Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/HABQwzneCwdUZWVTxxPUIgg51bw.roa
File: HABQwzneCwdUZWVTxxPUIgg51bw.roa (raw, json)
Hash identifier: +qQJl83XonrOB21lI5XZtjYpv2eUwEXgIdEf8unbQgM=
Subject key identifier: 1C:00:50:C3:39:DE:0B:07:54:65:65:53:C7:13:D4:22:08:39:D5:BC
Certificate issuer: /CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Certificate serial: 073ADC12
Authority key identifier: EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/HABQwzneCwdUZWVTxxPUIgg51bw.roa
Signing time: Sat 01 Jan 2022 13:57:00 +0000
ROA not before: Sat 01 Jan 2022 13:57:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15763
IP address blocks: 149.232.192.0/19 maxlen: 19
149.232.0.0/17 maxlen: 17
149.232.224.0/20 maxlen: 20
149.232.240.0/22 maxlen: 22
149.232.128.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121297938 (0x73adc12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Validity
Not Before: Jan 1 13:57:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c0050c339de0b0754656553c713d4220839d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:92:c9:c9:d0:95:aa:dd:e0:6e:bf:6a:a4:1c:
42:b5:a4:c1:aa:65:ff:31:6e:3e:e7:23:6a:a8:f2:
46:6e:53:11:86:47:40:75:8b:ac:a1:c8:71:d2:58:
fb:2a:91:10:84:59:f0:03:4f:66:1f:be:5a:6f:0e:
7a:7d:65:3c:75:99:60:1f:63:f6:98:84:72:58:6a:
44:30:e7:eb:f0:c0:dc:83:30:87:98:58:00:52:ea:
35:d1:f3:25:b2:e1:15:6d:2e:cf:e9:1f:e6:f5:7f:
bd:21:2f:53:a6:c9:5b:77:b0:7c:9f:e9:39:da:d2:
fb:81:d3:8e:23:42:f3:04:76:6e:a5:de:04:9c:e6:
20:74:72:a8:23:85:e8:c6:cf:26:7c:bb:a2:2b:9e:
02:88:7f:0f:04:cd:e5:d1:63:95:55:49:dd:bb:8b:
14:cc:2f:12:75:18:90:44:4e:81:e0:8d:01:cb:3f:
6a:b4:9a:08:0c:f6:2c:58:03:46:b1:55:6e:30:de:
6a:f9:08:71:e1:d0:c0:c1:35:cd:53:be:66:ad:d6:
27:dd:40:a0:38:76:9c:1b:a7:c9:56:81:bc:e8:af:
a0:54:c8:5d:f6:03:3e:b2:33:43:08:86:ac:d4:d1:
9f:aa:e1:d7:3a:6f:6f:2e:49:3b:31:21:ca:a2:cf:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:00:50:C3:39:DE:0B:07:54:65:65:53:C7:13:D4:22:08:39:D5:BC
X509v3 Authority Key Identifier:
keyid:EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/HABQwzneCwdUZWVTxxPUIgg51bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/6hIZKS2GypY5e4qL0k4IsaiXwaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.0.0-149.232.243.255
Signature Algorithm: sha256WithRSAEncryption
61:08:56:8d:4e:e3:7f:e1:6d:ba:12:d6:43:59:11:9d:4a:cf:
4a:fa:4d:d7:20:db:18:61:4f:b7:9f:f8:c5:7f:cf:bd:81:d3:
