Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/V3xOU0n9ep_FgsizaMfsuxzRp40.roa
File: V3xOU0n9ep_FgsizaMfsuxzRp40.roa (raw, json)
Hash identifier: MQx0DfvzYtys/eQsRH8YAKacTJlfzd3NAyVwkGAuq2c=
Subject key identifier: 57:7C:4E:53:49:FD:7A:9F:C5:82:C8:B3:68:C7:EC:BB:1C:D1:A7:8D
Certificate issuer: /CN=345b4f7b4a16db9e924f0908cee3da26f22ad481
Certificate serial: 01DEB1ED
Authority key identifier: 34:5B:4F:7B:4A:16:DB:9E:92:4F:09:08:CE:E3:DA:26:F2:2A:D4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFtPe0oW256STwkIzuPaJvIq1IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/V3xOU0n9ep_FgsizaMfsuxzRp40.roa
Signing time: Sat 01 Jan 2022 12:56:25 +0000
ROA not before: Sat 01 Jan 2022 12:56:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8298
IP address blocks: 194.1.163.0/24 maxlen: 24
92.119.38.0/24 maxlen: 24
2001:678:d78::/48 maxlen: 48
2a0b:dd80::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31371757 (0x1deb1ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345b4f7b4a16db9e924f0908cee3da26f22ad481
Validity
Not Before: Jan 1 12:56:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=577c4e5349fd7a9fc582c8b368c7ecbb1cd1a78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4c:6b:e3:62:d8:5e:9a:a6:e4:50:81:cb:5e:
d2:25:cd:b7:21:dc:91:f6:01:d1:27:53:1d:dc:0c:
68:ff:87:57:49:11:e2:10:b1:8f:d6:d9:94:76:87:
a7:ec:4b:15:fb:e9:66:ba:ae:c6:17:47:78:a3:63:
08:63:87:6f:c3:c3:68:b6:31:13:cc:24:39:ae:53:
2d:f7:4f:8f:d4:27:42:fd:4c:f0:86:f1:81:70:cf:
ec:81:c9:de:d8:5c:97:97:27:1b:d9:ca:a3:fc:c7:
8c:8a:a7:91:f1:03:63:33:96:6e:22:32:b6:53:fe:
7a:c8:66:b1:91:18:05:b5:37:76:d8:f9:7b:e1:02:
f6:f5:b9:b0:a9:ba:24:90:62:df:aa:6d:78:51:5b:
2b:fa:2f:59:7e:c7:c0:ed:71:00:65:cc:41:32:a0:
03:fe:4b:67:5c:f7:71:e7:95:08:d5:4f:54:05:e8:
06:c4:2b:02:ab:27:a2:3a:c4:02:8e:20:a0:5b:76:
70:d1:8b:ad:fe:20:64:92:76:24:66:31:de:50:e0:
c5:d5:e3:b7:a9:29:11:87:f5:b6:09:1c:2b:80:c3:
6c:81:d6:93:d6:7e:f0:d2:ae:48:7f:f7:3f:5f:ff:
e7:dd:3a:70:67:a9:2e:ba:bd:8d:20:c0:e0:6f:83:
eb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:7C:4E:53:49:FD:7A:9F:C5:82:C8:B3:68:C7:EC:BB:1C:D1:A7:8D
X509v3 Authority Key Identifier:
keyid:34:5B:4F:7B:4A:16:DB:9E:92:4F:09:08:CE:E3:DA:26:F2:2A:D4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFtPe0oW256STwkIzuPaJvIq1IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/V3xOU0n9ep_FgsizaMfsuxzRp40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/NFtPe0oW256STwkIzuPaJvIq1IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.38.0/24
194.1.163.0/24
IPv6:
2001:678:d78::/48
