Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/pWCyeiiUKJ45nCMV99n-OlhwDF0.roa
File: pWCyeiiUKJ45nCMV99n-OlhwDF0.roa (raw, json)
Hash identifier: D0yrTdajB4wAQHhBtsQHps20swchGGFhNeZK+VCDdqo=
Subject key identifier: A5:60:B2:7A:28:94:28:9E:39:9C:23:15:F7:D9:FE:3A:58:70:0C:5D
Certificate issuer: /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial: 05D7FF0D
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/pWCyeiiUKJ45nCMV99n-OlhwDF0.roa
Signing time: Sat 01 Jan 2022 15:57:03 +0000
ROA not before: Sat 01 Jan 2022 15:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25577
IP address blocks: 195.153.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98041613 (0x5d7ff0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Validity
Not Before: Jan 1 15:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a560b27a2894289e399c2315f7d9fe3a58700c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3e:ba:07:d3:f7:b2:ec:c0:d2:fa:0c:b3:0a:
ff:c0:99:4d:ec:7c:2b:95:41:94:97:3f:45:56:f7:
76:ee:20:9e:3c:c8:2e:9a:94:6e:98:65:05:7b:a4:
f5:e7:fc:ce:2f:f7:10:c4:72:a8:64:e6:0b:af:8b:
dc:1f:c5:9f:72:70:be:ff:7f:20:e3:e6:52:a4:ab:
65:45:a2:51:1f:ff:cf:e3:76:1a:ac:c3:7f:08:61:
da:b0:3f:66:b7:c9:d3:17:9c:75:62:6a:03:f9:bc:
e0:b2:bd:67:b5:2e:c5:15:f2:35:98:ec:b8:ee:62:
d2:75:5f:fe:82:bd:fb:54:81:cf:f1:56:d4:69:52:
ab:5d:35:88:22:e2:7d:4c:6e:20:e6:87:db:eb:42:
b7:38:6a:98:3f:f7:ec:29:41:8f:2a:bf:11:4d:b4:
34:f1:9c:ca:ae:5b:27:1d:0a:ae:83:f0:1d:78:77:
1e:cd:84:6e:9d:89:c5:c4:8e:18:73:d4:e9:b8:a1:
91:0b:bb:e0:c0:8e:45:44:c0:85:04:97:2a:ca:54:
e8:ef:d6:de:53:37:7c:6a:ce:d8:49:fd:61:0d:a9:
35:3a:d0:79:49:76:31:ca:ce:db:9a:2f:34:bb:13:
c0:9e:19:e8:9c:0b:5a:5a:62:93:8d:ef:28:f2:f0:
81:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:60:B2:7A:28:94:28:9E:39:9C:23:15:F7:D9:FE:3A:58:70:0C:5D
X509v3 Authority Key Identifier:
keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/pWCyeiiUKJ45nCMV99n-OlhwDF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.153.19.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b6:d9:80:43:3c:ac:7e:0d:f5:8d:13:c2:46:f7:e7:6a:f0:
cc:ac:14:d2:ee:ce:4a:46:c9:66:12:bd:7b:0b:79:f3:44:6a:
ff:db:fc:64:78:a6:33:3d:2d:a3:cf:c0:c6:07:b8:89:19:13:
3f:44:85:1b:f5:f0:20:5a:1a:57:65:aa:a7:58:b7:17:d5:5d:
37:03:a8:6b:79:fe:dc:68:d8:7f:4c:fe:12:b8:56:61:b1:9b:
cc:e0:ac:8b:f8:22:bd:3e:d7:e2:9b:46:94:9b:33:44:d8:da:
ce:f8:ce:83:34:9e:31:3c:68:19:17:70:96:2c:af:36:55:66:
63:a7:98:96:4e:15:80:a5:c7:e4:ec:bc:34:e0:e7:2f:f8:b3:
62:30:a3:1f:69:b6:e5:b7:81:ab:72:93:05:56:79:0f:12:60:
c2:9a:1e:46:1e:07:a6:3c:c6:54:e9:9b:d8:a0:67:08:bb:a8:
14:af:df:2d:aa:0c:12:53:84:31:90:26:b6:1a:86:8d:ad:a8:
37:04:03:2e:cb:4e:97:ab:c2:9a:8d:4d:2f:24:95:44:5f:24:
a3:29:c3:2b:21:61:2e:dc:6a:4d:ac:65:1d:06:46:4c:be:e5:
eb:71:83:df:1e:66:3e:0c:d5:c2:dd:ea:1f:1d:76:b1:df:eb:
ab:80:5b:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBdf/DTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2ZiNTI0MmY5OGNmZjlkZWE5YmFhOGM4YWU0NjZhNDJiNTM3YzVjMB4XDTIyMDEw
MTE1NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU2MGIyN2EyODk0
Mjg5ZTM5OWMyMzE1ZjdkOWZlM2E1ODcwMGM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY+ugfT97LswNL6DLMK/8CZTex8K5VBlJc/RVb3du4gnjzI
LpqUbphlBXuk9ef8zi/3EMRyqGTmC6+L3B/Fn3Jwvv9/IOPmUqSrZUWiUR//z+N2
GqzDfwhh2rA/ZrfJ0xecdWJqA/m84LK9Z7UuxRXyNZjsuO5i0nVf/oK9+1SBz/FW
1GlSq101iCLifUxuIOaH2+tCtzhqmD/37ClBjyq/EU20NPGcyq5bJx0KroPwHXh3
Hs2Ebp2JxcSOGHPU6bihkQu74MCORUTAhQSXKspU6O/W3lM3fGrO2En9YQ2pNTrQ
eUl2McrO25ovNLsTwJ4Z6JwLWlpik43vKPLwgYsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSlYLJ6KJQonjmcIxX32f46WHAMXTAfBgNVHSMEGDAWgBRT+1JC+Yz/neqb
qoyK5GakK1N8XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VfdFNRdm1NXzUzcW02cU1pdVJtcEN0VGZGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvZTRkN2M2LWEyOTktNGI4OC04MjQ3LTljNDAzMjk2M2UxNy8x
L3BXQ3llaWlVS0o0NW5DTVY5OW4tT2xod0RGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
ZTRkN2M2LWEyOTktNGI4OC04MjQ3LTljNDAzMjk2M2UxNy8xL1VfdFNRdm1NXzUz
cW02cU1pdVJtcEN0VGZGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOZEzANBgkqhkiG9w0BAQsFAAOC
AQEAkLbZgEM8rH4N9Y0Twkb352rwzKwU0u7OSkbJZhK9ewt580Rq/9v8ZHimMz0t
o8/Axge4iRkTP0SFG/XwIFoaV2Wqp1i3F9VdNwOoa3n+3GjYf0z+ErhWYbGbzOCs
i/givT7X4ptGlJszRNjazvjOgzSeMTxoGRdwliyvNlVmY6eYlk4VgKXH5Oy8NODn
L/izYjCjH2m25beBq3KTBVZ5DxJgwpoeRh4HpjzGVOmb2KBnCLuoFK/fLaoMElOE
MZAmthqGja2oNwQDLstOl6vCmo1NLySVRF8koynDKyFhLtxqTaxlHQZGTL7l63GD
3x5mPgzVwt3qHx12sd/rq4BbGQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:25 2023 by rpki-client on console.sobornost.net