Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/PJSaEs_geYveyBP_98qowRQed_k.roa
File: PJSaEs_geYveyBP_98qowRQed_k.roa (raw, json)
Hash identifier: 5MO+GhrNmIy7/xlBf3WVyDyhP1Yp1KDnbcV93R1zuyQ=
Subject key identifier: 3C:94:9A:12:CF:E0:79:8B:DE:C8:13:FF:F7:CA:A8:C1:14:1E:77:F9
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0185DD0A021174E98053CE21EEC563601727
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/PJSaEs_geYveyBP_98qowRQed_k.roa
Signing time: Mon 23 Jan 2023 05:11:38 +0000
ROA not before: Mon 23 Jan 2023 05:11:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205473
IP address blocks: 188.72.0.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.51.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:0a:02:11:74:e9:80:53:ce:21:ee:c5:63:60:17:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 23 05:11:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c949a12cfe0798bdec813fff7caa8c1141e77f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a8:c3:c1:8f:85:db:cc:00:73:cc:2a:d7:c4:
f5:a5:62:b0:f3:44:97:51:b5:11:b9:fe:4e:5c:b2:
c6:7a:e9:f6:10:a6:1a:e0:3f:8f:3a:03:69:09:2d:
75:01:54:e1:63:7d:4c:72:8b:86:93:3c:e9:64:75:
47:c3:92:46:8a:e0:91:ea:81:38:f7:9b:4b:14:f5:
12:42:d2:04:b0:75:bc:7c:4a:98:cd:96:29:3e:e8:
95:65:f6:05:45:e3:a3:fe:65:e9:34:c7:0e:e0:b7:
a4:84:22:92:8e:47:2a:82:64:91:34:6a:a9:02:a6:
e5:98:4b:4b:ae:94:b7:70:77:63:20:94:aa:91:5a:
ea:68:88:1a:f1:c0:ea:eb:db:d1:65:3a:98:8f:54:
8a:ae:58:7f:7d:cb:92:07:0e:cf:bc:03:d3:b3:05:
f2:34:08:6d:83:03:b5:93:9f:f7:72:4c:c5:da:68:
1c:7a:6a:b4:ef:85:c3:e9:96:03:27:47:0f:e8:4a:
e5:38:61:44:87:49:2a:f6:b3:62:2e:c7:45:8e:6e:
d9:22:42:57:40:4f:b4:d2:ab:8d:d9:cf:3d:16:25:
dc:67:1b:a8:73:ad:a0:f2:6a:9c:05:59:0d:91:15:
7f:9c:ba:a9:07:66:e7:8f:c7:24:d9:b2:d0:cb:eb:
a6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:94:9A:12:CF:E0:79:8B:DE:C8:13:FF:F7:CA:A8:C1:14:1E:77:F9
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/PJSaEs_geYveyBP_98qowRQed_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
188.72.51.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:97:df:58:c9:48:2c:c9:d1:a0:16:36:6b:68:94:df:98:ce:
71:80:80:34:15:58:2a:26:5f:5c:a8:7e:9b:fc:54:62:7f:b3:
47:53:56:2b:a6:00:25:de:0b:63:93:af:6c:31:a6:a5:a0:69:
3e:bf:52:05:ae:e0:f2:20:22:0d:84:2a:65:58:de:e6:ff:ec:
bb:01:f1:11:a0:d6:68:21:69:fe:bd:13:ba:d2:c1:c4:a8:5b:
c1:be:ba:f1:20:6c:6f:59:29:a5:03:5f:20:12:7a:ae:f8:62:
86:df:71:97:9d:30:04:1a:66:0b:21:05:df:01:b6:f6:df:49:
af:df:fc:f0:8c:60:08:ec:71:53:b1:f0:06:1d:06:3e:15:a4:
80:a0:8b:93:fb:8a:68:81:85:5a:bd:47:f1:61:c5:06:5b:a8:
f8:01:a4:ac:26:39:ef:1f:82:9d:ff:8d:31:8a:cf:64:74:4c:
a4:06:96:91:73:89:18:38:00:ae:6d:d1:cd:c1:c7:e2:76:68:
e1:93:6f:11:89:35:31:5b:97:9d:e9:4b:90:42:82:c2:bc:85:
e7:f0:56:8a:f9:b1:1c:3c:bc:8b:a7:90:6d:e5:7a:29:42:37:
e5:b1:27:d6:85:ae:ac:ca:48:2c:a6:43:0d:c7:2c:8b:37:85:
7d:e1:89:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXdCgIRdOmAU84h7sVjYBcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMTIzMDUxMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzk0OWExMmNmZTA3OThiZGVjODEzZmZmN2NhYThjMTE0MWU3N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6jDwY+F28wAc8wq18T1pWKw80SX
UbURuf5OXLLGeun2EKYa4D+POgNpCS11AVThY31McouGkzzpZHVHw5JGiuCR6oE4
95tLFPUSQtIEsHW8fEqYzZYpPuiVZfYFReOj/mXpNMcO4LekhCKSjkcqgmSRNGqp
AqblmEtLrpS3cHdjIJSqkVrqaIga8cDq69vRZTqYj1SKrlh/fcuSBw7PvAPTswXy
NAhtgwO1k5/3ckzF2mgcemq074XD6ZYDJ0cP6ErlOGFEh0kq9rNiLsdFjm7ZIkJX
QE+00quN2c89FiXcZxuoc62g8mqcBVkNkRV/nLqpB2bnj8ck2bLQy+umBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDyUmhLP4HmL3sgT//fKqMEUHnf5MB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvUEpTYUVzX2dlWXZleUJQXzk4cW93UlFlZF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvEgAAwQA
vEgzMA0GCSqGSIb3DQEBCwUAA4IBAQAvl99YyUgsydGgFjZraJTfmM5xgIA0FVgq
Jl9cqH6b/FRif7NHU1YrpgAl3gtjk69sMaaloGk+v1IFruDyICINhCplWN7m/+y7
AfERoNZoIWn+vRO60sHEqFvBvrrxIGxvWSmlA18gEnqu+GKG33GXnTAEGmYLIQXf
Abb230mv3/zwjGAI7HFTsfAGHQY+FaSAoIuT+4pogYVavUfxYcUGW6j4AaSsJjnv
H4Kd/40xis9kdEykBpaRc4kYOACubdHNwcfidmjhk28RiTUxW5ed6UuQQoLCvIXn
8FaK+bEcPLyLp5Bt5XopQjflsSfWha6sykgspkMNxyyLN4V94Ymm
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net