Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/b6wKuE7ASiNRzf-0TTFS8JYMbys.roa
File: b6wKuE7ASiNRzf-0TTFS8JYMbys.roa (raw, json)
Hash identifier: EayHU+HndsR+0bc9JzHh1ZfeQK0DNoaP7Z024SABdtE=
Subject key identifier: 6F:AC:0A:B8:4E:C0:4A:23:51:CD:FF:B4:4D:31:52:F0:96:0C:6F:2B
Certificate issuer: /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial: 01856C4A3A9E71DF227649F1BDF8E448F45E
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/b6wKuE7ASiNRzf-0TTFS8JYMbys.roa
Signing time: Sun 01 Jan 2023 07:44:41 +0000
ROA not before: Sun 01 Jan 2023 07:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204760
IP address blocks: 213.217.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:3a:9e:71:df:22:76:49:f1:bd:f8:e4:48:f4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
Validity
Not Before: Jan 1 07:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fac0ab84ec04a2351cdffb44d3152f0960c6f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ae:bc:5b:75:3a:d7:e6:34:a4:d8:b1:df:5a:
34:82:57:57:92:cc:b8:be:03:a8:98:31:28:9e:f7:
18:1c:38:d9:63:73:cc:65:ca:9a:c7:10:8c:0d:ca:
f3:89:c9:f8:32:a3:63:d0:b6:74:03:73:09:d1:1c:
97:fc:da:4f:af:6a:7e:b7:f7:31:66:d4:a1:a7:08:
f3:bc:df:19:4a:c2:d3:04:53:9a:17:83:32:8d:eb:
43:cf:c4:9d:33:9d:48:88:5d:02:f8:7f:3b:94:3c:
d8:e9:6c:1b:ed:41:47:9e:1d:d5:fe:04:19:f5:fc:
4f:a8:a5:68:14:dd:39:db:7c:e1:36:a3:ff:42:82:
15:75:08:d6:4a:bb:a9:49:48:52:73:fa:1b:cd:3b:
ac:4f:ae:81:c7:68:ec:67:51:e3:1f:66:e3:c2:96:
91:d4:6c:85:5f:78:d4:76:8d:70:aa:39:70:1c:b6:
b4:71:54:95:eb:ef:ca:1a:25:ad:ca:8e:ac:6d:f7:
fc:62:24:a0:0d:a1:44:fe:de:8c:11:44:47:da:6c:
9c:3f:04:06:86:45:91:f6:9b:a6:2f:7a:03:e2:4a:
ac:8f:e9:66:2e:9a:0b:ce:ad:23:42:d7:f8:ae:da:
45:18:43:95:c7:a0:db:7b:d8:c1:16:89:6f:b7:5b:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AC:0A:B8:4E:C0:4A:23:51:CD:FF:B4:4D:31:52:F0:96:0C:6F:2B
X509v3 Authority Key Identifier:
keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/b6wKuE7ASiNRzf-0TTFS8JYMbys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.217.4.0/22
Signature Algorithm: sha256WithRSAEncryption
69:fb:e1:8e:6d:36:98:2a:99:56:84:73:ff:17:8d:f9:10:b8:
3f:eb:4d:08:b4:aa:3c:10:f2:a6:72:de:7b:15:07:ca:71:45:
14:5d:7c:e9:eb:0d:c7:d9:09:35:fe:5c:07:05:0f:17:91:d8:
fd:e5:bc:fe:c0:98:b2:94:5c:7d:93:cd:2c:c5:1f:43:3a:c6:
67:8f:87:77:03:ea:fa:d6:9d:06:03:7c:ef:ff:45:6d:db:0e:
b9:26:4d:a5:12:83:a0:ce:a4:b0:e5:a9:d7:d7:28:ac:11:dd:
86:dd:8b:87:f3:e1:42:f4:bc:2d:a0:93:6a:64:e9:65:c4:82:
b4:59:6b:7e:b5:a4:2f:4e:d4:f6:79:ea:48:22:a7:bf:00:36:
65:d1:1d:f7:11:ba:be:7c:19:4e:69:2e:ba:d6:28:40:1c:18:
a6:02:54:31:30:16:6c:de:cb:36:6a:ff:15:96:69:bd:df:86:
38:40:90:04:5b:b3:9f:cc:20:f5:24:db:71:e0:69:49:2c:81:
8f:9d:4a:fb:a7:d3:67:4b:54:6e:46:c1:4d:d4:89:bb:a9:5b:
89:98:e5:14:95:f3:91:d7:74:dc:29:c9:89:8b:bc:32:c7:de:
ff:c7:0c:b8:05:9d:a4:c0:f3:4d:a6:cf:76:64:68:3b:f1:80:
f8:45:0f:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSjqecd8idknxvfjkSPReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjMwMTAxMDc0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFjMGFiODRlYzA0YTIzNTFjZGZmYjQ0ZDMxNTJmMDk2MGM2ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha68W3U61+Y0pNix31o0gldXksy4
vgOomDEonvcYHDjZY3PMZcqaxxCMDcrzicn4MqNj0LZ0A3MJ0RyX/NpPr2p+t/cx
ZtShpwjzvN8ZSsLTBFOaF4MyjetDz8SdM51IiF0C+H87lDzY6Wwb7UFHnh3V/gQZ
9fxPqKVoFN0523zhNqP/QoIVdQjWSrupSUhSc/obzTusT66Bx2jsZ1HjH2bjwpaR
1GyFX3jUdo1wqjlwHLa0cVSV6+/KGiWtyo6sbff8YiSgDaFE/t6MEURH2mycPwQG
hkWR9pumL3oD4kqsj+lmLpoLzq0jQtf4rtpFGEOVx6Dbe9jBFolvt1sOiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+sCrhOwEojUc3/tE0xUvCWDG8rMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvYjZ3S3VFN0FTaU5SemYtMFRURlM4SllNYnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1dkEMA0G
CSqGSIb3DQEBCwUAA4IBAQBp++GObTaYKplWhHP/F435ELg/600ItKo8EPKmct57
FQfKcUUUXXzp6w3H2Qk1/lwHBQ8Xkdj95bz+wJiylFx9k80sxR9DOsZnj4d3A+r6
1p0GA3zv/0Vt2w65Jk2lEoOgzqSw5anX1yisEd2G3YuH8+FC9LwtoJNqZOllxIK0
WWt+taQvTtT2eepIIqe/ADZl0R33Ebq+fBlOaS661ihAHBimAlQxMBZs3ss2av8V
lmm934Y4QJAEW7OfzCD1JNtx4GlJLIGPnUr7p9NnS1RuRsFN1Im7qVuJmOUUlfOR
13TcKcmJi7wyx97/xwy4BZ2kwPNNps92ZGg78YD4RQ+q
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:46 2023 by rpki-client on console.sobornost.net