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/aR7dRFJg-8LKn2DTIn4IzcSJZtw.roa
Signing time: Sun 10 Sep 2023 21:13:52 +0000
ROA not before: Sun 10 Sep 2023 21:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 82.206.32.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:f1:9b:a1:be:8e:ae:b5:ee:27:6e:b5:b2:fb:d5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Sep 10 21:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=691edd445260fbc2ca9f60d3227e08cdc48966dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:29:00:d2:2e:fa:7b:4e:92:df:37:29:cd:6d:
74:1c:38:93:5c:3e:ac:9a:e8:27:7c:0a:d7:34:38:
c6:30:7f:ea:67:ec:1c:50:26:54:39:e4:22:8c:90:
d6:87:ff:a0:6e:12:8d:0c:d9:e4:fe:35:61:dc:b4:
42:0c:4f:f7:f7:4f:8c:10:7c:d8:8b:ed:3d:f5:55:
c9:cb:c8:b8:87:0c:d3:22:e1:41:32:0e:f4:c6:6e:
c4:1a:d9:f4:5b:45:c5:62:71:6a:e5:7a:40:f3:78:
fc:ea:92:a1:9b:b8:6a:9d:2b:ac:b7:58:b2:9c:46:
a9:79:d2:2f:be:aa:5f:98:2b:06:8e:7a:cd:57:2e:
34:a4:bf:32:55:41:4e:41:9c:31:50:ae:f1:1c:4a:
aa:29:26:f3:3e:1e:99:d2:3a:d3:a0:6a:9e:6d:0d:
2a:c8:93:98:a9:39:59:a1:dd:08:c3:f3:22:de:a7:
78:40:1d:cb:ad:d3:08:d8:f0:6b:6a:c5:3f:f1:ec:
d8:56:21:3a:e4:f5:24:cb:31:3b:b5:95:0c:fc:3f:
cf:2c:09:53:9b:50:26:c4:b6:3d:40:38:31:4b:90:
04:e4:40:fa:f0:a6:04:22:f3:48:98:cf:e4:34:93:
b7:2d:d2:a8:0b:23:2d:77:e0:12:54:43:3f:16:57:
76:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1E:DD:44:52:60:FB:C2:CA:9F:60:D3:22:7E:08:CD:C4:89:66:DC
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/aR7dRFJg-8LKn2DTIn4IzcSJZtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.32.0/21
Signature Algorithm: sha256WithRSAEncryption
11:e2:4d:84:f7:8e:8d:12:6e:19:34:b9:e7:de:6e:ff:47:3a:
11:da:8c:ad:51:22:d4:d7:85:99:e0:d0:bc:db:e5:13:51:fe:
08:cf:64:0a:f7:23:88:6a:0e:07:33:01:cc:10:ba:d3:08:34:
b7:10:d5:0c:92:0b:67:0f:ad:37:e1:3f:a4:76:b6:2c:1c:f9:
a6:7f:68:a4:9e:56:b5:9c:28:eb:c9:e2:1d:d0:bb:2a:27:04:
e2:2a:26:ff:d0:28:be:83:29:10:76:45:a5:bd:41:86:83:20:
67:cc:aa:80:65:e5:c8:63:1c:db:b2:2e:27:2d:08:bd:18:57:
94:1f:09:bb:fe:99:9d:2f:52:21:e5:53:ff:c9:14:00:9c:50:
27:59:1c:25:cb:13:3e:ba:79:ae:b9:52:32:e0:0e:94:de:bc:
6f:ba:90:47:3b:df:fb:c0:b8:a6:49:cc:85:99:55:a8:62:4c:
fe:ec:11:c4:0a:1e:57:a6:09:f5:cc:55:5e:10:97:22:82:e2:
a7:33:49:a0:5f:72:2e:cb:ce:54:a7:ec:8e:a8:08:c9:ea:3f:
f9:05:78:6d:fe:1e:82:fa:71:9d:67:1d:ad:bc:e3:c0:72:73:
46:d9:dd:da:4e:46:82:94:81:90:78:05:f5:7b:72:6b:3f:81:
b2:21:4e:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqA8Zuhvo6ute4nbrWy+9VVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwOTEwMjExMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFlZGQ0NDUyNjBmYmMyY2E5ZjYwZDMyMjdlMDhjZGM0ODk2NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSkA0i76e06S3zcpzW10HDiTXD6s
mugnfArXNDjGMH/qZ+wcUCZUOeQijJDWh/+gbhKNDNnk/jVh3LRCDE/390+MEHzY
i+099VXJy8i4hwzTIuFBMg70xm7EGtn0W0XFYnFq5XpA83j86pKhm7hqnSust1iy
nEapedIvvqpfmCsGjnrNVy40pL8yVUFOQZwxUK7xHEqqKSbzPh6Z0jrToGqebQ0q
yJOYqTlZod0Iw/Mi3qd4QB3LrdMI2PBrasU/8ezYViE65PUkyzE7tZUM/D/PLAlT
m1AmxLY9QDgxS5AE5ED68KYEIvNImM/kNJO3LdKoCyMtd+ASVEM/Fld24wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGke3URSYPvCyp9g0yJ+CM3EiWbcMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvYVI3ZFJGSmctOExLbjJEVEluNEl6Y1NKWnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs4gMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4k2E946NEm4ZNLnn3m7/RzoR2oytUSLU14WZ4NC8
2+UTUf4Iz2QK9yOIag4HMwHMELrTCDS3ENUMkgtnD6034T+kdrYsHPmmf2iknla1
nCjryeId0LsqJwTiKib/0Ci+gykQdkWlvUGGgyBnzKqAZeXIYxzbsi4nLQi9GFeU
Hwm7/pmdL1Ih5VP/yRQAnFAnWRwlyxM+unmuuVIy4A6U3rxvupBHO9/7wLimScyF
mVWoYkz+7BHECh5Xpgn1zFVeEJciguKnM0mgX3Iuy85Up+yOqAjJ6j/5BXht/h6C
+nGdZx2tvOPAcnNG2d3aTkaClIGQeAX1e3JrP4GyIU6k
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:24 2023 by rpki-client on console.sobornost.net