Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/pCljkz2drH5y4Fp0vMFt00mYMAw.roa
File: pCljkz2drH5y4Fp0vMFt00mYMAw.roa (raw, json)
Hash identifier: UlxoFpgVzRJkkbQ5aihyENxT1b+EGtEnxdWoPjBVAHE=
Subject key identifier: A4:29:63:93:3D:9D:AC:7E:72:E0:5A:74:BC:C1:6D:D3:49:98:30:0C
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 018BD877F43CF4A7A33943D0F29AB42660F1
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/pCljkz2drH5y4Fp0vMFt00mYMAw.roa
Signing time: Thu 16 Nov 2023 14:10:21 +0000
ROA not before: Thu 16 Nov 2023 14:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58026
IP address blocks: 65.111.0.0/19 maxlen: 19
104.167.16.0/20 maxlen: 20
104.207.32.0/19 maxlen: 19
45.78.80.0/20 maxlen: 20
62.3.6.0/24 maxlen: 24
45.3.32.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:77:f4:3c:f4:a7:a3:39:43:d0:f2:9a:b4:26:60:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Nov 16 14:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42963933d9dac7e72e05a74bcc16dd34998300c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ff:dc:39:83:aa:6c:78:5d:d7:e2:ab:da:2d:
fd:d7:11:b6:73:1e:ea:fa:e5:dc:5e:fe:39:f9:74:
ed:19:f4:f2:db:a0:05:fb:f8:bf:e8:04:e3:07:90:
a2:42:65:0e:b1:57:f3:82:c5:e5:78:6f:76:5f:a0:
48:52:62:5e:31:89:f7:3c:78:13:42:b9:8c:71:ea:
ed:f6:93:6a:45:73:f7:a0:fe:f2:aa:60:92:22:ad:
cc:5d:64:97:15:b3:09:a3:d2:62:a6:76:c9:09:1f:
4b:f2:d2:b5:93:aa:bd:af:4f:66:13:99:a3:60:7d:
fb:3b:6c:a3:bf:6b:38:fb:8c:f2:26:8b:fa:85:8b:
4c:16:d0:4b:71:ec:7d:f7:92:06:c2:06:48:45:f1:
bd:87:d5:e0:e0:77:dc:f5:1f:c1:3e:5e:7d:e6:2f:
72:b2:cd:c2:c0:f8:e8:e3:36:6f:c3:70:8a:88:b7:
98:37:e3:21:c2:93:ee:24:05:cc:84:c2:d7:e0:63:
96:5f:f8:90:2c:86:fe:c0:26:e3:8e:6e:eb:4e:d5:
66:68:96:bd:72:90:39:f6:2a:41:24:31:c4:c7:05:
e6:2a:e2:47:85:82:09:08:04:4a:5f:e0:9e:bd:5b:
e2:e5:98:b8:d3:51:76:ce:4d:91:3e:e6:8b:ac:ba:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:29:63:93:3D:9D:AC:7E:72:E0:5A:74:BC:C1:6D:D3:49:98:30:0C
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/pCljkz2drH5y4Fp0vMFt00mYMAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
45.78.80.0/20
62.3.6.0/24
65.111.0.0/19
104.167.16.0/20
104.207.32.0/19
Signature Algorithm: sha256WithRSAEncryption
99:c1:74:bb:92:c4:8c:0a:b4:cf:3a:eb:07:a0:24:e3:f3:70:
a3:25:35:35:0b:89:8c:1c:ec:88:10:a6:be:10:17:ad:6d:0a:
b9:53:2e:39:db:21:13:f1:60:a2:55:60:e0:00:2d:b3:bc:34:
08:27:f7:51:71:54:8d:27:50:01:5b:aa:83:53:d2:70:89:87:
11:3e:e0:93:5e:a0:0a:c9:ac:11:63:a6:c4:ec:a7:f9:e3:38:
e6:08:b0:41:2c:7b:4f:23:7e:8d:3e:fa:ec:22:42:37:7f:c0:
59:10:68:62:78:7f:35:74:6b:ee:fa:dd:ce:35:09:e4:87:f7:
69:f5:1b:0e:d5:8f:e6:9d:88:f6:9b:42:34:b2:46:a1:d0:bb:
a9:53:ac:84:ff:89:f2:5f:54:25:21:95:49:4f:0d:26:cb:b6:
f4:48:fc:d4:8a:27:6d:b4:db:74:e7:48:60:ef:d3:ff:e3:0a:
7f:df:84:b8:8b:66:dc:37:fd:bb:f1:47:c7:5b:3c:8e:8e:74:
e1:c7:51:3d:44:33:4f:a0:9a:71:27:d3:38:d5:90:a2:63:6c:
ed:6f:63:5e:10:d9:49:0b:0f:0b:bd:33:95:27:05:6a:c2:25:
c5:07:2d:7a:f4:ca:d7:3d:be:00:f3:ba:89:32:90:9a:f0:b7:
6f:25:ab:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvYd/Q89KejOUPQ8pq0JmDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjMxMTE2MTQxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI5NjM5MzNkOWRhYzdlNzJlMDVhNzRiY2MxNmRkMzQ5OTgzMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif/cOYOqbHhd1+Kr2i391xG2cx7q
+uXcXv45+XTtGfTy26AF+/i/6ATjB5CiQmUOsVfzgsXleG92X6BIUmJeMYn3PHgT
QrmMcert9pNqRXP3oP7yqmCSIq3MXWSXFbMJo9JipnbJCR9L8tK1k6q9r09mE5mj
YH37O2yjv2s4+4zyJov6hYtMFtBLcex995IGwgZIRfG9h9Xg4Hfc9R/BPl595i9y
ss3CwPjo4zZvw3CKiLeYN+MhwpPuJAXMhMLX4GOWX/iQLIb+wCbjjm7rTtVmaJa9
cpA59ipBJDHExwXmKuJHhYIJCARKX+CevVvi5Zi401F2zk2RPuaLrLpDbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKQpY5M9nax+cuBadLzBbdNJmDAMMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvcENsamt6MmRySDV5NEZwMHZNRnQwMG1ZTUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFLQMgAwQE
LU5QAwQAPgMGAwQFQW8AAwQEaKcQAwQFaM8gMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
wXS7ksSMCrTPOusHoCTj83CjJTU1C4mMHOyIEKa+EBetbQq5Uy452yET8WCiVWDg
AC2zvDQIJ/dRcVSNJ1ABW6qDU9JwiYcRPuCTXqAKyawRY6bE7Kf54zjmCLBBLHtP
I36NPvrsIkI3f8BZEGhieH81dGvu+t3ONQnkh/dp9RsO1Y/mnYj2m0I0skah0Lup
U6yE/4nyX1QlIZVJTw0my7b0SPzUiidttNt050hg79P/4wp/34S4i2bcN/278UfH
WzyOjnThx1E9RDNPoJpxJ9M41ZCiY2ztb2NeENlJCw8LvTOVJwVqwiXFBy169MrX
Pb4A87qJMpCa8LdvJau9
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net