Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/pMwcHWyCwvUEL0dr_LIqAKqiXz4.roa
File: pMwcHWyCwvUEL0dr_LIqAKqiXz4.roa (raw, json)
Hash identifier: YKX6Vcj6ydQ9vGvQM7ZzDB3fCJPvetIWnQ6MfEPB5jI=
Subject key identifier: A4:CC:1C:1D:6C:82:C2:F5:04:2F:47:6B:FC:B2:2A:00:AA:A2:5F:3E
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 38F47051
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/pMwcHWyCwvUEL0dr_LIqAKqiXz4.roa
Signing time: Sat 09 Apr 2022 15:05:28 +0000
ROA not before: Sat 09 Apr 2022 15:05:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 87.251.24.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 955543633 (0x38f47051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Apr 9 15:05:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4cc1c1d6c82c2f5042f476bfcb22a00aaa25f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:35:c0:b7:1b:c3:b5:b0:a1:44:e9:89:bc:25:
25:11:cf:b0:6a:4a:5f:64:3d:84:00:f6:bf:de:5b:
3e:79:02:f0:c0:50:78:93:d1:7d:59:c9:6c:5e:26:
e0:e4:de:2c:40:a3:01:7d:24:11:ec:c8:5e:28:a7:
9e:b6:28:b0:a4:72:95:4e:fb:29:7a:8a:13:24:e6:
e4:c4:81:b3:ee:e9:4c:16:1d:4e:b9:44:cb:80:04:
91:46:a2:5e:20:b9:d2:44:b8:92:ae:32:f3:49:a1:
58:a8:74:d9:13:1c:08:9c:98:03:a0:29:d0:a0:aa:
3f:16:77:f6:30:74:97:ac:05:ed:9f:ec:57:47:5d:
07:02:3c:7b:14:ea:33:f2:02:c2:35:dd:f4:bf:c9:
9c:f3:70:99:7a:34:77:48:aa:77:68:b2:43:31:14:
af:20:e6:28:51:be:4c:24:6d:71:ba:0b:8c:14:b6:
4e:63:8d:4b:c9:32:57:6a:90:40:2c:b6:d9:c7:85:
6a:e7:26:00:3e:4a:ae:34:a5:f5:9a:5e:1e:82:3e:
a5:68:0b:a7:e4:18:4e:fd:87:ea:a6:79:76:bd:4b:
41:04:e7:0b:b6:b9:52:a0:1c:7a:cd:97:5a:61:e9:
3e:44:70:d2:47:98:c3:e7:67:25:2e:da:63:71:eb:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CC:1C:1D:6C:82:C2:F5:04:2F:47:6B:FC:B2:2A:00:AA:A2:5F:3E
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/pMwcHWyCwvUEL0dr_LIqAKqiXz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.24.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:e8:03:10:3b:10:99:93:37:16:9f:53:41:b3:a2:9b:1f:9b:
3c:08:95:27:da:3b:5f:d7:fe:08:31:dc:5b:be:ef:22:65:ab:
d1:38:15:e8:34:0e:33:e9:15:c6:fc:74:ce:b6:3c:e7:37:86:
35:5a:af:e5:a9:eb:a4:2c:f2:b9:21:c0:4c:7e:18:19:1e:40:
8f:8c:63:c4:8a:36:8b:02:04:14:96:db:6b:63:64:2f:56:ca:
1a:49:d9:19:9e:1d:72:ad:fb:1b:e8:44:66:c0:65:92:c6:a1:
52:b5:ba:7c:15:9b:e6:3d:e1:19:1c:dc:d8:83:d1:65:9b:bf:
00:6e:d9:f9:c0:15:28:f9:b6:dc:6f:54:d6:6c:7a:a9:97:d1:
77:cb:b9:45:87:57:66:94:4a:0e:70:a0:fd:20:a7:0a:98:13:
8c:71:5d:a8:16:20:df:60:94:a0:89:21:6d:83:d6:aa:90:9f:
00:7e:23:da:dd:8a:0f:f7:88:e6:c2:3b:e2:99:87:d0:d9:47:
be:c2:23:4a:f4:e1:f9:58:f0:50:9c:d2:b2:e5:39:23:4c:d2:
2f:7c:a4:e1:c2:d8:42:a7:a6:e7:65:13:e7:9c:5d:16:a8:68:
b4:2a:97:be:bd:e8:64:b3:1d:11:f7:5c:6e:0a:ef:3c:48:28:
f0:16:69:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOPRwUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDQw
OTE1MDUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRjYzFjMWQ2Yzgy
YzJmNTA0MmY0NzZiZmNiMjJhMDBhYWEyNWYzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIo1wLcbw7WwoUTpibwlJRHPsGpKX2Q9hAD2v95bPnkC8MBQ
eJPRfVnJbF4m4OTeLECjAX0kEezIXiinnrYosKRylU77KXqKEyTm5MSBs+7pTBYd
TrlEy4AEkUaiXiC50kS4kq4y80mhWKh02RMcCJyYA6Ap0KCqPxZ39jB0l6wF7Z/s
V0ddBwI8exTqM/ICwjXd9L/JnPNwmXo0d0iqd2iyQzEUryDmKFG+TCRtcboLjBS2
TmONS8kyV2qQQCy22ceFaucmAD5KrjSl9ZpeHoI+pWgLp+QYTv2H6qZ5dr1LQQTn
C7a5UqAces2XWmHpPkRw0keYw+dnJS7aY3Hr/YkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkzBwdbILC9QQvR2v8sioAqqJfPjAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L3BNd2NIV3lDd3ZVRUwwZHJfTElxQUtxaVh6NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf7GDANBgkqhkiG9w0BAQsFAAOC
AQEArOgDEDsQmZM3Fp9TQbOimx+bPAiVJ9o7X9f+CDHcW77vImWr0TgV6DQOM+kV
xvx0zrY85zeGNVqv5anrpCzyuSHATH4YGR5Aj4xjxIo2iwIEFJbba2NkL1bKGknZ
GZ4dcq37G+hEZsBlksahUrW6fBWb5j3hGRzc2IPRZZu/AG7Z+cAVKPm23G9U1mx6
qZfRd8u5RYdXZpRKDnCg/SCnCpgTjHFdqBYg32CUoIkhbYPWqpCfAH4j2t2KD/eI
5sI74pmH0NlHvsIjSvTh+VjwUJzSsuU5I0zSL3yk4cLYQqem52UT55xdFqhotCqX
vr3oZLMdEfdcbgrvPEgo8BZpNA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:44 2023 by rpki-client on console.sobornost.net