Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/a17S-i3pWkaqfdBaebsfdzvh70Y.roa
File: a17S-i3pWkaqfdBaebsfdzvh70Y.roa (raw, json)
Hash identifier: B0rfEHziY5iib4biFghzYzwETFXhFYCqjnwD7v1cIic=
Subject key identifier: 6B:5E:D2:FA:2D:E9:5A:46:AA:7D:D0:5A:79:BB:1F:77:3B:E1:EF:46
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 01857169AC49057E55964F8B1606BA2B3A8C
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/a17S-i3pWkaqfdBaebsfdzvh70Y.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212460
IP address blocks: 188.72.1.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
188.72.51.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ac:49:05:7e:55:96:4f:8b:16:06:ba:2b:3a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b5ed2fa2de95a46aa7dd05a79bb1f773be1ef46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:ba:09:d2:6c:dd:b9:0b:50:81:d9:57:a3:
aa:62:53:6b:a1:62:9a:c1:73:18:10:67:57:72:87:
82:01:bc:a3:69:2e:30:22:1f:d6:fa:97:fd:b4:a9:
f8:ff:7a:8d:f5:50:6c:e6:a1:37:16:00:76:d4:96:
c4:1e:bc:49:0f:0f:3e:84:e4:2a:9d:8d:bb:9e:a6:
86:0c:d0:24:af:f9:f0:f4:37:57:ef:ef:9d:1a:99:
ef:63:2e:d9:15:45:15:41:93:62:86:a8:b4:01:47:
e9:b9:d2:73:98:0e:f4:99:5f:99:7a:67:fd:7c:68:
8d:14:d0:9c:f1:de:fb:31:5a:5b:8d:8d:7b:80:f2:
df:1a:ca:09:95:86:bb:39:8f:bd:37:6e:4d:29:92:
81:cb:0d:c9:ad:5b:b0:18:75:67:c9:9a:25:63:c4:
a5:11:79:31:88:44:e6:b9:fb:e6:96:61:26:43:4c:
5e:33:3d:f5:d8:2d:7b:d7:e4:de:a3:d7:7f:63:e0:
86:2e:9c:eb:ce:0a:32:94:db:4b:bc:27:26:49:a7:
ed:96:ad:55:d8:3d:7e:39:a3:e1:a7:d8:d7:e6:c9:
e9:be:d0:f6:92:99:c8:f9:bb:72:1d:8c:c7:44:42:
06:2c:ab:3a:1b:f0:0f:5c:82:bd:c4:9d:67:5a:cb:
ee:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5E:D2:FA:2D:E9:5A:46:AA:7D:D0:5A:79:BB:1F:77:3B:E1:EF:46
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/a17S-i3pWkaqfdBaebsfdzvh70Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
188.72.51.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d7:5b:e9:67:9b:99:a0:11:2d:b0:52:d9:e3:10:86:1d:5f:
8f:0c:f0:49:1e:f3:5b:b2:52:5f:a6:00:f9:9a:26:7d:ec:ea:
6d:11:ea:83:f1:80:a4:05:ff:83:0a:43:e2:7c:51:69:66:b9:
84:32:0f:75:de:1d:6d:ca:13:7d:10:47:a3:c6:a9:f2:2d:9d:
aa:33:6f:7b:06:cf:e6:cd:95:57:ed:d9:30:4b:e2:71:45:d4:
fe:46:b1:b5:03:5c:c3:7b:48:e8:36:4f:45:7b:c3:f9:54:68:
48:cd:0c:32:84:a0:84:25:1b:e4:8a:6b:33:78:ac:9a:46:59:
a2:c1:09:79:2e:8a:6d:d0:f2:0f:02:fe:d6:27:96:e4:8f:8e:
1d:a8:e2:16:d5:aa:bf:c9:e2:d9:20:f5:a4:93:e8:79:1d:d5:
1f:5b:a8:bc:9f:9c:ba:80:9d:49:ae:1a:77:ff:01:3a:14:ab:
12:22:a3:3f:0f:e9:88:d6:9a:c4:5e:46:b1:95:c4:13:c6:10:
60:53:26:c5:89:2c:55:c5:35:0c:ff:79:f5:a0:2d:6f:99:44:
8f:4a:a8:8c:11:3e:4a:43:9e:51:6f:b4:7c:d9:6b:11:63:da:
e1:48:10:68:fe:1c:0c:77:e9:fb:df:0a:22:ec:58:e4:9e:74:
46:ed:23:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxaaxJBX5Vlk+LFga6KzqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjVlZDJmYTJkZTk1YTQ2YWE3ZGQwNWE3OWJiMWY3NzNiZTFlZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzy6CdJs3bkLUIHZV6OqYlNroWKa
wXMYEGdXcoeCAbyjaS4wIh/W+pf9tKn4/3qN9VBs5qE3FgB21JbEHrxJDw8+hOQq
nY27nqaGDNAkr/nw9DdX7++dGpnvYy7ZFUUVQZNihqi0AUfpudJzmA70mV+Zemf9
fGiNFNCc8d77MVpbjY17gPLfGsoJlYa7OY+9N25NKZKByw3JrVuwGHVnyZolY8Sl
EXkxiETmufvmlmEmQ0xeMz312C171+Teo9d/Y+CGLpzrzgoylNtLvCcmSaftlq1V
2D1+OaPhp9jX5snpvtD2kpnI+btyHYzHREIGLKs6G/APXIK9xJ1nWsvuXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGte0vot6VpGqn3QWnm7H3c74e9GMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvYTE3Uy1pM3BXa2FxZmRCYWVic2ZkenZoNzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvEgAAwQA
vEgzMA0GCSqGSIb3DQEBCwUAA4IBAQB211vpZ5uZoBEtsFLZ4xCGHV+PDPBJHvNb
slJfpgD5miZ97OptEeqD8YCkBf+DCkPifFFpZrmEMg913h1tyhN9EEejxqnyLZ2q
M297Bs/mzZVX7dkwS+JxRdT+RrG1A1zDe0joNk9Fe8P5VGhIzQwyhKCEJRvkimsz
eKyaRlmiwQl5Lopt0PIPAv7WJ5bkj44dqOIW1aq/yeLZIPWkk+h5HdUfW6i8n5y6
gJ1Jrhp3/wE6FKsSIqM/D+mI1prEXkaxlcQTxhBgUybFiSxVxTUM/3n1oC1vmUSP
SqiMET5KQ55Rb7R82WsRY9rhSBBo/hwMd+n73woi7FjknnRG7SO9
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net