Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/b-bFAACc61h_fKK_A9WqCIwbYVM.roa
File: b-bFAACc61h_fKK_A9WqCIwbYVM.roa (raw, json)
Hash identifier: zAvciV2Zc8su0CcaHG84w/q4Fn9COTNqOl5zucDkPac=
Subject key identifier: 6F:E6:C5:00:00:9C:EB:58:7F:7C:A2:BF:03:D5:AA:08:8C:1B:61:53
Certificate issuer: /CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Certificate serial: 018CC56E9D81784F117FD43BD3A64BB2276B
Authority key identifier: CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/b-bFAACc61h_fKK_A9WqCIwbYVM.roa
Signing time: Mon 01 Jan 2024 14:30:09 +0000
ROA not before: Mon 01 Jan 2024 14:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201272
IP address blocks: 185.80.42.0/24 maxlen: 24
185.80.41.0/24 maxlen: 24
185.80.40.0/24 maxlen: 24
185.80.40.0/23 maxlen: 23
185.80.40.0/22 maxlen: 22
185.80.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:9d:81:78:4f:11:7f:d4:3b:d3:a6:4b:b2:27:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfea8dbf21588b5f0c96471cea33b54ed10917e8
Validity
Not Before: Jan 1 14:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fe6c500009ceb587f7ca2bf03d5aa088c1b6153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:7b:06:d2:4a:75:f0:c5:69:37:5f:85:20:
b5:52:75:f0:52:35:b8:cb:1a:1d:46:4b:13:eb:1d:
80:67:9c:40:92:e8:98:47:7f:02:9b:90:31:36:16:
17:6f:f8:ea:d2:8a:4d:d8:2a:fc:b2:4e:0d:a6:50:
65:e0:4c:30:ab:61:27:89:58:a5:9a:aa:67:57:68:
86:8e:a8:08:03:59:a3:55:ff:0e:fa:e9:22:ce:cc:
34:8b:54:d6:7d:4f:f3:83:54:22:68:4a:f6:be:ed:
94:b2:48:56:32:38:68:4f:f5:ba:87:80:a9:97:58:
2b:09:ec:d0:3e:78:9c:26:98:1a:4d:a4:c4:af:f8:
be:27:9b:b5:50:b1:da:ab:e4:9c:13:4c:4d:0d:1f:
95:76:90:c9:2e:e8:2f:c2:c4:3e:d4:db:db:45:81:
c5:17:13:2d:a2:d0:f3:e0:e7:e2:d5:88:60:26:14:
5c:52:6d:84:0e:a8:e2:64:32:3b:f8:f9:79:ef:0b:
ae:50:5a:e7:e7:87:40:d3:fa:55:a6:54:44:25:46:
89:4e:f6:26:77:62:ce:fb:b4:ec:75:82:03:63:55:
9d:8b:86:6f:52:9e:45:39:28:de:c9:7e:97:c4:38:
4f:f9:c0:61:09:55:bb:17:ff:c7:f0:5f:b4:d7:fe:
2a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E6:C5:00:00:9C:EB:58:7F:7C:A2:BF:03:D5:AA:08:8C:1B:61:53
X509v3 Authority Key Identifier:
keyid:CF:EA:8D:BF:21:58:8B:5F:0C:96:47:1C:EA:33:B5:4E:D1:09:17:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-qNvyFYi18Mlkcc6jO1TtEJF-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/b-bFAACc61h_fKK_A9WqCIwbYVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/032686-0d24-4660-ae72-7391207eac33/1/z-qNvyFYi18Mlkcc6jO1TtEJF-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:1e:dd:9f:f7:83:f2:26:c1:6f:c8:55:fe:85:3b:1e:46:a1:
