Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/erTlCg_S9H_SA40NU2mWuIBG8Q0.roa
File: erTlCg_S9H_SA40NU2mWuIBG8Q0.roa (raw, json)
Hash identifier: wY/rkILre+2lPjrwCt8hUYbCMAPm2vhwiO+C81fjkJg=
Subject key identifier: 7A:B4:E5:0A:0F:D2:F4:7F:D2:03:8D:0D:53:69:96:B8:80:46:F1:0D
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0186E02F417EA7237E90C960ACA00DE14469
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/erTlCg_S9H_SA40NU2mWuIBG8Q0.roa
Signing time: Tue 14 Mar 2023 12:53:58 +0000
ROA not before: Tue 14 Mar 2023 12:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209565
IP address blocks: 188.72.3.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
188.72.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:2f:41:7e:a7:23:7e:90:c9:60:ac:a0:0d:e1:44:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Mar 14 12:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ab4e50a0fd2f47fd2038d0d536996b88046f10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1c:8d:87:79:df:ea:64:cb:db:fe:10:84:c2:
2a:13:0e:95:28:36:9b:88:4b:d3:a8:42:ec:d1:41:
11:0b:02:30:ca:59:a8:cb:c3:75:53:30:45:98:0f:
b6:bc:73:c5:c9:d3:ad:42:4b:f1:47:8a:73:2f:a6:
b6:db:4a:b5:c6:8b:6c:82:92:9e:88:9c:0c:77:e8:
91:26:76:e4:c6:b0:34:67:4d:3c:1f:0e:7d:10:63:
48:65:74:b0:13:56:56:6d:fa:2e:03:bc:ab:66:17:
8f:c4:14:e3:99:59:fa:31:8f:6f:04:da:a1:56:d6:
f4:6c:47:6f:d6:f9:7b:69:58:10:9b:68:03:96:06:
e5:63:ed:74:4b:64:72:3b:73:2d:83:21:3c:bd:35:
89:6f:e6:a9:32:88:88:3e:a0:1c:8d:7c:3c:9d:5c:
6a:c9:6b:d0:85:5a:d2:5f:63:09:da:97:52:fb:4b:
b2:61:b9:7e:dc:39:68:f8:3f:11:68:58:73:96:b2:
5d:f9:d0:4d:c6:92:90:4c:d8:9f:9d:d7:13:75:74:
0d:d3:59:55:0d:65:44:02:29:16:40:a5:cf:47:6b:
0e:6f:e1:b9:ab:c9:f6:35:01:7e:5b:16:4f:2c:1e:
7b:30:d2:3b:81:79:90:25:09:57:e3:14:12:00:7a:
c7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B4:E5:0A:0F:D2:F4:7F:D2:03:8D:0D:53:69:96:B8:80:46:F1:0D
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/erTlCg_S9H_SA40NU2mWuIBG8Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
188.72.3.0/24
188.72.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b2:df:d2:13:61:88:da:56:ed:23:59:6a:df:c1:a6:50:85:
43:b2:af:29:c5:5b:bf:d2:53:60:8f:e6:db:08:c1:72:94:c0:
72:03:d0:29:d2:db:6d:7e:70:7f:8c:c7:5e:e9:48:34:14:85:
42:82:51:86:2a:18:d8:ff:5e:c9:ad:a9:7c:24:9c:6d:4b:96:
f1:75:0e:14:c8:78:71:28:55:ee:57:2d:71:bf:e2:5c:ee:f6:
57:78:9d:6e:af:d1:4e:64:f5:8a:cf:81:54:3b:1c:d0:26:ac:
34:53:90:81:bb:4b:5c:7a:12:ae:2a:7f:ba:60:11:ed:63:e6:
0c:54:cc:bb:8e:aa:2c:06:d1:c7:c9:00:e6:04:04:fe:75:cf:
6f:35:27:20:f7:70:e7:cd:45:06:e4:42:73:21:63:bb:45:d1:
b9:20:9a:b8:50:c0:9e:78:1a:45:7c:0a:a7:0a:35:d9:f2:7b:
62:d6:54:54:aa:7e:38:c1:41:94:c2:69:2e:13:27:34:06:1a:
fd:a7:f8:f0:d0:9e:36:26:40:dc:77:d9:b0:38:9f:82:07:02:
e1:68:58:9c:f2:5f:f5:55:a5:f1:10:cf:61:bc:16:e5:b0:88:
1e:7d:d9:04:a4:a1:63:c2:09:00:e2:4f:28:1e:fd:d7:cd:29:
01:79:95:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbgL0F+pyN+kMlgrKAN4URpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMzE0MTI1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWI0ZTUwYTBmZDJmNDdmZDIwMzhkMGQ1MzY5OTZiODgwNDZmMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ByNh3nf6mTL2/4QhMIqEw6VKDab
iEvTqELs0UERCwIwylmoy8N1UzBFmA+2vHPFydOtQkvxR4pzL6a220q1xotsgpKe
iJwMd+iRJnbkxrA0Z008Hw59EGNIZXSwE1ZWbfouA7yrZhePxBTjmVn6MY9vBNqh
Vtb0bEdv1vl7aVgQm2gDlgblY+10S2RyO3MtgyE8vTWJb+apMoiIPqAcjXw8nVxq
yWvQhVrSX2MJ2pdS+0uyYbl+3Dlo+D8RaFhzlrJd+dBNxpKQTNifndcTdXQN01lV
DWVEAikWQKXPR2sOb+G5q8n2NQF+WxZPLB57MNI7gXmQJQlX4xQSAHrHnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHq05QoP0vR/0gONDVNplriARvENMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvZXJUbENnX1M5SF9TQTQwTlUybVd1SUJHOFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBvEgAAwQA
vEgDAwQAvEgKMA0GCSqGSIb3DQEBCwUAA4IBAQBNst/SE2GI2lbtI1lq38GmUIVD
sq8pxVu/0lNgj+bbCMFylMByA9Ap0tttfnB/jMde6Ug0FIVCglGGKhjY/17Jral8
JJxtS5bxdQ4UyHhxKFXuVy1xv+Jc7vZXeJ1ur9FOZPWKz4FUOxzQJqw0U5CBu0tc
ehKuKn+6YBHtY+YMVMy7jqosBtHHyQDmBAT+dc9vNScg93DnzUUG5EJzIWO7RdG5
IJq4UMCeeBpFfAqnCjXZ8nti1lRUqn44wUGUwmkuEyc0Bhr9p/jw0J42JkDcd9mw
OJ+CBwLhaFic8l/1VaXxEM9hvBblsIgefdkEpKFjwgkA4k8oHv3XzSkBeZW2
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net