Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Pv0l3bSgDw2aGkbENY8hOdBhdAE.roa
File: Pv0l3bSgDw2aGkbENY8hOdBhdAE.roa (raw, json)
Hash identifier: Tp6/peHwM9IHW3DnCdXynw1YhIdR9EB3Z//3R88tqqY=
Subject key identifier: 3E:FD:25:DD:B4:A0:0F:0D:9A:1A:46:C4:35:8F:21:39:D0:61:74:01
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0185331583A7CB4628E2D4C9C2765D114605
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Pv0l3bSgDw2aGkbENY8hOdBhdAE.roa
Signing time: Wed 21 Dec 2022 05:08:45 +0000
ROA not before: Wed 21 Dec 2022 05:08:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53667
IP address blocks: 65.111.0.0/19 maxlen: 19
104.167.16.0/20 maxlen: 20
104.207.32.0/19 maxlen: 19
45.78.80.0/20 maxlen: 20
217.114.35.0/24 maxlen: 24
45.3.32.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:15:83:a7:cb:46:28:e2:d4:c9:c2:76:5d:11:46:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Dec 21 05:08:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3efd25ddb4a00f0d9a1a46c4358f2139d0617401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:12:2b:e2:e9:a0:0e:50:f3:5a:27:01:a5:
ec:27:93:2f:a5:c6:11:89:81:54:f7:ff:e8:9e:c8:
ab:66:49:27:5f:44:c7:c7:f9:c8:70:d5:c8:f0:d2:
7b:59:e2:5f:83:8d:5f:7a:13:18:7d:f8:bd:57:c9:
0c:c4:3a:1a:e2:32:09:77:da:73:2f:0d:78:c5:f3:
5f:d9:d3:51:fa:51:dc:2c:d9:0d:25:1a:56:4c:c6:
1a:17:77:65:e3:dc:2d:ca:61:9f:53:bf:24:07:fe:
9f:5d:9e:2a:b0:09:2e:a5:85:16:61:df:07:f4:3b:
1c:05:da:30:4b:af:6c:b1:56:4e:b3:58:5f:d3:8c:
f5:f5:6a:ba:03:e7:7f:4a:fc:2d:d2:44:8d:f9:c8:
7f:82:a1:1f:d3:54:75:1a:9a:cf:05:df:d6:b3:19:
d7:e9:7e:d2:28:16:4a:3e:4c:90:43:b8:b4:54:cb:
7b:e5:a7:74:45:54:2d:a9:ab:70:65:f6:57:48:95:
be:e3:f1:32:40:05:4c:f8:aa:21:c2:98:12:fa:81:
6c:db:29:ca:fb:87:bc:e4:2b:76:7f:df:23:24:48:
c8:81:a0:22:d6:5c:79:a8:a5:ea:3c:ba:a8:f7:24:
1d:99:5f:fa:2e:c0:b6:89:78:eb:b5:8f:57:87:c5:
3e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FD:25:DD:B4:A0:0F:0D:9A:1A:46:C4:35:8F:21:39:D0:61:74:01
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Pv0l3bSgDw2aGkbENY8hOdBhdAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
45.78.80.0/20
65.111.0.0/19
104.167.16.0/20
104.207.32.0/19
217.114.35.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:4b:b4:2d:19:ac:08:4a:fb:a1:cc:7c:8d:95:a4:c7:c4:60:
38:32:ff:d1:f7:e0:62:e1:25:c0:92:a2:ad:58:e1:2f:fa:9f:
bb:2c:89:62:5f:5a:c6:01:af:6e:98:fb:19:12:ff:f1:fa:4d:
23:c9:df:de:2c:4f:e4:29:a3:d4:e0:6b:5e:8a:a6:de:cf:a9:
fb:7f:db:65:e9:e7:b0:2f:2e:0c:3e:2f:f0:75:6d:69:41:41:
36:02:38:32:e6:63:7b:2f:d0:ab:ce:2b:64:37:da:fc:f8:13:
56:dc:6f:7f:dd:d0:01:f8:87:97:10:25:a6:95:53:b3:6c:f6:
20:64:e0:ba:55:f2:1c:65:09:3f:68:12:03:fd:f1:9c:54:c9:
ac:2d:78:79:98:0f:79:1d:26:06:a9:32:b8:6c:78:40:9a:31:
0d:28:a6:c5:a9:8c:f1:db:f4:9d:ae:14:62:52:30:3e:95:c1:
01:7f:3c:77:ed:7b:d0:78:c8:9d:9b:4c:34:fd:02:48:0c:9a:
71:36:fa:23:46:73:e9:65:08:b4:f1:33:91:2d:c6:f8:94:3d:
4d:bd:c8:b8:ef:10:37:32:f7:40:7e:dd:67:ca:69:af:0a:95:
49:a6:0f:c3:6d:ef:6f:77:88:2e:1d:77:56:9f:90:d4:34:19:
b0:a1:18:04
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUzFYOny0Yo4tTJwnZdEUYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjIxMjIxMDUwODQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWZkMjVkZGI0YTAwZjBkOWExYTQ2YzQzNThmMjEzOWQwNjE3NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIISK+LpoA5Q81onAaXsJ5MvpcYR
iYFU9//onsirZkknX0THx/nIcNXI8NJ7WeJfg41fehMYffi9V8kMxDoa4jIJd9pz
Lw14xfNf2dNR+lHcLNkNJRpWTMYaF3dl49wtymGfU78kB/6fXZ4qsAkupYUWYd8H
9DscBdowS69ssVZOs1hf04z19Wq6A+d/Svwt0kSN+ch/gqEf01R1GprPBd/WsxnX
6X7SKBZKPkyQQ7i0VMt75ad0RVQtqatwZfZXSJW+4/EyQAVM+KohwpgS+oFs2ynK
+4e85Ct2f98jJEjIgaAi1lx5qKXqPLqo9yQdmV/6LsC2iXjrtY9Xh8U++QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD79Jd20oA8NmhpGxDWPITnQYXQBMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvUHYwbDNiU2dEdzJhR2tiRU5ZOGhPZEJoZEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFLQMgAwQE
LU5QAwQFQW8AAwQEaKcQAwQFaM8gAwQA2XIjMA0GCSqGSIb3DQEBCwUAA4IBAQCs
S7QtGawISvuhzHyNlaTHxGA4Mv/R9+Bi4SXAkqKtWOEv+p+7LIliX1rGAa9umPsZ
Ev/x+k0jyd/eLE/kKaPU4Gteiqbez6n7f9tl6eewLy4MPi/wdW1pQUE2Ajgy5mN7
L9CrzitkN9r8+BNW3G9/3dAB+IeXECWmlVOzbPYgZOC6VfIcZQk/aBID/fGcVMms
LXh5mA95HSYGqTK4bHhAmjENKKbFqYzx2/SdrhRiUjA+lcEBfzx37XvQeMidm0w0
/QJIDJpxNvojRnPpZQi08TORLcb4lD1Nvci47xA3MvdAft1nymmvCpVJpg/Dbe9v
d4guHXdWn5DUNBmwoRgE
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net