Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/5BUuTMUiLsXStlQGa_kRioGrGP8.roa
File: 5BUuTMUiLsXStlQGa_kRioGrGP8.roa (raw, json)
Hash identifier: lf91EEjhpDzngdP1v3gD9iehuZF+RwLr6im5oJLh0uU=
Subject key identifier: E4:15:2E:4C:C5:22:2E:C5:D2:B6:54:06:6B:F9:11:8A:81:AB:18:FF
Certificate issuer: /CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Certificate serial: 092D7546
Authority key identifier: 85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/5BUuTMUiLsXStlQGa_kRioGrGP8.roa
Signing time: Sat 01 Jan 2022 10:56:12 +0000
ROA not before: Sat 01 Jan 2022 10:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204119
IP address blocks: 84.38.64.0/20 maxlen: 20
195.42.114.0/23 maxlen: 23
2a00:5080::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153974086 (0x92d7546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Validity
Not Before: Jan 1 10:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4152e4cc5222ec5d2b654066bf9118a81ab18ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ba:b3:a7:88:c6:2f:53:3b:3d:a3:d0:a4:98:
1e:28:90:95:cc:a9:c6:b6:e1:cf:16:03:42:e4:cc:
9e:55:ea:7d:9c:90:c9:db:1f:c4:a1:6a:a5:72:6d:
a9:62:41:e1:9e:5f:cf:a0:1b:4c:d7:2d:6f:85:4d:
b4:60:7e:cd:35:54:66:5f:21:e6:5f:2d:43:de:d6:
f6:b4:01:89:e5:45:29:7e:86:41:2b:f3:55:1b:01:
d3:1b:8d:93:cc:a4:ca:ca:34:43:a8:d5:9f:d5:b2:
ee:a2:1f:cb:5c:bd:ae:a8:05:57:a0:90:0e:9f:07:
c0:ff:5f:65:44:29:f1:6a:d4:3c:88:8a:62:40:52:
4b:c9:7d:7e:8a:2d:3d:25:5b:cb:f6:51:3d:77:c1:
3f:0f:3d:00:dd:dc:c7:d9:e7:56:f0:fd:5c:11:d1:
a2:2b:c9:cd:19:73:70:3f:29:92:06:05:39:25:b7:
5a:f4:d6:2d:ac:ea:f2:25:c5:9f:65:55:09:29:99:
de:98:19:a7:46:e7:c7:59:6b:e2:20:4b:62:12:c4:
f0:dc:bd:8a:31:7d:99:54:bc:81:08:43:be:62:6c:
6f:bf:72:14:41:8f:85:ce:67:12:a4:e7:7d:c5:67:
54:a3:b9:5a:d0:d3:8f:89:10:b2:99:b7:09:8e:7b:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:15:2E:4C:C5:22:2E:C5:D2:B6:54:06:6B:F9:11:8A:81:AB:18:FF
X509v3 Authority Key Identifier:
keyid:85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/5BUuTMUiLsXStlQGa_kRioGrGP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.64.0/20
195.42.114.0/23
IPv6:
2a00:5080::/32
Signature Algorithm: sha256WithRSAEncryption
ce:e6:6c:e5:35:a4:c5:ea:10:6a:c9:34:d1:e9:e7:4e:ad:1c:
e1:cc:d0:d8:89:d1:bd:ba:85:72:ad:a0:fc:2d:aa:0c:d8:91:
ce:21:f3:02:4e:e3:47:13:44:de:03:94:74:cd:38:22:ba:f2:
