Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/A9DzXdtduRfBD7jblNoKM6uZXSw.roa
File: A9DzXdtduRfBD7jblNoKM6uZXSw.roa (raw, json)
Hash identifier: OrONOuEXTvRMFYOy/xslevOVg+G96upNC6TdM0vnAYs=
Subject key identifier: 03:D0:F3:5D:DB:5D:B9:17:C1:0F:B8:DB:94:DA:0A:33:AB:99:5D:2C
Certificate issuer: /CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Certificate serial: 018571277CA65E0BB8B4659FE122A18770DF
Authority key identifier: EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/A9DzXdtduRfBD7jblNoKM6uZXSw.roa
Signing time: Mon 02 Jan 2023 06:24:51 +0000
ROA not before: Mon 02 Jan 2023 06:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15763
IP address blocks: 149.232.0.0/17 maxlen: 17
149.232.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:7c:a6:5e:0b:b8:b4:65:9f:e1:22:a1:87:70:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Validity
Not Before: Jan 2 06:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03d0f35ddb5db917c10fb8db94da0a33ab995d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ca:46:42:11:7e:45:2b:70:eb:1c:64:0b:bc:
7b:ae:13:0f:81:94:ba:68:66:68:08:28:a4:b2:72:
2c:96:bc:6a:67:1a:14:ae:16:7b:77:ed:34:91:72:
b9:fc:48:68:42:dd:37:7f:94:82:32:05:89:25:80:
19:52:95:4a:8f:57:28:9d:8b:56:b4:14:71:7d:2e:
fd:e6:91:cb:6f:76:01:21:e2:2b:4d:4e:e9:9c:88:
2b:55:fb:40:2e:77:94:30:54:06:f3:d9:dc:03:41:
45:49:02:e1:8b:89:49:6e:1d:01:b2:81:68:e5:54:
07:62:22:33:8f:ca:65:43:e5:26:e3:54:40:5f:80:
64:06:77:a5:ba:50:91:c8:66:9f:5c:9b:8d:15:7a:
46:44:1e:27:ad:2a:fc:c1:e5:30:cc:a5:39:ab:6b:
cb:58:1c:6b:4c:0f:1b:f8:32:84:4f:32:b7:4e:8e:
a5:57:98:7a:6d:a2:03:8d:fe:30:65:c3:32:57:ca:
b9:65:b5:2f:4a:27:4f:55:1f:0d:1b:49:34:24:49:
b6:fb:10:1c:73:51:64:a5:0b:68:40:c0:ef:29:2f:
55:53:cf:54:d5:78:ce:0e:9f:14:cc:f7:56:d9:33:
48:a2:60:ca:b7:b4:eb:39:2f:9c:7d:0d:6c:78:9c:
b1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D0:F3:5D:DB:5D:B9:17:C1:0F:B8:DB:94:DA:0A:33:AB:99:5D:2C
X509v3 Authority Key Identifier:
keyid:EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/A9DzXdtduRfBD7jblNoKM6uZXSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/6hIZKS2GypY5e4qL0k4IsaiXwaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.0.0-149.232.159.255
Signature Algorithm: sha256WithRSAEncryption
00:b0:30:71:c9:5e:40:15:1b:5c:d5:d7:5e:26:7c:5c:7c:4c:
46:75:d8:c7:5b:65:36:ad:62:77:70:f2:37:ca:d9:06:ee:b1:
d8:34:cf:32:85:e9:52:d9:78:3e:a7:1e:7b:7e:69:39:bf:b7:
1f:fd:23:ea:47:4a:2d:99:85:8b:37:dc:81:71:7e:49:02:68:
a1:4d:42:67:4b:12:12:10:87:a6:6d:72:ee:ca:c0:f0:da:3b:
b3:43:c6:bd:96:cf:ff:6d:88:d2:9d:d2:56:6f:e4:21:ab:e3:
60:93:e3:25:a6:20:35:45:45:1c:64:c3:26:1e:0e:0b:bd:7d:
d1:95:c8:90:ad:56:23:ab:5c:63:78:4e:aa:de:d7:95:30:43:
c6:be:0c:d5:5f:db:df:e8:35:50:7d:1b:4a:c5:a4:b3:b0:26:
ef:63:8d:27:4a:18:54:34:af:c0:c3:53:4b:30:a5:f6:76:c3:
b6:c7:c0:fb:e2:04:7f:52:fb:b1:a4:49:6d:f9:4e:63:05:7f:
7c:23:af:81:fa:bf:33:a1:5a:f4:80:18:9e:46:22:ec:07:b4:
4f:52:e3:14:cc:65:d9:c6:68:b6:99:bc:ca:22:3a:06:bb:0b:
cc:0c:dc:56:22:f9:8e:1d:1d:58:d0:cc:7c:96:db:f2:5b:77:
07:2e:6c:a2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVxJ3ymXgu4tGWf4SKhh3DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMTIxOTI5MmQ4NmNhOTYzOTdiOGE4YmQyNGUwOGIxYTg5
N2MxYTMwHhcNMjMwMTAyMDYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QwZjM1ZGRiNWRiOTE3YzEwZmI4ZGI5NGRhMGEzM2FiOTk1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMpGQhF+RStw6xxkC7x7rhMPgZS6
aGZoCCiksnIslrxqZxoUrhZ7d+00kXK5/EhoQt03f5SCMgWJJYAZUpVKj1conYtW
tBRxfS795pHLb3YBIeIrTU7pnIgrVftALneUMFQG89ncA0FFSQLhi4lJbh0BsoFo
5VQHYiIzj8plQ+Um41RAX4BkBnelulCRyGafXJuNFXpGRB4nrSr8weUwzKU5q2vL
WBxrTA8b+DKETzK3To6lV5h6baIDjf4wZcMyV8q5ZbUvSidPVR8NG0k0JEm2+xAc
c1FkpQtoQMDvKS9VU89U1XjODp8UzPdW2TNIomDKt7TrOS+cfQ1seJyxFwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFAPQ813bXbkXwQ+425TaCjOrmV0sMB8GA1UdIwQY
MBaAFOoSGSkthsqWOXuKi9JOCLGol8GjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUt
Yzk4YTFiZGU2NDc2LzEvQTlEelhkdGR1UmZCRDdqYmxOb0tNNnVaWFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUtYzk4YTFiZGU2NDc2
LzEvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwOV6AME
BZXogDANBgkqhkiG9w0BAQsFAAOCAQEAALAwccleQBUbXNXXXiZ8XHxMRnXYx1tl
Nq1id3DyN8rZBu6x2DTPMoXpUtl4Pqcee35pOb+3H/0j6kdKLZmFizfcgXF+SQJo
oU1CZ0sSEhCHpm1y7srA8No7s0PGvZbP/22I0p3SVm/kIavjYJPjJaYgNUVFHGTD
Jh4OC7190ZXIkK1WI6tcY3hOqt7XlTBDxr4M1V/b3+g1UH0bSsWks7Am72ONJ0oY
VDSvwMNTSzCl9nbDtsfA++IEf1L7saRJbflOYwV/fCOvgfq/M6Fa9IAYnkYi7Ae0
T1LjFMxl2cZotpm8yiI6BrsLzAzcViL5jh0dWNDMfJbb8lt3By5sog==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net