Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qGcYGBXB-u_OoBkw1YBDhiQgz98.roa
File: qGcYGBXB-u_OoBkw1YBDhiQgz98.roa (raw, json)
Hash identifier: KpnCbsZqom8CvaeQY9NPqmX6hssgYeP5p90k2YV9B+g=
Subject key identifier: A8:67:18:18:15:C1:FA:EF:CE:A0:19:30:D5:80:43:86:24:20:CF:DF
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 01839CF72F6C1752D8A2519F4F929BD09960
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qGcYGBXB-u_OoBkw1YBDhiQgz98.roa
Signing time: Mon 03 Oct 2022 08:29:48 +0000
ROA not before: Mon 03 Oct 2022 08:29:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.27.0/24 maxlen: 24
193.57.33.0/24 maxlen: 24
193.57.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9c:f7:2f:6c:17:52:d8:a2:51:9f:4f:92:9b:d0:99:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Oct 3 08:29:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a867181815c1faefcea01930d58043862420cfdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:3f:f1:42:1c:49:d7:58:28:c3:f9:c6:34:
fc:89:b3:98:09:de:de:6e:92:60:94:f8:00:7d:fe:
7a:0b:4f:f8:3d:7c:5d:d0:35:03:c1:b3:2c:c5:c6:
9b:2a:15:ee:8f:b4:8c:cc:57:ae:43:ad:47:51:41:
f1:19:8b:48:83:8b:38:c5:4a:05:e5:33:b6:13:ab:
0d:b4:61:17:ed:d3:34:e5:0a:3d:ca:09:3e:36:ee:
08:33:c2:3a:de:13:76:57:a5:71:29:e7:de:9e:a7:
0e:38:88:77:d3:c0:3b:82:74:e6:15:10:8a:06:8c:
25:c2:44:42:ad:e5:3f:d4:f2:d7:a1:48:33:29:fc:
7c:9b:64:d8:f6:05:19:f1:1a:43:40:8c:49:df:8e:
1c:12:8a:e1:b6:b8:5a:25:fc:99:7a:74:3d:b6:83:
a9:44:71:31:4c:9d:3a:f7:ae:35:dd:4c:3f:a1:3e:
71:29:9c:8a:b9:cb:70:bf:bd:22:ce:6a:3e:7b:00:
b7:43:41:a1:f6:09:3f:a5:7c:af:15:07:23:1e:3f:
43:f0:70:31:be:5a:61:53:b9:23:d6:3a:23:e8:3a:
9a:31:c3:f6:42:b7:6c:34:5d:7f:06:02:84:e7:01:
9e:40:79:e5:0b:76:e6:54:ec:bd:77:84:96:a0:bd:
16:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:67:18:18:15:C1:FA:EF:CE:A0:19:30:D5:80:43:86:24:20:CF:DF
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/qGcYGBXB-u_OoBkw1YBDhiQgz98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.27.0/24
193.57.33.0/24
193.57.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:26:96:7c:9c:60:cc:24:8b:3f:88:b3:27:a8:c8:78:b6:c7:
c3:3f:18:e5:61:fe:3a:d1:7b:20:7a:d2:50:75:91:2b:a7:09:
aa:0c:a8:10:ca:e6:d0:13:a5:96:36:b3:b5:9b:88:ee:d8:8d:
4c:ff:f1:8d:4c:6b:10:8d:2a:35:64:ee:bf:4f:be:03:c6:9b:
69:7a:18:0d:8b:a6:e1:39:85:a9:c9:b4:ee:08:f1:94:e6:5f:
8b:14:a3:36:d4:29:7b:f6:7c:31:8c:9e:03:d4:96:68:2c:f4:
47:3d:bd:5e:b3:64:0e:97:7e:54:4b:88:58:23:7e:36:93:ab:
b6:56:45:75:ce:97:05:f5:3a:c2:0f:87:62:65:60:6f:6d:8d:
e8:26:1f:9a:30:5d:3c:3f:80:35:16:16:1a:0e:26:59:10:1f:
f7:fe:e8:ec:e8:d3:0e:30:b0:c2:72:2f:d2:18:bc:6d:d2:e0:
41:36:f0:3a:0f:2d:81:37:71:fb:5a:2c:40:d5:4d:d2:6b:a2:
8e:22:bf:48:77:21:3a:8e:5d:30:a0:53:ee:eb:28:68:2c:c8:
a0:75:ce:73:fd:db:fa:1c:18:69:ab:64:4a:25:fb:6f:c2:23:
55:4d:99:79:2b:32:36:ab:ac:64:11:18:76:69:5a:70:e2:b1:
f9:e0:81:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOc9y9sF1LYolGfT5Kb0JlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIxMDAzMDgyOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY3MTgxODE1YzFmYWVmY2VhMDE5MzBkNTgwNDM4NjI0MjBjZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxQ/8UIcSddYKMP5xjT8ibOYCd7e
bpJglPgAff56C0/4PXxd0DUDwbMsxcabKhXuj7SMzFeuQ61HUUHxGYtIg4s4xUoF
5TO2E6sNtGEX7dM05Qo9ygk+Nu4IM8I63hN2V6VxKefenqcOOIh308A7gnTmFRCK
BowlwkRCreU/1PLXoUgzKfx8m2TY9gUZ8RpDQIxJ344cEorhtrhaJfyZenQ9toOp
RHExTJ0696413Uw/oT5xKZyKuctwv70izmo+ewC3Q0Gh9gk/pXyvFQcjHj9D8HAx
vlphU7kj1joj6DqaMcP2QrdsNF1/BgKE5wGeQHnlC3bmVOy9d4SWoL0WgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKhnGBgVwfrvzqAZMNWAQ4YkIM/fMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvcUdjWUdCWEItdV9Pb0JrdzFZQkRoaVFnejk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwTkbAwQA
wTkhAwQAwTkjMA0GCSqGSIb3DQEBCwUAA4IBAQBsJpZ8nGDMJIs/iLMnqMh4tsfD
PxjlYf460XsgetJQdZErpwmqDKgQyubQE6WWNrO1m4ju2I1M//GNTGsQjSo1ZO6/
T74DxptpehgNi6bhOYWpybTuCPGU5l+LFKM21Cl79nwxjJ4D1JZoLPRHPb1es2QO
l35US4hYI342k6u2VkV1zpcF9TrCD4diZWBvbY3oJh+aMF08P4A1FhYaDiZZEB/3
/ujs6NMOMLDCci/SGLxt0uBBNvA6Dy2BN3H7WixA1U3Sa6KOIr9IdyE6jl0woFPu
6yhoLMigdc5z/dv6HBhpq2RKJftvwiNVTZl5KzI2q6xkERh2aVpw4rH54IHv
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:34 2023 by rpki-client on console.sobornost.net