Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/HqkkQ1urQya-QErhZkXlRj8ebEw.roa
File: HqkkQ1urQya-QErhZkXlRj8ebEw.roa (raw, json)
Hash identifier: Ym1vWzNRYZEAbJe48P3itzaFnZbWiTIzPAqGRVKqe4U=
Subject key identifier: 1E:A9:24:43:5B:AB:43:26:BE:40:4A:E1:66:45:E5:46:3F:1E:6C:4C
Certificate issuer: /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial: 05D89BFA
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/HqkkQ1urQya-QErhZkXlRj8ebEw.roa
Signing time: Sat 01 Jan 2022 15:57:04 +0000
ROA not before: Sat 01 Jan 2022 15:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31742
IP address blocks: 195.153.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98081786 (0x5d89bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Validity
Not Before: Jan 1 15:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ea924435bab4326be404ae16645e5463f1e6c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:86:f7:a1:61:aa:2d:23:0d:03:9b:db:29:30:
74:bc:06:d0:e2:3d:60:f9:c6:6f:bb:13:a9:2d:26:
c8:e7:61:62:cf:6f:9d:0d:30:bc:32:05:02:9d:17:
5a:c9:c7:63:ca:52:51:fb:95:1f:96:f2:47:e7:21:
ea:d7:ae:5d:1d:e6:a7:df:3f:4d:b6:a8:bc:05:e5:
90:6f:3c:1c:f7:7e:b6:0a:e9:ad:b3:87:24:a2:08:
1a:6f:95:5d:31:68:71:d8:a3:68:33:6d:13:f2:0e:
3f:f0:65:97:84:42:ec:b6:67:75:09:a8:51:d9:a3:
ed:50:88:82:2a:1e:5b:7b:82:ac:a0:17:10:56:f0:
ad:ae:18:59:49:fa:b4:bf:4e:1a:2d:ac:1a:d7:46:
34:ce:65:73:54:27:58:57:e8:a3:83:54:3b:2d:c9:
16:a9:44:c0:38:64:10:8a:fc:7b:5f:d8:d7:02:66:
dd:90:19:bf:f1:02:3d:9f:f7:12:3b:3f:d5:1e:46:
b9:f3:a3:e7:ed:f8:12:b9:db:36:f1:fa:6e:2c:37:
37:c1:ce:e1:b1:7f:54:e0:98:66:3f:8e:30:20:59:
c6:f8:81:7d:f5:22:f7:22:ab:7c:59:eb:55:93:b3:
ae:35:9f:7e:11:1c:20:70:3b:ad:4a:ff:6d:35:83:
52:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A9:24:43:5B:AB:43:26:BE:40:4A:E1:66:45:E5:46:3F:1E:6C:4C
X509v3 Authority Key Identifier:
keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/HqkkQ1urQya-QErhZkXlRj8ebEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.153.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d9:32:de:22:20:f8:52:ef:24:07:ea:44:de:cc:93:a2:b9:
2b:18:3d:dd:50:91:04:f2:c6:68:ae:c9:92:3d:5e:f8:d9:ef:
eb:cc:95:03:0e:ad:bc:14:34:74:28:4e:16:2c:8a:41:af:a1:
f2:8c:13:ce:6e:a7:90:c0:ba:a8:c0:36:e5:40:8e:11:7f:de:
9b:c8:92:a1:c6:e6:58:f7:03:c0:e5:d4:5d:f5:84:0e:0b:2b:
0b:b0:81:c3:18:fe:9a:19:c8:f9:32:9e:67:09:82:45:fd:f5:
6f:03:ae:db:f3:9e:15:2e:4d:00:63:f1:e6:76:d5:1f:d6:74:
5a:36:2b:90:27:68:d0:cc:c5:8c:ed:cd:b9:36:1c:3a:5f:c5:
76:dc:15:64:73:30:6b:a3:d6:f0:48:82:6e:fe:b8:23:e3:4b:
90:c0:ff:d7:b2:14:88:d7:ab:79:55:cb:df:12:04:fb:54:58:
82:d0:83:65:4e:ee:55:de:c3:24:a6:b9:bb:4f:91:bd:42:c6:
d2:4b:62:1a:15:c3:68:fd:37:ce:c0:0d:31:cb:01:c8:05:e2:
bb:2f:8c:1a:81:eb:13:c0:5d:10:7a:90:78:19:38:ee:b9:cc:
06:16:9c:ce:26:cb:dc:11:37:c0:30:91:a0:fe:1c:42:9b:15:
67:7b:7d:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBdib+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2ZiNTI0MmY5OGNmZjlkZWE5YmFhOGM4YWU0NjZhNDJiNTM3YzVjMB4XDTIyMDEw
MTE1NTcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVhOTI0NDM1YmFi
NDMyNmJlNDA0YWUxNjY0NWU1NDYzZjFlNmM0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCG96Fhqi0jDQOb2ykwdLwG0OI9YPnGb7sTqS0myOdhYs9v
nQ0wvDIFAp0XWsnHY8pSUfuVH5byR+ch6teuXR3mp98/TbaovAXlkG88HPd+tgrp
rbOHJKIIGm+VXTFocdijaDNtE/IOP/Bll4RC7LZndQmoUdmj7VCIgioeW3uCrKAX
EFbwra4YWUn6tL9OGi2sGtdGNM5lc1QnWFfoo4NUOy3JFqlEwDhkEIr8e1/Y1wJm
3ZAZv/ECPZ/3Ejs/1R5GufOj5+34ErnbNvH6biw3N8HO4bF/VOCYZj+OMCBZxviB
ffUi9yKrfFnrVZOzrjWffhEcIHA7rUr/bTWDUnMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQeqSRDW6tDJr5ASuFmReVGPx5sTDAfBgNVHSMEGDAWgBRT+1JC+Yz/neqb
qoyK5GakK1N8XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VfdFNRdm1NXzUzcW02cU1pdVJtcEN0VGZGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvZTRkN2M2LWEyOTktNGI4OC04MjQ3LTljNDAzMjk2M2UxNy8x
L0hxa2tRMXVyUXlhLVFFcmhaa1hsUmo4ZWJFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
ZTRkN2M2LWEyOTktNGI4OC04MjQ3LTljNDAzMjk2M2UxNy8xL1VfdFNRdm1NXzUz
cW02cU1pdVJtcEN0VGZGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOZfDANBgkqhkiG9w0BAQsFAAOC
AQEALNky3iIg+FLvJAfqRN7Mk6K5Kxg93VCRBPLGaK7Jkj1e+Nnv68yVAw6tvBQ0
dChOFiyKQa+h8owTzm6nkMC6qMA25UCOEX/em8iSocbmWPcDwOXUXfWEDgsrC7CB
wxj+mhnI+TKeZwmCRf31bwOu2/OeFS5NAGPx5nbVH9Z0WjYrkCdo0MzFjO3NuTYc
Ol/FdtwVZHMwa6PW8EiCbv64I+NLkMD/17IUiNereVXL3xIE+1RYgtCDZU7uVd7D
JKa5u0+RvULG0ktiGhXDaP03zsANMcsByAXiuy+MGoHrE8BdEHqQeBk47rnMBhac
zibL3BE3wDCRoP4cQpsVZ3t9zQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net