Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/vys4jz8XC1FGdbzsgRZv4bAxn_o.roa
File: vys4jz8XC1FGdbzsgRZv4bAxn_o.roa (raw, json)
Hash identifier: tb+/9YvTFZ5xHALij41nhP4rihtbbFZKajYOyNhOSkg=
Subject key identifier: BF:2B:38:8F:3F:17:0B:51:46:75:BC:EC:81:16:6F:E1:B0:31:9F:FA
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0502723D
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/vys4jz8XC1FGdbzsgRZv4bAxn_o.roa
Signing time: Sun 13 Mar 2022 05:21:55 +0000
ROA not before: Sun 13 Mar 2022 05:21:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213098
IP address blocks: 188.72.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84046397 (0x502723d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Mar 13 05:21:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf2b388f3f170b514675bcec81166fe1b0319ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:64:93:3e:ec:a4:5c:2c:a6:c4:b3:d9:74:
10:b1:07:2f:b8:b7:32:d0:0c:64:35:e5:57:5d:1a:
95:54:bd:43:06:d4:de:13:a1:52:54:ea:9d:04:34:
20:7d:1c:0e:00:79:55:07:36:83:6a:db:02:e4:e6:
80:f2:4a:19:a8:e4:7b:ff:35:29:40:84:8c:89:7b:
e9:d7:75:e3:8d:55:40:15:62:85:bb:69:50:ed:9c:
62:06:88:13:4d:9b:40:06:3c:e7:35:3c:10:80:85:
e9:7d:bc:7e:17:75:ee:84:87:00:a4:cc:76:21:b9:
e0:8d:2a:0c:ac:29:18:98:01:6f:68:13:46:c6:df:
aa:34:91:f7:11:90:fd:b9:24:01:58:b9:ec:a7:fc:
a5:f9:24:a7:ca:38:ab:da:10:6e:60:42:5c:1d:a0:
9f:62:38:29:2e:53:18:1f:48:a9:59:7d:70:18:80:
3a:97:84:81:f4:1b:19:69:e0:a2:47:61:4b:b0:ea:
1f:0f:33:87:ca:b8:c3:fb:c9:76:bb:cc:5f:bc:03:
05:04:0f:1f:54:cd:5d:11:30:e3:ed:e0:18:74:d8:
91:9a:8e:c1:48:ef:b3:62:02:26:81:e6:28:1c:60:
41:7f:1e:24:c3:c5:8f:92:22:e7:ee:1c:53:0d:7f:
9e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:2B:38:8F:3F:17:0B:51:46:75:BC:EC:81:16:6F:E1:B0:31:9F:FA
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/vys4jz8XC1FGdbzsgRZv4bAxn_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:5b:19:e2:c5:65:96:fd:f6:2d:2f:6c:b8:df:a2:2e:6f:a9:
f4:ad:9b:8f:3c:6a:ea:4b:11:3c:89:59:ab:d8:37:43:ed:73:
62:f8:5c:70:fa:1a:49:da:bd:b7:0f:b7:b4:89:83:2b:7a:24:
a8:79:61:c7:57:61:32:c0:7f:e3:c7:cd:ec:9b:c7:3f:cd:fb:
3d:23:25:11:9a:ee:a1:57:ec:05:e9:a7:5a:3d:a5:c6:3d:65:
96:29:0b:43:2d:76:18:9a:8d:07:97:05:3b:4a:64:1e:10:ed:
15:e5:eb:fc:97:1e:b2:28:3e:87:02:58:63:c0:f2:bd:ed:a1:
13:15:ba:88:be:39:f5:57:f7:39:d7:e8:03:a6:4f:0e:63:bc:
7e:ac:4b:72:1c:db:f7:b9:73:73:43:e9:57:33:ef:1e:ac:fc:
17:69:63:20:91:20:8a:1f:10:2a:21:c2:84:59:68:35:f5:bc:
43:44:1b:07:41:80:70:ab:50:93:53:ee:8c:a8:d2:d8:0d:e7:
fe:04:91:62:5c:3c:d3:bf:18:fe:ab:db:05:ff:94:f0:c8:2d:
5b:43:d0:20:0d:ca:5b:18:18:3d:2e:b5:7e:ed:39:4b:9d:db:
a1:12:a3:85:47:79:f7:3d:d4:af:36:ff:6a:3b:17:c5:49:de:
8e:08:71:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQJyPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2IwZGVjMTNkZjIwNWE2NmVjNTIyNzkyNWI4ZjU2YmRiMDlmNDk5MB4XDTIyMDMx
MzA1MjE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYyYjM4OGYzZjE3
MGI1MTQ2NzViY2VjODExNjZmZTFiMDMxOWZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKNZJM+7KRcLKbEs9l0ELEHL7i3MtAMZDXlV10alVS9QwbU
3hOhUlTqnQQ0IH0cDgB5VQc2g2rbAuTmgPJKGajke/81KUCEjIl76dd1441VQBVi
hbtpUO2cYgaIE02bQAY85zU8EICF6X28fhd17oSHAKTMdiG54I0qDKwpGJgBb2gT
RsbfqjSR9xGQ/bkkAVi57Kf8pfkkp8o4q9oQbmBCXB2gn2I4KS5TGB9IqVl9cBiA
OpeEgfQbGWngokdhS7DqHw8zh8q4w/vJdrvMX7wDBQQPH1TNXREw4+3gGHTYkZqO
wUjvs2ICJoHmKBxgQX8eJMPFj5Ii5+4cUw1/nj0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/KziPPxcLUUZ1vOyBFm/hsDGf+jAfBgNVHSMEGDAWgBRssN7BPfIFpm7F
InkluPVr2wn0mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JMRGV3VDN5QmFadXhTSjVKYmoxYTlzSjlKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvY2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8x
L3Z5czRqejhYQzFGR2RienNnUlp2NGJBeG5fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
Y2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8xL2JMRGV3VDN5QmFa
dXhTSjVKYmoxYTlzSjlKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxIKzANBgkqhkiG9w0BAQsFAAOC
AQEAelsZ4sVllv32LS9suN+iLm+p9K2bjzxq6ksRPIlZq9g3Q+1zYvhccPoaSdq9
tw+3tImDK3okqHlhx1dhMsB/48fN7JvHP837PSMlEZruoVfsBemnWj2lxj1llikL
Qy12GJqNB5cFO0pkHhDtFeXr/Jcesig+hwJYY8Dyve2hExW6iL459Vf3OdfoA6ZP
DmO8fqxLchzb97lzc0PpVzPvHqz8F2ljIJEgih8QKiHChFloNfW8Q0QbB0GAcKtQ
k1PujKjS2A3n/gSRYlw8078Y/qvbBf+U8MgtW0PQIA3KWxgYPS61fu05S53boRKj
hUd59z3Urzb/ajsXxUnejghxaw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net