Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RQVrTtkCus7WkipNhaarAJ-jqgY.roa
File: RQVrTtkCus7WkipNhaarAJ-jqgY.roa (raw, json)
Hash identifier: AmBls1QVuy6mrFqZWOQ9v/5FJOPSW8GQEfeHtCwWlWc=
Subject key identifier: 45:05:6B:4E:D9:02:BA:CE:D6:92:2A:4D:85:A6:AB:00:9F:A3:AA:06
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 0183B276B05063F59A6AC1B84B7625E067FB
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RQVrTtkCus7WkipNhaarAJ-jqgY.roa
Signing time: Fri 07 Oct 2022 12:41:06 +0000
ROA not before: Fri 07 Oct 2022 12:41:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.27.0/24 maxlen: 24
193.57.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:76:b0:50:63:f5:9a:6a:c1:b8:4b:76:25:e0:67:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Oct 7 12:41:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45056b4ed902baced6922a4d85a6ab009fa3aa06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:dd:4d:0b:0c:94:ba:e2:77:d0:42:db:10:
0a:8d:90:32:b4:24:20:d8:79:45:10:9a:9c:f3:c5:
41:91:ad:b0:80:d9:17:8f:90:e9:b3:af:d2:ef:1a:
56:ff:ae:bb:64:2b:a9:f1:32:9a:59:49:86:e0:e7:
5c:84:6b:2d:34:c3:5a:a7:0d:e1:a9:37:29:ac:36:
4f:24:69:2c:a9:59:d0:31:50:07:00:c4:47:2f:58:
a4:40:9d:9b:dd:e0:c4:ee:01:d4:79:13:47:bc:a3:
6d:71:e3:ae:4e:40:4c:61:9a:8f:b6:b9:14:da:6e:
70:3e:57:94:73:48:ea:fd:f6:e9:25:30:2a:02:dd:
69:ad:de:c3:c5:49:bd:16:80:d6:c0:23:1c:f8:d6:
cc:67:6d:5f:eb:34:34:07:14:f0:77:65:9f:e9:41:
15:1a:16:a6:70:bd:51:72:42:ae:50:dd:73:ba:a1:
fa:3a:3e:be:aa:2e:ab:bf:99:3f:61:c0:3d:85:b8:
be:1f:bd:7e:1f:1d:5b:94:17:09:e5:bf:1a:d2:37:
5e:ea:91:d2:34:a4:c9:20:02:4e:a5:47:1f:e2:a7:
89:66:69:3b:0c:d6:a7:bb:ed:38:f0:b2:ac:8d:3f:
b0:31:75:41:60:47:cb:ad:dc:41:92:61:e3:f9:2d:
44:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:05:6B:4E:D9:02:BA:CE:D6:92:2A:4D:85:A6:AB:00:9F:A3:AA:06
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/RQVrTtkCus7WkipNhaarAJ-jqgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.27.0/24
193.57.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:2b:c5:ae:b4:b2:c4:be:0c:fb:cc:a3:88:ea:06:74:fe:4f:
cb:e1:cb:9f:06:84:4d:4f:fd:45:30:a0:9b:b1:27:32:62:63:
78:de:40:20:a0:a4:6a:9e:83:ec:2e:b5:69:a5:72:3b:d4:34:
4e:c9:26:cc:a8:61:21:35:7a:4f:c9:7f:33:4b:db:f6:f6:f8:
2f:ce:c1:03:d0:a1:f0:fc:87:df:ab:84:ff:7b:a1:7b:97:6b:
22:13:29:18:12:18:cb:3e:04:3d:43:e7:6b:ad:c3:cc:79:f4:
34:89:d1:7c:d6:d1:f7:fc:c2:be:bb:6f:e7:8d:82:b3:ec:58:
fe:c6:bd:5d:85:85:6b:8f:af:77:65:12:d3:80:00:c4:1f:8b:
f7:6a:43:2e:b1:96:5f:cd:eb:0c:01:6c:67:53:c4:f6:b0:7c:
86:78:70:9c:1d:f7:2b:5f:e5:fc:d1:33:3e:cd:d2:cc:59:b5:
67:38:e7:cf:de:2c:b0:e1:b1:73:d3:02:d7:07:be:d3:a1:20:
22:f0:a6:d2:d9:a0:f0:9d:6c:8c:b0:7b:77:fc:1e:55:88:ef:
5e:b0:c4:b3:c6:7f:19:ff:ac:34:1d:83:e7:dd:71:6c:94:f5:
04:d9:23:d9:ac:76:63:05:c3:4b:8f:e8:40:ae:a2:19:d3:20:
15:22:b2:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOydrBQY/WaasG4S3Yl4Gf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIxMDA3MTI0MTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTA1NmI0ZWQ5MDJiYWNlZDY5MjJhNGQ4NWE2YWIwMDlmYTNhYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlITdTQsMlLrid9BC2xAKjZAytCQg
2HlFEJqc88VBka2wgNkXj5Dps6/S7xpW/667ZCup8TKaWUmG4OdchGstNMNapw3h
qTcprDZPJGksqVnQMVAHAMRHL1ikQJ2b3eDE7gHUeRNHvKNtceOuTkBMYZqPtrkU
2m5wPleUc0jq/fbpJTAqAt1prd7DxUm9FoDWwCMc+NbMZ21f6zQ0BxTwd2Wf6UEV
GhamcL1RckKuUN1zuqH6Oj6+qi6rv5k/YcA9hbi+H71+Hx1blBcJ5b8a0jde6pHS
NKTJIAJOpUcf4qeJZmk7DNanu+048LKsjT+wMXVBYEfLrdxBkmHj+S1ELQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEUFa07ZArrO1pIqTYWmqwCfo6oGMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvUlFWclR0a0N1czdXa2lwTmhhYXJBSi1qcWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwTkbAwQA
wTkjMA0GCSqGSIb3DQEBCwUAA4IBAQB8K8WutLLEvgz7zKOI6gZ0/k/L4cufBoRN
T/1FMKCbsScyYmN43kAgoKRqnoPsLrVppXI71DROySbMqGEhNXpPyX8zS9v29vgv
zsED0KHw/Iffq4T/e6F7l2siEykYEhjLPgQ9Q+drrcPMefQ0idF81tH3/MK+u2/n
jYKz7Fj+xr1dhYVrj693ZRLTgADEH4v3akMusZZfzesMAWxnU8T2sHyGeHCcHfcr
X+X80TM+zdLMWbVnOOfP3iyw4bFz0wLXB77ToSAi8KbS2aDwnWyMsHt3/B5ViO9e
sMSzxn8Z/6w0HYPn3XFslPUE2SPZrHZjBcNLj+hArqIZ0yAVIrJm
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net