Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/E2ejCLsaYzBrxyRNqXxVhYeH9do.roa
File: E2ejCLsaYzBrxyRNqXxVhYeH9do.roa (raw, json)
Hash identifier: D6XiEDJZuskQLMwZ/jlf0IF1bK/aL+n/wf9CQd+q+7o=
Subject key identifier: 13:67:A3:08:BB:1A:63:30:6B:C7:24:4D:A9:7C:55:85:87:87:F5:DA
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 0183CC191328B3F55E82EF66264A6DFF05BA
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/E2ejCLsaYzBrxyRNqXxVhYeH9do.roa
Signing time: Wed 12 Oct 2022 12:08:58 +0000
ROA not before: Wed 12 Oct 2022 12:08:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:19:13:28:b3:f5:5e:82:ef:66:26:4a:6d:ff:05:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Oct 12 12:08:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1367a308bb1a63306bc7244da97c55858787f5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:02:e9:07:87:3d:5b:76:0e:41:fe:15:67:3d:
44:99:5c:2e:20:22:3d:ab:f1:b6:dc:23:e6:4f:b3:
8a:97:8a:35:0f:ea:c9:1d:fc:a1:dc:a9:3f:40:aa:
a7:48:41:11:65:73:aa:d3:04:ef:b9:6d:70:bb:a5:
e1:e0:df:01:6a:90:c4:f2:69:fe:34:e8:7d:ab:a6:
4a:76:88:2b:3d:e8:e2:4d:ff:87:5b:58:0a:b5:43:
9b:2f:e9:f7:7e:2b:f3:2c:98:b3:b9:74:aa:6c:4b:
41:e9:3b:f2:27:8c:88:e7:85:26:cf:39:bc:54:07:
e9:1b:14:5e:60:d7:6d:41:27:08:3e:6c:65:39:2b:
32:9e:aa:0f:53:f6:e9:4c:86:d3:9a:77:8a:c9:7c:
82:69:fc:75:19:a8:42:a7:bf:46:2b:0f:f0:6e:ac:
70:ce:f1:df:5a:70:b9:68:53:65:cf:29:14:14:cf:
7e:1c:c0:1d:46:cf:f9:01:0d:bf:a5:94:93:60:d7:
d7:32:9e:e7:fd:8f:ec:01:72:05:f1:86:1f:98:c7:
e2:b7:5e:84:88:25:f0:10:5f:84:53:14:1b:7f:4e:
6b:ae:09:c9:cc:83:0d:ee:a9:c9:1a:a5:fa:a8:e8:
8e:4b:b7:b9:ee:57:40:97:5a:43:62:81:76:9e:2f:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:67:A3:08:BB:1A:63:30:6B:C7:24:4D:A9:7C:55:85:87:87:F5:DA
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/E2ejCLsaYzBrxyRNqXxVhYeH9do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:44:50:4d:9e:06:cd:03:f8:2e:5d:d5:3b:a7:90:20:81:90:
6e:f0:84:74:e2:74:3f:df:31:16:8d:10:e3:84:83:05:70:11:
28:ef:72:04:6d:05:d8:40:eb:93:f7:9b:1e:f7:ea:33:29:ce:
5e:e2:2f:68:26:75:8b:45:85:05:52:bc:e5:c5:71:6e:10:9a:
15:51:7a:e9:18:f7:30:a5:90:da:01:9d:23:5d:9d:5a:21:2d:
ac:a1:33:4e:aa:d8:bd:9a:aa:82:0a:05:b6:dc:28:0a:e2:92:
66:b7:b7:db:55:44:c1:97:f9:a4:f4:51:fe:4a:41:ac:06:5a:
d4:a9:64:d1:9b:8b:f5:d4:95:2b:f1:c9:5e:d2:ad:42:7f:4f:
2c:35:1e:5c:6c:36:a8:0d:e2:81:34:2c:79:93:73:3f:ae:dd:
61:e6:de:32:84:b9:9f:3c:f5:dc:35:d5:61:85:94:46:f9:0d:
9d:0b:85:27:65:43:65:38:a4:99:b3:26:2b:26:b3:7d:7f:bc:
8d:d6:66:50:20:e6:42:fb:ec:ad:c0:ba:27:3a:a5:ba:09:4d:
56:32:cf:e1:b8:46:b3:85:fe:3e:0f:cb:2d:f8:7f:63:7c:80:
d9:2e:e7:33:1f:f8:6d:f6:56:d3:1a:3a:a5:ec:10:c1:ee:db:
88:eb:82:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPMGRMos/Vegu9mJkpt/wW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIxMDEyMTIwODU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY3YTMwOGJiMWE2MzMwNmJjNzI0NGRhOTdjNTU4NTg3ODdmNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wLpB4c9W3YOQf4VZz1EmVwuICI9
q/G23CPmT7OKl4o1D+rJHfyh3Kk/QKqnSEERZXOq0wTvuW1wu6Xh4N8BapDE8mn+
NOh9q6ZKdogrPejiTf+HW1gKtUObL+n3fivzLJizuXSqbEtB6TvyJ4yI54Umzzm8
VAfpGxReYNdtQScIPmxlOSsynqoPU/bpTIbTmneKyXyCafx1GahCp79GKw/wbqxw
zvHfWnC5aFNlzykUFM9+HMAdRs/5AQ2/pZSTYNfXMp7n/Y/sAXIF8YYfmMfit16E
iCXwEF+EUxQbf05rrgnJzIMN7qnJGqX6qOiOS7e57ldAl1pDYoF2ni9L1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNnowi7GmMwa8ckTal8VYWHh/XaMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvRTJlakNMc2FZekJyeHlSTnFYeFZoWWVIOWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTkjMA0G
CSqGSIb3DQEBCwUAA4IBAQBvRFBNngbNA/guXdU7p5AggZBu8IR04nQ/3zEWjRDj
hIMFcBEo73IEbQXYQOuT95se9+ozKc5e4i9oJnWLRYUFUrzlxXFuEJoVUXrpGPcw
pZDaAZ0jXZ1aIS2soTNOqti9mqqCCgW23CgK4pJmt7fbVUTBl/mk9FH+SkGsBlrU
qWTRm4v11JUr8cle0q1Cf08sNR5cbDaoDeKBNCx5k3M/rt1h5t4yhLmfPPXcNdVh
hZRG+Q2dC4UnZUNlOKSZsyYrJrN9f7yN1mZQIOZC++ytwLonOqW6CU1WMs/huEaz
hf4+D8st+H9jfIDZLuczH/ht9lbTGjql7BDB7tuI64Jv
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net