Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/prpOMC3nvp5u-mhCPn4sLm8TYlo.roa
File: prpOMC3nvp5u-mhCPn4sLm8TYlo.roa (raw, json)
Hash identifier: rs/GzhAt2K0sZ1SWWFlWIhAT+HUrFOvmTo6JA/wwPVY=
Subject key identifier: A6:BA:4E:30:2D:E7:BE:9E:6E:FA:68:42:3E:7E:2C:2E:6F:13:62:5A
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 089D33D1
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/prpOMC3nvp5u-mhCPn4sLm8TYlo.roa
Signing time: Sat 01 Jan 2022 11:01:03 +0000
ROA not before: Sat 01 Jan 2022 11:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61391
IP address blocks: 185.79.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144520145 (0x89d33d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 11:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6ba4e302de7be9e6efa68423e7e2c2e6f13625a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:27:57:dc:5b:0d:ac:49:43:be:46:da:f5:
0f:11:3d:ba:6c:c2:cc:df:67:87:e3:35:49:ef:28:
42:58:35:b4:b0:82:09:32:2c:fc:87:0c:bc:01:4d:
fc:d0:b6:e0:51:a1:83:5a:e3:c7:d9:98:97:68:c6:
f0:86:0a:b4:2e:af:49:c6:01:85:e1:84:7e:ef:86:
3f:91:d0:14:48:6a:27:dd:e1:f8:eb:b6:2e:fd:e6:
f4:54:e9:40:ec:0e:5f:97:1f:35:dc:89:67:51:82:
77:6a:3d:bf:2f:0f:01:79:4b:43:2b:4d:dc:f8:1e:
36:ff:3c:01:c3:4f:2a:eb:b1:95:03:45:84:8c:cc:
36:33:32:68:82:32:e8:42:8c:f9:21:ce:1f:4c:b0:
cc:7e:11:8d:e0:e9:e4:46:5a:d4:86:5d:f1:3c:4d:
32:dd:89:c7:65:58:9a:bb:9a:45:37:af:83:f2:8e:
12:4b:60:11:c3:cd:af:76:36:c0:20:61:a6:f0:e8:
84:df:5e:8f:e8:a7:9a:cc:d6:5a:08:b2:a9:e6:3e:
40:e6:4f:69:6e:01:8a:b6:26:6f:42:57:b4:2b:89:
b2:6d:91:da:0a:41:79:31:c0:22:f1:c6:b8:29:48:
66:fd:0f:30:b4:ff:e9:84:7d:3d:67:42:55:60:1d:
5b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BA:4E:30:2D:E7:BE:9E:6E:FA:68:42:3E:7E:2C:2E:6F:13:62:5A
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/prpOMC3nvp5u-mhCPn4sLm8TYlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/24
Signature Algorithm: sha256WithRSAEncryption
98:7f:08:54:45:5b:ce:fb:b7:c9:3e:c4:fd:57:6b:71:6e:18:
62:bd:8f:ac:66:31:e0:c9:d2:c2:a4:f5:1a:ca:b6:30:2e:26:
e3:99:67:b4:b2:46:af:0b:88:ba:5d:55:2b:f9:08:31:b9:52:
85:52:a0:84:c2:b0:6e:cc:34:d4:05:d9:95:29:cb:40:3d:65:
34:98:be:17:42:e8:24:aa:dc:30:d5:74:86:53:0b:8f:ed:6a:
1d:a7:d4:26:41:e2:a9:be:ec:99:1e:13:05:2b:47:8e:e2:e2:
bf:a3:2e:f2:b2:b6:9e:63:e1:1b:f2:63:ea:95:d7:40:9d:6b:
63:61:b7:23:3c:21:bb:89:1a:1d:c2:90:e1:8b:45:83:55:3b:
fe:37:0f:7b:9b:ec:b2:1c:69:03:d8:1d:9a:12:d2:9e:28:fe:
6a:76:dd:2e:21:2c:92:44:ab:8b:b5:bb:c2:21:5b:02:ad:48:
55:f6:87:95:fc:48:bc:fd:78:e5:6d:c8:67:4e:1c:c6:66:29:
48:91:7d:5a:1e:fe:cf:c8:07:4b:c7:61:46:2f:fc:29:a9:ca:
7e:0e:b1:bb:c5:5c:d1:08:09:ff:20:2d:07:5f:13:7f:d5:01:
09:dc:4f:b5:ea:9d:89:10:eb:9a:b6:ec:96:1e:ce:48:67:fe:
fd:99:08:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJ0z0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDEw
MTExMDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZiYTRlMzAyZGU3
YmU5ZTZlZmE2ODQyM2U3ZTJjMmU2ZjEzNjI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTCJ1fcWw2sSUO+Rtr1DxE9umzCzN9nh+M1Se8oQlg1tLCC
CTIs/IcMvAFN/NC24FGhg1rjx9mYl2jG8IYKtC6vScYBheGEfu+GP5HQFEhqJ93h
+Ou2Lv3m9FTpQOwOX5cfNdyJZ1GCd2o9vy8PAXlLQytN3PgeNv88AcNPKuuxlQNF
hIzMNjMyaIIy6EKM+SHOH0ywzH4RjeDp5EZa1IZd8TxNMt2Jx2VYmruaRTevg/KO
EktgEcPNr3Y2wCBhpvDohN9ej+inmszWWgiyqeY+QOZPaW4BirYmb0JXtCuJsm2R
2gpBeTHAIvHGuClIZv0PMLT/6YR9PWdCVWAdW70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmuk4wLee+nm76aEI+fiwubxNiWjAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L3BycE9NQzNudnA1dS1taENQbjRzTG04VFlsby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlPYDANBgkqhkiG9w0BAQsFAAOC
AQEAmH8IVEVbzvu3yT7E/VdrcW4YYr2PrGYx4MnSwqT1Gsq2MC4m45lntLJGrwuI
ul1VK/kIMblShVKghMKwbsw01AXZlSnLQD1lNJi+F0LoJKrcMNV0hlMLj+1qHafU
JkHiqb7smR4TBStHjuLiv6Mu8rK2nmPhG/Jj6pXXQJ1rY2G3Izwhu4kaHcKQ4YtF
g1U7/jcPe5vsshxpA9gdmhLSnij+anbdLiEskkSri7W7wiFbAq1IVfaHlfxIvP14
5W3IZ04cxmYpSJF9Wh7+z8gHS8dhRi/8KanKfg6xu8Vc0QgJ/yAtB18Tf9UBCdxP
teqdiRDrmrbslh7OSGf+/ZkIxQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:09 2023 by rpki-client on console.sobornost.net