Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/BqJZVBXhYCeT8k7OE5003hIc8dI.roa
File: BqJZVBXhYCeT8k7OE5003hIc8dI.roa (raw, json)
Hash identifier: SaWtdUC9rcWslrJSgW/rgBo/OY15AdGbeVTMNPZwHVI=
Subject key identifier: 06:A2:59:54:15:E1:60:27:93:F2:4E:CE:13:9D:34:DE:12:1C:F1:D2
Certificate issuer: /CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Certificate serial: 01840DEABB10B0866A794CDD3232B4E584AE
Authority key identifier: 2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/BqJZVBXhYCeT8k7OE5003hIc8dI.roa
Signing time: Tue 25 Oct 2022 06:53:17 +0000
ROA not before: Tue 25 Oct 2022 06:53:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41022
IP address blocks: 185.195.241.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:ea:bb:10:b0:86:6a:79:4c:dd:32:32:b4:e5:84:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Validity
Not Before: Oct 25 06:53:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06a2595415e1602793f24ece139d34de121cf1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d8:29:57:49:03:00:41:e2:92:8e:b6:55:2e:
73:e6:cb:05:09:7e:5c:9a:2c:c9:1c:bb:2a:02:d6:
f7:9e:ed:33:3f:d2:d8:e6:28:22:c6:63:c4:e8:98:
e1:0c:34:41:fc:1d:bb:b2:fe:7e:f6:1b:ee:b6:de:
67:96:fc:1e:90:c7:84:5b:4e:d6:dd:f9:57:05:a0:
1c:66:f0:0f:98:ce:23:2c:02:e7:ff:93:63:4c:0b:
ab:ac:de:b0:51:52:af:c1:0d:ef:85:72:11:c4:f9:
b7:b1:c3:cf:d3:b5:34:20:6a:72:1e:23:3c:1c:dd:
a2:43:90:6d:d1:47:16:5c:c9:21:7c:73:ec:7f:11:
42:c4:78:5c:56:55:a1:96:39:e0:88:a8:ee:cb:8b:
ef:33:e6:84:36:62:18:91:1a:ad:a5:d9:39:52:ff:
ee:0a:c6:02:af:1c:46:25:98:a2:51:cb:bc:e5:00:
85:ef:be:6f:4a:95:cd:5c:c9:75:70:e4:c3:3f:40:
ca:0e:86:c5:33:02:ac:4c:a9:89:a5:a6:78:20:b0:
9c:69:51:8d:94:2a:d3:4d:d7:0d:ff:e7:8e:58:04:
ba:34:1b:c8:d8:7d:8b:1c:88:38:61:ba:c5:e5:fa:
74:12:b5:bb:bd:d6:7c:2d:55:23:ea:38:15:4c:81:
e0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A2:59:54:15:E1:60:27:93:F2:4E:CE:13:9D:34:DE:12:1C:F1:D2
X509v3 Authority Key Identifier:
keyid:2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/BqJZVBXhYCeT8k7OE5003hIc8dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.241.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:44:f9:f5:0b:d0:af:2a:cb:7b:75:5a:13:cf:7b:56:11:cf:
66:70:42:39:b6:31:e7:65:9c:16:c0:93:a4:56:6f:7e:8e:73:
77:47:5f:a8:a8:9b:3a:2c:21:31:c5:9c:46:e7:0a:fa:aa:11:
a3:1d:76:64:4b:a1:a0:3b:84:26:94:a9:39:c8:e1:06:1c:f2:
ac:4c:17:5a:20:fb:8f:1a:c1:ea:6e:89:64:18:7b:90:86:65:
c9:dd:03:7e:ac:34:1a:e0:a1:00:5e:43:d7:a4:e4:0c:e2:10:
a7:e7:c1:05:ce:95:09:85:c5:a1:46:d0:19:25:cd:0c:92:70:
bd:54:e2:85:ec:67:2e:c2:8d:fd:c8:32:c9:ce:53:d5:76:8b:
ed:6c:00:b3:a9:7f:6b:9f:b8:66:a9:35:16:8f:eb:54:0c:58:
e1:55:95:4e:75:6e:89:8c:08:93:f1:39:47:e6:7c:47:77:7e:
8d:27:49:ef:7c:ce:48:82:60:15:49:85:55:2e:a6:a1:a2:4b:
4c:a6:d8:61:94:97:dd:1f:e0:d2:e1:79:dd:c2:ac:47:6b:9d:
ff:75:a2:87:5c:84:a4:4e:44:52:2f:f1:3b:cb:29:c1:06:9a:
34:0d:6b:b5:27:ea:da:44:d2:da:3d:02:59:e3:54:e1:9a:fd:
e7:f2:9d:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQN6rsQsIZqeUzdMjK05YSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDk1MTZkYjk0MTc5NTJkZWRkOTI1MmZlNWQ4M2YwOWEz
ZDk5ZjUwHhcNMjIxMDI1MDY1MzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmEyNTk1NDE1ZTE2MDI3OTNmMjRlY2UxMzlkMzRkZTEyMWNmMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNgpV0kDAEHiko62VS5z5ssFCX5c
mizJHLsqAtb3nu0zP9LY5igixmPE6JjhDDRB/B27sv5+9hvutt5nlvwekMeEW07W
3flXBaAcZvAPmM4jLALn/5NjTAurrN6wUVKvwQ3vhXIRxPm3scPP07U0IGpyHiM8
HN2iQ5Bt0UcWXMkhfHPsfxFCxHhcVlWhljngiKjuy4vvM+aENmIYkRqtpdk5Uv/u
CsYCrxxGJZiiUcu85QCF775vSpXNXMl1cOTDP0DKDobFMwKsTKmJpaZ4ILCcaVGN
lCrTTdcN/+eOWAS6NBvI2H2LHIg4YbrF5fp0ErW7vdZ8LVUj6jgVTIHgjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaiWVQV4WAnk/JOzhOdNN4SHPHSMB8GA1UdIwQY
MBaAFCzZUW25QXlS3t2SUv5dg/CaPZn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEt
YzAwNDU0ZTBiMTJhLzEvQnFKWlZCWGhZQ2VUOGs3T0U1MDAzaEljOGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEtYzAwNDU0ZTBiMTJh
LzEvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucPxMA0G
CSqGSIb3DQEBCwUAA4IBAQCMRPn1C9CvKst7dVoTz3tWEc9mcEI5tjHnZZwWwJOk
Vm9+jnN3R1+oqJs6LCExxZxG5wr6qhGjHXZkS6GgO4QmlKk5yOEGHPKsTBdaIPuP
GsHqbolkGHuQhmXJ3QN+rDQa4KEAXkPXpOQM4hCn58EFzpUJhcWhRtAZJc0MknC9
VOKF7Gcuwo39yDLJzlPVdovtbACzqX9rn7hmqTUWj+tUDFjhVZVOdW6JjAiT8TlH
5nxHd36NJ0nvfM5IgmAVSYVVLqahoktMpthhlJfdH+DS4XndwqxHa53/daKHXISk
TkRSL/E7yynBBpo0DWu1J+raRNLaPQJZ41Thmv3n8p1m
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net