3a:e2:2e:27:12:b4:32:5b:ac:5c:99:d9:24:be:d7:90:85:ea:
e0:c9:7d:f7:05:c1:f1:4f:82:75:ad:de:81:9a:e7:71:59:0b:
26:b2:06:e8:c3:e9:53:39:36:c4:3b:97:96:b1:3a:5c:aa:6b:
b3:58:74:ac:c3:6f:91:a3:05:82:6b:88:ae:d4:5a:aa:b8:61:
b9:64:01:15:c0:5e:d7:52:b6:c2:2c:db:69:59:81:5e:be:6a:
1a:ff:bd:1f:34:d6:14:ce:40:c4:7a:64:3a:63:4b:e8:19:05:
e4:c7:77:59:55:b3:60:a2:91:e7:79:d6:64:4d:33:fb:a0:f7:
e6:1f:18:cd:ca:d4:46:dc:af:80:41:53:d0:2e:54:7b:c0:4c:
74:68:b1:6c:ff:a1:e4:6a:7f:fa:c6:49:1a:ca:27:55:20:bb:
6e:bb:1f:3b:23:88:21:be:3a:40:8e:b3:a5:2f:9f:24:e0:15:
9e:21:b0:32:9f:94:dd:6f:85:fc:9e:ea:a3:9c:25:49:32:58:
27:3d:f5:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECS11RjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWMzNTI1ZDY4YjYxMTE2NTY0ZTE2ZTFkZDRlNTZjYjAzNWM5Yzg1MB4XDTIyMDEw
MTEwNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQxNTJlNGNjNTIy
MmVjNWQyYjY1NDA2NmJmOTExOGE4MWFiMThmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+6s6eIxi9TOz2j0KSYHiiQlcypxrbhzxYDQuTMnlXqfZyQ
ydsfxKFqpXJtqWJB4Z5fz6AbTNctb4VNtGB+zTVUZl8h5l8tQ97W9rQBieVFKX6G
QSvzVRsB0xuNk8ykyso0Q6jVn9Wy7qIfy1y9rqgFV6CQDp8HwP9fZUQp8WrUPIiK
YkBSS8l9footPSVby/ZRPXfBPw89AN3cx9nnVvD9XBHRoivJzRlzcD8pkgYFOSW3
WvTWLazq8iXFn2VVCSmZ3pgZp0bnx1lr4iBLYhLE8Ny9ijF9mVS8gQhDvmJsb79y
FEGPhc5nEqTnfcVnVKO5WtDTj4kQspm3CY57jAUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTkFS5MxSIuxdK2VAZr+RGKgasY/zAfBgNVHSMEGDAWgBSFw1JdaLYRFlZO
FuHdTlbLA1ychTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hjTlNYV2kyRVJaV1RoYmgzVTVXeXdOY25JVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvOWZiZWMxLWViZDItNDFiYS04M2Q5LTY5NGRiZmFkZGI4Zi8x
LzVCVXVUTVVpTHNYU3RsUUdhX2tSaW9HckdQOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
OWZiZWMxLWViZDItNDFiYS04M2Q5LTY5NGRiZmFkZGI4Zi8xL2hjTlNYV2kyRVJa
V1RoYmgzVTVXeXdOY25JVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFQmQAMEAcMqcjANBAIAAjAHAwUA
KgBQgDANBgkqhkiG9w0BAQsFAAOCAQEAzuZs5TWkxeoQask00ennTq0c4czQ2InR
vbqFcq2g/C2qDNiRziHzAk7jRxNE3gOUdM04IrryOuIuJxK0MlusXJnZJL7XkIXq
4Ml99wXB8U+Cda3egZrncVkLJrIG6MPpUzk2xDuXlrE6XKprs1h0rMNvkaMFgmuI
rtRaqrhhuWQBFcBe11K2wizbaVmBXr5qGv+9HzTWFM5AxHpkOmNL6BkF5Md3WVWz
YKKR53nWZE0z+6D35h8YzcrURtyvgEFT0C5Ue8BMdGixbP+h5Gp/+sZJGsonVSC7
brsfOyOIIb46QI6zpS+fJOAVniGwMp+U3W+F/J7qo5wlSTJYJz31AA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:19 2023 by rpki-client on console.sobornost.net