Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/gOkmbSbVYKApCdysjJvLNCie2e8.roa
File: gOkmbSbVYKApCdysjJvLNCie2e8.roa (raw, json)
Hash identifier: eBILRCasPS6SCJ8Ed8S0OtxZooFm/9syr5N2IbWgLqM=
Subject key identifier: 80:E9:26:6D:26:D5:60:A0:29:09:DC:AC:8C:9B:CB:34:28:9E:D9:EF
Certificate issuer: /CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Certificate serial: 0301CE
Authority key identifier: 9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/gOkmbSbVYKApCdysjJvLNCie2e8.roa
Signing time: Thu 16 Jun 2022 12:43:45 +0000
ROA not before: Thu 16 Jun 2022 12:43:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 82.145.96.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197070 (0x301ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Validity
Not Before: Jun 16 12:43:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80e9266d26d560a02909dcac8c9bcb34289ed9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:44:84:72:4e:57:b5:96:34:da:64:54:f9:
30:22:1f:c8:63:78:e0:7e:cc:ab:aa:d7:9e:ab:98:
c7:6b:7e:fa:48:59:56:20:2c:54:2b:bd:a6:cf:c6:
ef:01:fd:39:6b:2c:47:9a:5f:38:23:67:f4:35:19:
22:13:37:24:30:66:19:64:c1:4d:01:d8:17:30:b1:
63:a5:f5:c0:da:c4:76:d0:34:56:85:e5:fa:ba:f9:
83:e3:25:ca:59:6f:99:89:34:64:82:e3:cf:50:7f:
84:dd:b6:c1:29:3f:4d:9c:54:75:16:1a:a5:78:1e:
43:3c:47:16:c1:b4:bc:79:15:97:12:40:9c:cd:f8:
be:31:b7:b7:be:92:07:ac:c6:ad:4d:f3:32:a2:1c:
c8:1f:c0:d5:70:27:11:cc:b2:38:0a:1e:d2:24:ab:
e1:c2:7c:e4:15:e1:21:5f:8e:1f:09:2e:34:e5:93:
ed:48:66:7b:c6:43:b4:ac:f2:61:25:76:56:ef:2a:
9d:34:aa:50:f2:7f:95:21:86:44:41:da:0b:02:a4:
9c:f8:9c:ed:96:86:4a:44:d4:b5:e0:35:54:5e:12:
0e:ec:ab:5d:45:92:c8:00:01:3d:3e:b6:38:1b:9e:
24:d5:44:75:8f:4d:69:0d:f0:c9:e5:32:3c:d2:c8:
17:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E9:26:6D:26:D5:60:A0:29:09:DC:AC:8C:9B:CB:34:28:9E:D9:EF
X509v3 Authority Key Identifier:
keyid:9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/gOkmbSbVYKApCdysjJvLNCie2e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.96.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:99:cd:20:06:15:fd:7e:d4:ae:3a:b5:e6:34:9c:96:10:cb:
0e:4c:8f:16:5e:89:03:56:b2:c5:62:0f:6b:cf:51:de:c9:0e:
fb:49:14:c7:c3:a2:96:e0:a8:5f:1e:d2:4c:6f:83:1c:cc:ce:
a5:e2:f8:cd:f4:30:81:43:5e:85:aa:b3:30:d3:56:be:94:a7:
cc:3f:63:fb:60:9e:0f:f5:f9:36:32:e6:56:53:ac:89:7f:99:
20:66:e7:fb:e2:a1:4a:e0:b3:aa:da:ca:a2:91:03:02:b4:b4:
aa:e7:a1:99:40:72:f6:3d:fc:0d:25:ca:f4:bc:b4:4e:2b:16:
c7:6d:39:32:60:48:26:26:47:18:20:0c:55:5e:53:b9:20:b2:
73:0e:5a:ab:78:ea:5c:d5:5d:b6:1c:24:84:f3:8e:b0:46:57:
2b:18:fe:a3:7c:2f:f8:a9:1a:e1:2e:2c:64:de:ae:f4:ad:90:
e3:9d:94:ed:ab:ac:38:07:cf:65:cf:66:dd:9b:fa:33:3a:ea:
06:c5:92:f6:f8:ec:f6:23:df:a5:09:2a:ae:e8:40:51:e7:a4:
aa:bb:6c:04:da:54:0b:25:07:98:47:14:81:c9:87:af:02:3a:
ca:3e:70:2c:3b:59:99:d9:54:64:17:28:6e:79:47:81:9c:86:
56:cf:dd:67
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAwHOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlj
MmNiN2Y5Y2EwZWZkNzJiZTI1OGE0YTA5MzU4ODA2Mzc0YjQ2NjIwHhcNMjIwNjE2
MTI0MzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MGU5MjY2ZDI2ZDU2
MGEwMjkwOWRjYWM4YzliY2IzNDI4OWVkOWVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuPBEhHJOV7WWNNpkVPkwIh/IY3jgfsyrqteeq5jHa376SFlW
ICxUK72mz8bvAf05ayxHml84I2f0NRkiEzckMGYZZMFNAdgXMLFjpfXA2sR20DRW
heX6uvmD4yXKWW+ZiTRkguPPUH+E3bbBKT9NnFR1FhqleB5DPEcWwbS8eRWXEkCc
zfi+Mbe3vpIHrMatTfMyohzIH8DVcCcRzLI4Ch7SJKvhwnzkFeEhX44fCS405ZPt
SGZ7xkO0rPJhJXZW7yqdNKpQ8n+VIYZEQdoLAqSc+JztloZKRNS14DVUXhIO7Ktd
RZLIAAE9PrY4G54k1UR1j01pDfDJ5TI80sgXSQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIDpJm0m1WCgKQncrIybyzQontnvMB8GA1UdIwQYMBaAFJwst/nKDv1yviWK
Sgk1iAY3S0ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUtN2Y5MmMzNGViMDdjLzEv
Z09rbWJTYlZZS0FwQ2R5c2pKdkxOQ2llMmU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84
NmE0MjYtNTZlZS00NmRkLTk0MjUtN2Y5MmMzNGViMDdjLzEvbkN5My1jb09fWEst
SllwS0NUV0lCamRMUm1JLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUpFgMA0GCSqGSIb3DQEBCwUAA4IB
AQANmc0gBhX9ftSuOrXmNJyWEMsOTI8WXokDVrLFYg9rz1HeyQ77SRTHw6KW4Khf
HtJMb4MczM6l4vjN9DCBQ16FqrMw01a+lKfMP2P7YJ4P9fk2MuZWU6yJf5kgZuf7
4qFK4LOq2sqikQMCtLSq56GZQHL2PfwNJcr0vLROKxbHbTkyYEgmJkcYIAxVXlO5
ILJzDlqreOpc1V22HCSE846wRlcrGP6jfC/4qRrhLixk3q70rZDjnZTtq6w4B89l
z2bdm/ozOuoGxZL2+Oz2I9+lCSqu6EBR56Squ2wE2lQLJQeYRxSByYevAjrKPnAs
O1mZ2VRkFyhueUeBnIZWz91n
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:51 2023 by rpki-client on console.sobornost.net