Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/4HPlVNiBUizOg7c_BW2A698cO5Y.roa
File: 4HPlVNiBUizOg7c_BW2A698cO5Y.roa (raw, json)
Hash identifier: Lg8Ji/tp5LQI47TN/qvpTeUjv28JORCnjPaho0LjC/o=
Subject key identifier: E0:73:E5:54:D8:81:52:2C:CE:83:B7:3F:05:6D:80:EB:DF:1C:3B:96
Certificate issuer: /CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Certificate serial: 0184284D1528984EBE9A36083831F68B9168
Authority key identifier: EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/4HPlVNiBUizOg7c_BW2A698cO5Y.roa
Signing time: Sun 30 Oct 2022 09:50:51 +0000
ROA not before: Sun 30 Oct 2022 09:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15763
IP address blocks: 149.232.160.0/20 maxlen: 20
149.232.0.0/17 maxlen: 17
149.232.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:28:4d:15:28:98:4e:be:9a:36:08:38:31:f6:8b:91:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Validity
Not Before: Oct 30 09:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e073e554d881522cce83b73f056d80ebdf1c3b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:db:68:ba:28:7c:51:1e:04:af:2f:78:ce:
b8:fa:fe:a7:34:17:6b:26:cf:e1:e3:1e:67:53:89:
b5:ab:a5:fc:45:d2:e5:b2:63:8f:db:9f:43:f2:17:
7b:5e:4b:ca:b4:e7:44:51:78:5d:d9:ba:bc:59:62:
ca:2a:e5:71:41:fd:06:e2:2c:fc:94:51:95:17:82:
11:e7:26:18:f1:52:4d:ee:6a:b1:5e:58:8f:e9:0a:
ee:07:60:2d:86:1e:3a:4d:8c:94:b9:13:dc:d9:fc:
25:be:67:00:c2:5e:74:f7:13:35:fc:3f:98:52:2b:
2b:6a:99:17:4d:b2:a7:b9:cd:c4:98:84:50:6c:96:
d9:d0:80:7e:c6:22:8f:51:f9:60:e6:41:68:fa:f1:
cd:da:45:83:b3:79:03:67:f9:61:42:d1:d9:f1:41:
6b:69:68:43:c2:f3:8e:0b:3b:85:9b:7f:40:34:93:
06:cc:38:22:ce:0e:ce:28:eb:eb:f1:a0:9c:35:45:
98:21:bd:d1:7b:c3:2c:e5:7d:b2:69:62:8e:a2:96:
42:6e:97:46:5a:dd:3c:5a:c1:70:a6:14:30:ad:7e:
f9:20:e6:b9:0d:d9:ad:38:b9:18:75:0c:c2:3b:5d:
14:5d:a4:5a:e5:98:32:58:d0:1e:0e:2d:59:67:92:
87:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:73:E5:54:D8:81:52:2C:CE:83:B7:3F:05:6D:80:EB:DF:1C:3B:96
X509v3 Authority Key Identifier:
keyid:EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/4HPlVNiBUizOg7c_BW2A698cO5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/6hIZKS2GypY5e4qL0k4IsaiXwaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.0.0-149.232.175.255
Signature Algorithm: sha256WithRSAEncryption
69:a3:dc:06:c7:b8:2d:e1:18:5c:54:1e:b2:c7:e6:7b:49:78:
25:aa:b1:41:50:97:32:77:61:51:38:c0:9b:0d:de:a5:bb:2c:
75:53:01:9b:5f:42:70:3a:91:06:13:5a:50:0e:cb:1a:b0:35:
0c:43:f2:f3:19:a3:88:2f:8d:52:77:61:76:78:95:ce:c1:4c:
37:cc:0a:85:bf:54:77:b7:4b:a3:71:98:e3:10:fd:c4:21:70:
3a:c6:d8:2a:a3:41:f6:70:e5:b7:2e:ca:98:d0:b3:89:e3:02:
b8:ab:f3:ec:e5:0b:11:b8:e6:47:c8:03:68:a3:79:54:a4:67:
ff:07:c7:c7:35:3f:f6:fa:ae:3e:70:6d:cd:8f:6f:82:90:d3:
6c:b6:72:9a:6b:bf:ee:b6:a3:cf:b9:b8:6f:15:43:5b:c9:ea:
78:f0:8d:88:a3:9d:93:dc:ee:2f:d1:6d:53:f3:26:f0:06:6e:
38:27:f9:e9:48:c3:bc:de:2c:95:03:65:ff:bc:2e:48:7a:08:
d7:5d:3f:9b:c7:df:a4:a1:98:c0:d3:15:5f:5f:ad:04:24:50:
2e:25:7a:7c:f5:b8:b2:41:c9:ec:4f:ee:c7:6d:84:22:fd:85:
7f:e1:0c:67:4e:57:6f:49:e6:a6:50:ea:3a:f9:8d:ae:89:4f:
46:96:f5:1c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYQoTRUomE6+mjYIODH2i5FoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMTIxOTI5MmQ4NmNhOTYzOTdiOGE4YmQyNGUwOGIxYTg5
N2MxYTMwHhcNMjIxMDMwMDk1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDczZTU1NGQ4ODE1MjJjY2U4M2I3M2YwNTZkODBlYmRmMWMzYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA/baLoofFEeBK8veM64+v6nNBdr
Js/h4x5nU4m1q6X8RdLlsmOP259D8hd7XkvKtOdEUXhd2bq8WWLKKuVxQf0G4iz8
lFGVF4IR5yYY8VJN7mqxXliP6QruB2Athh46TYyUuRPc2fwlvmcAwl509xM1/D+Y
UisrapkXTbKnuc3EmIRQbJbZ0IB+xiKPUflg5kFo+vHN2kWDs3kDZ/lhQtHZ8UFr
aWhDwvOOCzuFm39ANJMGzDgizg7OKOvr8aCcNUWYIb3Re8Ms5X2yaWKOopZCbpdG
Wt08WsFwphQwrX75IOa5DdmtOLkYdQzCO10UXaRa5ZgyWNAeDi1ZZ5KHHwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFOBz5VTYgVIszoO3PwVtgOvfHDuWMB8GA1UdIwQY
MBaAFOoSGSkthsqWOXuKi9JOCLGol8GjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUt
Yzk4YTFiZGU2NDc2LzEvNEhQbFZOaUJVaXpPZzdjX0JXMkE2OThjTzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUtYzk4YTFiZGU2NDc2
LzEvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwOV6AME
BJXooDANBgkqhkiG9w0BAQsFAAOCAQEAaaPcBse4LeEYXFQessfme0l4JaqxQVCX
MndhUTjAmw3epbssdVMBm19CcDqRBhNaUA7LGrA1DEPy8xmjiC+NUndhdniVzsFM
N8wKhb9Ud7dLo3GY4xD9xCFwOsbYKqNB9nDlty7KmNCzieMCuKvz7OULEbjmR8gD
aKN5VKRn/wfHxzU/9vquPnBtzY9vgpDTbLZymmu/7rajz7m4bxVDW8nqePCNiKOd
k9zuL9FtU/Mm8AZuOCf56UjDvN4slQNl/7wuSHoI110/m8ffpKGYwNMVX1+tBCRQ
LiV6fPW4skHJ7E/ux22EIv2Ff+EMZ05Xb0nmplDqOvmNrolPRpb1HA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net