Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/mNaqTBbZh1P9KOfO3WsDz3TsARg.roa
File: mNaqTBbZh1P9KOfO3WsDz3TsARg.roa (raw, json)
Hash identifier: CjTQv5Nt7feqLLFOzffMN6rigaIqj6DI0q9FDEVvjWU=
Subject key identifier: 98:D6:AA:4C:16:D9:87:53:FD:28:E7:CE:DD:6B:03:CF:74:EC:01:18
Certificate issuer: /CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Certificate serial: 09C33628
Authority key identifier: BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/mNaqTBbZh1P9KOfO3WsDz3TsARg.roa
Signing time: Sat 01 Jan 2022 09:03:39 +0000
ROA not before: Sat 01 Jan 2022 09:03:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208669
IP address blocks: 85.202.93.0/24 maxlen: 24
85.202.95.0/24 maxlen: 24
85.202.92.0/24 maxlen: 24
85.202.94.0/24 maxlen: 24
2a10:1900::/32 maxlen: 32
2a10:1906::/32 maxlen: 32
2a10:1905::/32 maxlen: 32
2a10:1902::/32 maxlen: 32
2a10:1901::/32 maxlen: 32
2a10:1903::/32 maxlen: 32
2a10:1904::/32 maxlen: 32
2a10:1907::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163788328 (0x9c33628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Validity
Not Before: Jan 1 09:03:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98d6aa4c16d98753fd28e7cedd6b03cf74ec0118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:49:2a:5e:50:ba:d9:a5:5c:ed:58:6a:4b:
86:0d:b7:f8:68:c0:cb:3c:45:ac:d9:d8:9b:1e:ce:
19:94:f7:7a:bb:9b:b3:65:3f:ba:c1:f0:53:aa:b0:
95:d1:c4:9a:e5:6f:8f:7c:2a:e2:1e:8c:be:c5:f8:
9a:05:f4:2a:ad:9f:0c:7f:0e:c6:60:a0:05:6c:77:
2c:d5:8a:ab:6c:02:78:35:d1:8f:b4:d5:b7:e8:6f:
93:25:ed:97:3c:6d:b7:7b:73:d3:52:c0:0d:9e:db:
21:4a:c9:57:fc:c7:93:da:07:37:d7:fb:86:c1:d6:
85:eb:40:46:b4:f2:83:a4:54:eb:88:fe:7d:c9:ff:
d4:81:bc:a3:7b:51:e2:af:9a:bf:9e:4a:37:1d:94:
37:71:7c:76:23:b7:a8:b4:9b:82:fa:3d:94:d6:22:
a4:04:04:1c:50:61:1d:1e:e9:17:1f:d8:22:a6:7f:
8a:b2:ec:af:f0:16:33:65:d8:27:76:40:c4:be:30:
63:1b:de:cd:39:8b:72:9a:7d:59:03:1b:e0:88:b1:
ed:5f:0d:40:10:73:50:6a:3d:4e:89:ad:d3:79:5e:
80:2e:b0:0c:64:8b:61:60:0d:fb:e3:ff:30:8e:cc:
89:27:a1:a9:e6:6a:7d:1c:da:81:ff:37:7e:5e:9c:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D6:AA:4C:16:D9:87:53:FD:28:E7:CE:DD:6B:03:CF:74:EC:01:18
X509v3 Authority Key Identifier:
keyid:BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/mNaqTBbZh1P9KOfO3WsDz3TsARg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/vWqnNi02eSy8-oNgm111zJZfP68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.92.0/22
IPv6:
2a10:1900::/29
Signature Algorithm: sha256WithRSAEncryption