2a0b:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
84:2f:03:23:cf:f9:00:c6:73:8a:62:45:2b:74:76:b8:80:35:
dd:34:c8:1e:87:d0:55:2f:82:c3:67:68:1d:9e:92:31:a7:5e:
61:77:10:76:c9:10:d1:11:bb:18:19:ee:37:e7:a3:90:6f:1b:
62:90:92:73:30:e5:ef:00:01:58:56:fe:bc:40:57:de:71:b5:
c5:00:18:d6:ad:68:59:bb:58:3b:1e:66:83:ed:f0:13:fc:7d:
d0:83:e4:4f:40:bc:ba:19:1e:84:14:1f:a7:c1:40:8f:dd:2c:
57:af:1c:9d:78:57:ef:b5:21:2a:bb:72:2d:87:2b:20:7a:09:
4c:bb:cf:51:78:ce:13:c2:8b:14:f1:69:fb:41:fb:56:e1:cd:
8c:d5:46:d1:0b:0c:0d:97:3d:2a:b6:5a:eb:17:ac:8f:f5:89:
a5:d0:b3:a8:a7:ab:d9:07:d7:5c:82:67:7b:15:27:15:a6:05:
64:3e:49:f5:7d:a7:b3:a1:d2:97:0e:d9:c8:0a:5f:b8:e9:d0:
6f:73:00:c6:90:d6:32:43:d5:53:d0:0e:c7:cb:eb:01:2c:85:
86:bb:55:81:b7:df:32:92:68:41:ca:3e:7b:d6:9b:2f:ed:76:
b4:14:bc:e3:12:de:0e:d5:4f:52:1e:9c:e3:e9:5b:2b:b1:ca:
07:b8:79:f4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAd6x7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDViNGY3YjRhMTZkYjllOTI0ZjA5MDhjZWUzZGEyNmYyMmFkNDgxMB4XDTIyMDEw
MTEyNTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTc3YzRlNTM0OWZk
N2E5ZmM1ODJjOGIzNjhjN2VjYmIxY2QxYTc4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJMa+Ni2F6apuRQgcte0iXNtyHckfYB0SdTHdwMaP+HV0kR
4hCxj9bZlHaHp+xLFfvpZrquxhdHeKNjCGOHb8PDaLYxE8wkOa5TLfdPj9QnQv1M
8IbxgXDP7IHJ3thcl5cnG9nKo/zHjIqnkfEDYzOWbiIytlP+eshmsZEYBbU3dtj5
e+EC9vW5sKm6JJBi36pteFFbK/ovWX7HwO1xAGXMQTKgA/5LZ1z3ceeVCNVPVAXo
BsQrAqsnojrEAo4goFt2cNGLrf4gZJJ2JGYx3lDgxdXjt6kpEYf1tgkcK4DDbIHW
k9Z+8NKuSH/3P1//5906cGepLrq9jSDA4G+D68cCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRXfE5TSf16n8WCyLNox+y7HNGnjTAfBgNVHSMEGDAWgBQ0W097ShbbnpJP
CQjO49om8irUgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05GdFBlMG9XMjU2U1R3a0l6dVBhSnZJcTFJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMzZhOWFmLTBkNmEtNDVlMy05Y2E1LTQwODU4Yjk1ZmNmNS8x
L1YzeE9VMG45ZXBfRmdzaXphTWZzdXh6UnA0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
MzZhOWFmLTBkNmEtNDVlMy05Y2E1LTQwODU4Yjk1ZmNmNS8xL05GdFBlMG9XMjU2
U1R3a0l6dVBhSnZJcTFJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAFx3JgMEAMIBozAWBAIAAjAQAwcA
IAEGeA14AwUDKgvdgDANBgkqhkiG9w0BAQsFAAOCAQEAhC8DI8/5AMZzimJFK3R2
uIA13TTIHofQVS+Cw2doHZ6SMadeYXcQdskQ0RG7GBnuN+ejkG8bYpCSczDl7wAB
WFb+vEBX3nG1xQAY1q1oWbtYOx5mg+3wE/x90IPkT0C8uhkehBQfp8FAj90sV68c
nXhX77UhKrtyLYcrIHoJTLvPUXjOE8KLFPFp+0H7VuHNjNVG0QsMDZc9KrZa6xes
j/WJpdCzqKer2QfXXIJnexUnFaYFZD5J9X2ns6HSlw7ZyApfuOnQb3MAxpDWMkPV
U9AOx8vrASyFhrtVgbffMpJoQco+e9abL+12tBS84xLeDtVPUh6c4+lbK7HKB7h5
9A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:10 2023 by rpki-client on console.sobornost.net