Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/_lICuVMO43gLwsH4V0rWoo97bZ0.roa
File: _lICuVMO43gLwsH4V0rWoo97bZ0.roa (raw, json)
Hash identifier: 9XbaBXkZP2NkFDM9LHJG8huIDSmKBCMNIEshh4TPNtA=
Subject key identifier: FE:52:02:B9:53:0E:E3:78:0B:C2:C1:F8:57:4A:D6:A2:8F:7B:6D:9D
Certificate issuer: /CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Certificate serial: 0181DCA7F3C916CE8DCE3C418CD8E4D09442
Authority key identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/_lICuVMO43gLwsH4V0rWoo97bZ0.roa
Signing time: Fri 08 Jul 2022 07:13:23 +0000
ROA not before: Fri 08 Jul 2022 07:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210103
IP address blocks: 146.19.11.0/24 maxlen: 24
2a12:1d00::/29 maxlen: 48
2001:67c:768::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dc:a7:f3:c9:16:ce:8d:ce:3c:41:8c:d8:e4:d0:94:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Validity
Not Before: Jul 8 07:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe5202b9530ee3780bc2c1f8574ad6a28f7b6d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6f:c3:b3:7a:20:2c:0e:d4:00:74:40:0e:1b:
76:8d:2c:e0:be:e9:3d:8f:6d:7f:10:f6:40:b3:8d:
69:68:75:bb:25:3c:27:a9:60:1a:5a:12:57:8a:fc:
dd:26:d3:58:3e:94:bd:4d:8b:ee:ab:d5:34:95:96:
52:da:13:32:41:eb:15:ab:31:8d:ce:21:6b:5f:73:
4d:86:fd:c3:fa:1f:26:0a:0a:74:e7:8a:ae:4e:ba:
56:21:e4:e9:9e:68:ee:2b:f1:a9:bd:52:67:c4:83:
fc:e0:db:69:27:a4:b4:ee:f0:45:4e:e9:47:7d:c2:
2f:82:27:e5:e7:ff:e4:6c:c1:8f:84:27:4d:7c:4e:
13:27:81:8c:fb:f0:11:d5:43:12:7e:52:03:39:d7:
ab:ec:33:db:11:28:93:f7:5b:01:5a:c9:53:a4:0f:
bb:b2:8a:fc:b5:e3:82:36:61:c0:40:13:bb:97:e2:
ee:44:53:3a:f3:76:15:8a:77:95:8a:4e:7e:aa:d7:
8c:73:4f:e2:41:75:65:5d:5c:5f:24:67:53:1a:55:
bf:9d:c7:29:30:b6:44:1b:00:f3:46:7c:ab:c1:9d:
b4:cb:ad:20:be:9b:38:0c:2a:18:e8:2e:fc:00:c0:
aa:72:76:1e:8a:01:c5:01:98:15:3c:0e:1a:43:e6:
5f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:52:02:B9:53:0E:E3:78:0B:C2:C1:F8:57:4A:D6:A2:8F:7B:6D:9D
X509v3 Authority Key Identifier:
keyid:D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/_lICuVMO43gLwsH4V0rWoo97bZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.11.0/24
IPv6:
2001:67c:768::/48
2a12:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
0f:25:af:ed:19:0e:3f:bf:0c:d1:d2:91:fd:96:fa:48:80:e9:
f0:a1:ca:3b:70:c3:d2:d7:53:63:9c:3c:e0:db:f0:c3:d7:bd:
4b:9c:5b:06:b8:51:13:96:03:32:53:e4:42:c2:08:80:25:12:
a0:cd:44:d9:ab:68:87:49:cc:83:03:ce:42:3b:72:ec:cd:23:
a5:cc:26:aa:84:ea:11:4d:ca:2b:ee:7d:85:cd:e3:6d:d1:dc:
43:83:8d:b7:d9:9a:dc:17:41:50:bc:b6:89:21:a3:2e:43:9f:
e3:03:fe:7b:db:fb:f5:7a:3a:37:e8:cd:a2:7a:40:dc:a3:7b:
8a:24:62:84:3a:27:6e:4e:de:80:2b:66:83:86:f8:65:50:83:
db:b8:ef:58:3c:ce:fb:e8:e2:be:0b:fc:94:d8:8a:b3:63:e6:
46:01:65:fc:10:37:9a:b3:49:5a:d0:6f:8c:54:d2:12:ef:84:
70:ee:f5:7d:dd:55:ce:dc:d4:59:05:77:d0:fe:3d:5c:d3:33:
f7:09:6a:5f:90:83:53:95:66:e9:fa:45:62:82:77:5c:f6:d4:
4a:1b:29:a2:90:5c:c3:97:e0:a8:da:28:61:a8:cd:1d:34:5a:
c0:89:37:df:25:41:ef:8e:d9:e6:08:28:d3:ae:2f:1d:02:51:
1b:5e:65:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHcp/PJFs6NzjxBjNjk0JRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZmFmM2EzZjIxNDBjYjdjNmZmMGNkNmE3ZjU2MTRhMDVl
NGU0NjcwHhcNMjIwNzA4MDcxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUyMDJiOTUzMGVlMzc4MGJjMmMxZjg1NzRhZDZhMjhmN2I2ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW/Ds3ogLA7UAHRADht2jSzgvuk9
j21/EPZAs41paHW7JTwnqWAaWhJXivzdJtNYPpS9TYvuq9U0lZZS2hMyQesVqzGN
ziFrX3NNhv3D+h8mCgp054quTrpWIeTpnmjuK/GpvVJnxIP84NtpJ6S07vBFTulH
fcIvgifl5//kbMGPhCdNfE4TJ4GM+/AR1UMSflIDOder7DPbESiT91sBWslTpA+7
sor8teOCNmHAQBO7l+LuRFM683YVineVik5+qteMc0/iQXVlXVxfJGdTGlW/nccp
MLZEGwDzRnyrwZ20y60gvps4DCoY6C78AMCqcnYeigHFAZgVPA4aQ+ZfzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP5SArlTDuN4C8LB+FdK1qKPe22dMB8GA1UdIwQY
MBaAFNf686PyFAy3xv8M1qf1YUoF5ORnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYt
ZjM3OTdjZmQ2NWFlLzEvX2xJQ3VWTU80M2dMd3NINFYwcldvbzk3YlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYtZjM3OTdjZmQ2NWFl
LzEvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAkhMLMBYE
AgACMBADBwAgAQZ8B2gDBQMqEh0AMA0GCSqGSIb3DQEBCwUAA4IBAQAPJa/tGQ4/
vwzR0pH9lvpIgOnwoco7cMPS11NjnDzg2/DD171LnFsGuFETlgMyU+RCwgiAJRKg
zUTZq2iHScyDA85CO3LszSOlzCaqhOoRTcor7n2FzeNt0dxDg4232ZrcF0FQvLaJ
IaMuQ5/jA/572/v1ejo36M2iekDco3uKJGKEOiduTt6AK2aDhvhlUIPbuO9YPM77
6OK+C/yU2IqzY+ZGAWX8EDeas0la0G+MVNIS74Rw7vV93VXO3NRZBXfQ/j1c0zP3
CWpfkINTlWbp+kVigndc9tRKGymikFzDl+Co2ihhqM0dNFrAiTffJUHvjtnmCCjT
ri8dAlEbXmWC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net