Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/zxI0KLALyVowScVtvnzc5LKwq6M.roa
File: zxI0KLALyVowScVtvnzc5LKwq6M.roa (raw, json)
Hash identifier: eVeI5LEV3/3hOPScQjsWM8S9HfqdJDdDXk/UjUCWtHo=
Subject key identifier: CF:12:34:28:B0:0B:C9:5A:30:49:C5:6D:BE:7C:DC:E4:B2:B0:AB:A3
Certificate issuer: /CN=813e051cb831d1989607bb76c0bc5693ff947b53
Certificate serial: 089C177C
Authority key identifier: 81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/zxI0KLALyVowScVtvnzc5LKwq6M.roa
Signing time: Sat 01 Jan 2022 11:01:02 +0000
ROA not before: Sat 01 Jan 2022 11:01:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 185.232.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144447356 (0x89c177c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=813e051cb831d1989607bb76c0bc5693ff947b53
Validity
Not Before: Jan 1 11:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf123428b00bc95a3049c56dbe7cdce4b2b0aba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:3d:6a:52:73:5c:d5:92:24:c3:18:49:d3:c6:
dc:66:35:4f:a4:d2:30:2c:52:51:fd:65:54:20:f8:
55:5c:e1:aa:81:f1:1d:48:ae:50:80:9a:5a:f5:4b:
af:bd:31:65:de:15:a0:a1:35:5a:3d:7b:93:17:96:
63:ee:d4:41:ee:94:57:b4:4a:1a:ce:e7:a4:99:6e:
6c:03:4c:23:b7:12:3f:e8:e0:68:92:5e:67:c8:9a:
ed:c3:5b:74:98:1e:66:3e:00:fd:d1:92:7a:91:ae:
b0:70:32:ca:02:1d:05:08:dc:a4:5a:16:cd:75:68:
6c:91:1d:ab:5f:c1:8c:cb:cf:95:1c:63:7d:b5:a6:
fb:d3:e8:32:b0:4a:23:4c:43:0e:ab:42:26:01:b8:
bc:fd:8c:23:07:00:1b:bd:7f:a8:1e:a8:3b:c1:c7:
fa:a1:18:c5:51:f3:ac:69:7c:d8:16:53:30:5b:b3:
23:16:d0:7d:06:21:41:8a:3d:14:01:bd:07:57:f9:
9d:02:99:13:c8:c0:5e:6f:3a:87:a9:27:6d:89:dc:
d5:ef:7c:f5:a2:72:ba:b9:90:5c:51:8b:fe:60:54:
d4:49:3b:2a:05:48:3e:35:ae:cd:12:8a:0a:ed:d2:
82:75:98:53:90:67:e3:d9:0f:4f:7e:00:82:a1:f7:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:12:34:28:B0:0B:C9:5A:30:49:C5:6D:BE:7C:DC:E4:B2:B0:AB:A3
X509v3 Authority Key Identifier:
keyid:81:3E:05:1C:B8:31:D1:98:96:07:BB:76:C0:BC:56:93:FF:94:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/zxI0KLALyVowScVtvnzc5LKwq6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e45ad6-e5ae-4819-9f24-f577aa46de83/1/gT4FHLgx0ZiWB7t2wLxWk_-Ue1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.152.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:63:e8:e3:57:cb:a7:e7:2e:d4:e4:2b:41:f1:27:59:7b:80:
82:08:9c:cb:1a:0b:2c:69:de:4b:48:98:e5:5e:62:dc:77:b8:
d8:6c:a3:ad:cd:41:09:ce:3c:f8:d5:45:2e:1c:5f:5d:85:de:
b6:78:2b:08:9d:31:0f:ec:f6:87:24:20:c0:c7:39:c3:34:79:
a2:13:a1:fd:1e:fb:6f:c0:33:b3:4c:3e:8c:ef:b7:40:4c:45:
6f:c4:84:2e:e5:15:75:23:3a:69:38:93:1f:1c:87:ee:a7:e7:
9e:76:ce:bc:75:9d:98:a2:d6:36:c8:3f:3b:00:b2:20:11:07:
e4:2c:ff:05:95:ad:62:85:1e:ef:df:50:a5:86:26:b8:23:cb:
56:b6:56:67:af:0f:66:aa:3e:75:1c:26:2c:2b:4b:43:ab:19:
3f:65:52:a5:c4:28:bb:d3:dc:3b:18:9e:ac:16:fe:55:b7:6b:
a1:05:06:26:d1:c7:47:b8:a8:1a:44:4f:50:40:7d:0d:d2:dc:
32:ec:ee:a4:d1:1b:2a:d8:5e:92:cf:f4:36:b6:ac:39:33:13:
36:81:b4:bc:0f:32:af:8c:45:cb:0c:5d:22:29:1f:53:17:3f:
6f:27:ad:50:b4:0c:c1:89:16:b7:79:91:09:9d:13:3c:4c:3a:
3e:4c:88:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJwXfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTNlMDUxY2I4MzFkMTk4OTYwN2JiNzZjMGJjNTY5M2ZmOTQ3YjUzMB4XDTIyMDEw
MTExMDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YxMjM0MjhiMDBi
Yzk1YTMwNDljNTZkYmU3Y2RjZTRiMmIwYWJhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOs9alJzXNWSJMMYSdPG3GY1T6TSMCxSUf1lVCD4VVzhqoHx
HUiuUICaWvVLr70xZd4VoKE1Wj17kxeWY+7UQe6UV7RKGs7npJlubANMI7cSP+jg
aJJeZ8ia7cNbdJgeZj4A/dGSepGusHAyygIdBQjcpFoWzXVobJEdq1/BjMvPlRxj
fbWm+9PoMrBKI0xDDqtCJgG4vP2MIwcAG71/qB6oO8HH+qEYxVHzrGl82BZTMFuz
IxbQfQYhQYo9FAG9B1f5nQKZE8jAXm86h6knbYnc1e989aJyurmQXFGL/mBU1Ek7
KgVIPjWuzRKKCu3SgnWYU5Bn49kPT34AgqH3NZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPEjQosAvJWjBJxW2+fNzksrCrozAfBgNVHSMEGDAWgBSBPgUcuDHRmJYH
u3bAvFaT/5R7UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dUNEZITGd4MFppV0I3dDJ3THhXa18tVWUxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8x
L3p4STBLTEFMeVZvd1NjVnR2bnpjNUxLd3E2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZTQ1YWQ2LWU1YWUtNDgxOS05ZjI0LWY1NzdhYTQ2ZGU4My8xL2dUNEZITGd4MFpp
V0I3dDJ3THhXa18tVWUxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnomDANBgkqhkiG9w0BAQsFAAOC
AQEAnmPo41fLp+cu1OQrQfEnWXuAggicyxoLLGneS0iY5V5i3He42Gyjrc1BCc48
+NVFLhxfXYXetngrCJ0xD+z2hyQgwMc5wzR5ohOh/R77b8Azs0w+jO+3QExFb8SE
LuUVdSM6aTiTHxyH7qfnnnbOvHWdmKLWNsg/OwCyIBEH5Cz/BZWtYoUe799QpYYm
uCPLVrZWZ68PZqo+dRwmLCtLQ6sZP2VSpcQou9PcOxierBb+VbdroQUGJtHHR7io
GkRPUEB9DdLcMuzupNEbKtheks/0NrasOTMTNoG0vA8yr4xFywxdIikfUxc/byet
ULQMwYkWt3mRCZ0TPEw6PkyIsg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:10 2023 by rpki-client on console.sobornost.net