40:df:de:16:9b:04:31:a4:15:12:13:77:45:82:e7:5e:cd:b7:
52:2c:b1:42:7e:43:0f:ef:e8:a7:6b:14:17:66:d9:38:b0:17:
60:2b:f3:84:58:c2:89:ee:af:cf:11:8a:52:80:d5:e4:9d:68:
86:bb:dd:bc:e8:46:a2:2d:7f:a1:4f:25:62:52:ea:f2:dc:8b:
75:8b:cc:ab:a8:16:4f:4b:8c:3e:35:c2:f6:e2:58:9b:16:1f:
3c:38:25:b9:cb:38:06:8b:ed:6b:12:64:55:65:e4:da:62:b2:
bd:a1:74:60:e7:24:1e:f1:f5:46:02:da:33:11:ca:c4:fb:ac:
fe:d8:e0:29:c0:aa:06:a9:7c:c6:8c:52:e9:d4:e4:e0:c5:18:
87:ef:32:a8:18:5f:e4:33:bb:74:69:19:74:76:a3:7e:1c:d9:
9d:6c:1a:42:54:09:71:1e:1f:d0:68:1f:f3:94:bc:54:fb:aa:
fc:fd:e1:6c:c0:c9:df:6e:0b:e2:3a:80:e2:02:ab:62:a4:2f:
f0:87:7f:71:ab:c6:bf:ba:25:46:4d:68:f9:a4:b1:65:34:bd:
31:63:32:92:33:0f:88:ad:90:98:9c:5b:f8:37:f8:73:ad:15:
c2:6c:56:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbp2BeE8Rf9Q706ZLsidrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWE4ZGJmMjE1ODhiNWYwYzk2NDcxY2VhMzNiNTRlZDEw
OTE3ZTgwHhcNMjQwMTAxMTQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmU2YzUwMDAwOWNlYjU4N2Y3Y2EyYmYwM2Q1YWEwODhjMWI2MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+57BtJKdfDFaTdfhSC1UnXwUjW4
yxodRksT6x2AZ5xAkuiYR38Cm5AxNhYXb/jq0opN2Cr8sk4NplBl4Ewwq2EniVil
mqpnV2iGjqgIA1mjVf8O+ukizsw0i1TWfU/zg1QiaEr2vu2UskhWMjhoT/W6h4Cp
l1grCezQPnicJpgaTaTEr/i+J5u1ULHaq+ScE0xNDR+VdpDJLugvwsQ+1NvbRYHF
FxMtotDz4Ofi1YhgJhRcUm2EDqjiZDI7+Pl57wuuUFrn54dA0/pVplREJUaJTvYm
d2LO+7TsdYIDY1Wdi4ZvUp5FOSjeyX6XxDhP+cBhCVW7F//H8F+01/4qpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/mxQAAnOtYf3yivwPVqgiMG2FTMB8GA1UdIwQY
MBaAFM/qjb8hWItfDJZHHOoztU7RCRfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzIt
NzM5MTIwN2VhYzMzLzEvYi1iRkFBQ2M2MWhfZktLX0E5V3FDSXdiWVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wMzI2ODYtMGQyNC00NjYwLWFlNzItNzM5MTIwN2VhYzMz
LzEvei1xTnZ5RllpMThNbGtjYzZqTzFUdEVKRi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVAoMA0G
CSqGSIb3DQEBCwUAA4IBAQCOHt2f94PyJsFvyFX+hTseRqFA394WmwQxpBUSE3dF
gudezbdSLLFCfkMP7+inaxQXZtk4sBdgK/OEWMKJ7q/PEYpSgNXknWiGu9286Eai
LX+hTyViUury3It1i8yrqBZPS4w+NcL24libFh88OCW5yzgGi+1rEmRVZeTaYrK9
oXRg5yQe8fVGAtozEcrE+6z+2OApwKoGqXzGjFLp1OTgxRiH7zKoGF/kM7t0aRl0
dqN+HNmdbBpCVAlxHh/QaB/zlLxU+6r8/eFswMnfbgviOoDiAqtipC/wh39xq8a/
uiVGTWj5pLFlNL0xYzKSMw+IrZCYnFv4N/hzrRXCbFak
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:00 2024 by rpki-client on console.sobornost.net