b9:99:a4:46:4e:72:d6:f0:d9:97:c4:ef:31:d3:97:cb:fa:90:
91:a4:a7:b8:f4:73:53:9f:02:e9:41:e7:a8:24:fe:67:5a:a3:
fc:e2:94:33:7b:f1:ac:8b:e2:82:d4:ee:4c:f6:29:45:4f:7a:
64:75:3b:86:77:98:c4:f5:ba:b8:af:9a:8c:4c:a1:9b:fa:86:
60:f4:a1:6f:f9:e3:07:f5:ea:00:43:c5:05:25:a7:4d:40:1d:
b6:46:f5:26:22:d1:c8:db:57:42:7f:d7:b3:7c:08:aa:99:54:
64:51:22:b6:0c:31:98:fb:d3:7a:b6:de:7b:7a:ed:02:08:da:
29:3c:5d:95:6c:ca:e5:71:03:ef:5f:c3:71:5b:9b:42:15:7b:
cb:a7:b8:fc:60:8c:8b:19:a6:82:24:5a:35:fa:7c:39:57:ae:
24:a6:ad:0e:62:84:1e:5a:19:6f:c4:53:46:1a:a0:d5:db:10:
54:ed:7f:5d:74:3a:da:2b:ef:f2:7c:50:67:6f:d2:49:b4:d4:
43:f0:15:f6:57:00:cf:0f:c2:e6:39:7a:46:3e:5f:a9:06:bb:
ca:17:42:27:3c:fb:f1:9f:37:08:34:87:c5:a5:08:f2:46:fb:
9a:39:5d:09:d7:12:9c:2a:11:2c:1f:eb:67:77:7a:f3:4c:e3:
95:02:f3:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECcM2KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDZhYTczNjJkMzY3OTJjYmNmYTgzNjA5YjVkNzVjYzk2NWYzZmFmMB4XDTIyMDEw
MTA5MDMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThkNmFhNGMxNmQ5
ODc1M2ZkMjhlN2NlZGQ2YjAzY2Y3NGVjMDExODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJPSSpeULrZpVztWGpLhg23+GjAyzxFrNnYmx7OGZT3erub
s2U/usHwU6qwldHEmuVvj3wq4h6MvsX4mgX0Kq2fDH8OxmCgBWx3LNWKq2wCeDXR
j7TVt+hvkyXtlzxtt3tz01LADZ7bIUrJV/zHk9oHN9f7hsHWhetARrTyg6RU64j+
fcn/1IG8o3tR4q+av55KNx2UN3F8diO3qLSbgvo9lNYipAQEHFBhHR7pFx/YIqZ/
irLsr/AWM2XYJ3ZAxL4wYxvezTmLcpp9WQMb4Iix7V8NQBBzUGo9Tomt03legC6w
DGSLYWAN++P/MI7MiSehqeZqfRzagf83fl6cWKUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSY1qpMFtmHU/0o587dawPPdOwBGDAfBgNVHSMEGDAWgBS9aqc2LTZ5LLz6
g2CbXXXMll8/rzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZXcW5OaTAyZVN5OC1vTmdtMTExekpaZlA2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvZjlhOGVjLWY1ODItNDc1Yy04Y2M5LWQ1Yzg2MzViZWM4OC8x
L21OYXFUQmJaaDFQOUtPZk8zV3NEejNUc0FSZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
ZjlhOGVjLWY1ODItNDc1Yy04Y2M5LWQ1Yzg2MzViZWM4OC8xL3ZXcW5OaTAyZVN5
OC1vTmdtMTExekpaZlA2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXKXDANBAIAAjAHAwUDKhAZADAN
BgkqhkiG9w0BAQsFAAOCAQEAuZmkRk5y1vDZl8TvMdOXy/qQkaSnuPRzU58C6UHn
qCT+Z1qj/OKUM3vxrIvigtTuTPYpRU96ZHU7hneYxPW6uK+ajEyhm/qGYPShb/nj
B/XqAEPFBSWnTUAdtkb1JiLRyNtXQn/Xs3wIqplUZFEitgwxmPvTerbee3rtAgja
KTxdlWzK5XED71/DcVubQhV7y6e4/GCMixmmgiRaNfp8OVeuJKatDmKEHloZb8RT
Rhqg1dsQVO1/XXQ62ivv8nxQZ2/SSbTUQ/AV9lcAzw/C5jl6Rj5fqQa7yhdCJzz7
8Z83CDSHxaUI8kb7mjldCdcSnCoRLB/rZ3d680zjlQLzGw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:53 2023 by rpki-client on console.sobornost.net