80:33:37:11:48:9c:60:58:87:2d:35:49:7a:51:2f:b8:44:84:
51:a6:5c:41:b6:bf:3d:78:9a:a9:65:1d:66:f5:e8:f4:28:2e:
fc:80:c5:f9:e7:97:1a:83:ac:9e:35:03:fe:36:b8:d4:ef:6b:
ac:b9:e0:21:d6:70:ed:73:be:50:28:92:b9:3a:62:4a:86:b2:
86:1b:db:bc:59:5b:99:e2:91:4b:5d:99:44:d6:2d:ca:fb:78:
e9:9e:09:2f:10:60:60:a8:48:75:ad:65:47:ef:4f:c6:30:4d:
46:2d:80:b7:e2:46:88:86:b4:b0:08:5a:0b:76:3a:37:41:17:
e0:82:83:aa:c6:8b:89:53:67:6f:fe:0c:e2:fc:29:de:92:d3:
ee:f7:95:48:f1:38:6a:52:e2:04:93:6a:6e:bb:9f:76:24:ca:
94:96:58:7f:22:28:c4:48:ca:be:8d:b6:28:77:b1:3c:c1:03:
23:84:e0:82:17:6c:12:d2:42:d3:1b:80:a6:8e:01:05:6f:ae:
6b:63:9d:8a:9b:11:c4:d2:b0:92:11:da:e4:a9:18:29:f1:23:
a2:b7:58:43
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEBzrcEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTEyMTkyOTJkODZjYTk2Mzk3YjhhOGJkMjRlMDhiMWE4OTdjMWEzMB4XDTIyMDEw
MTEzNTcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMwMDUwYzMzOWRl
MGIwNzU0NjU2NTUzYzcxM2Q0MjIwODM5ZDViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOSycnQlard4G6/aqQcQrWkwapl/zFuPucjaqjyRm5TEYZH
QHWLrKHIcdJY+yqREIRZ8ANPZh++Wm8Oen1lPHWZYB9j9piEclhqRDDn6/DA3IMw
h5hYAFLqNdHzJbLhFW0uz+kf5vV/vSEvU6bJW3ewfJ/pOdrS+4HTjiNC8wR2bqXe
BJzmIHRyqCOF6MbPJny7oiueAoh/DwTN5dFjlVVJ3buLFMwvEnUYkEROgeCNAcs/
arSaCAz2LFgDRrFVbjDeavkIceHQwME1zVO+Zq3WJ91AoDh2nBunyVaBvOivoFTI
XfYDPrIzQwiGrNTRn6rh1zpvby5JOzEhyqLPxq0CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBQcAFDDOd4LB1RlZVPHE9QiCDnVvDAfBgNVHSMEGDAWgBTqEhkpLYbKljl7
iovSTgixqJfBozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZoSVpLUzJHeXBZNWU0cUwwazRJc2FpWHdhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvY2JiMmU0LTg4YzMtNGNjMC05Njc1LWM5OGExYmRlNjQ3Ni8x
L0hBQlF3em5lQ3dkVVpXVlR4eFBVSWdnNTFidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
Y2JiMmU0LTg4YzMtNGNjMC05Njc1LWM5OGExYmRlNjQ3Ni8xLzZoSVpLUzJHeXBZ
NWU0cUwwazRJc2FpWHdhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAm
BggrBgEFBQcBBwEB/wQXMBUwEwQCAAEwDTALAwMDlegDBAKV6PAwDQYJKoZIhvcN
AQELBQADggEBAGEIVo1O43/hbboS1kNZEZ1Kz0r6Tdcg2xhhT7ef+MV/z72B04Az
NxFInGBYhy01SXpRL7hEhFGmXEG2vz14mqllHWb16PQoLvyAxfnnlxqDrJ41A/42
uNTva6y54CHWcO1zvlAokrk6YkqGsoYb27xZW5nikUtdmUTWLcr7eOmeCS8QYGCo
SHWtZUfvT8YwTUYtgLfiRoiGtLAIWgt2OjdBF+CCg6rGi4lTZ2/+DOL8Kd6S0+73
lUjxOGpS4gSTam67n3YkypSWWH8iKMRIyr6Ntih3sTzBAyOE4IIXbBLSQtMbgKaO
AQVvrmtjnYqbEcTSsJIR2uSpGCnxI6K3WEM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net