Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/QWHtbx1jUjhTspCilxk9wv7_wV0.roa
File: QWHtbx1jUjhTspCilxk9wv7_wV0.roa (raw, json)
Hash identifier: 8mUOy6JdOATW5sYbkg9gPvQDlY2pHPLiTS+A6OGPlGQ=
Subject key identifier: 41:61:ED:6F:1D:63:52:38:53:B2:90:A2:97:19:3D:C2:FE:FF:C1:5D
Certificate issuer: /CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Certificate serial: 018570306A8DBC6E60F08AEEDF8A47D01E3E
Authority key identifier: 2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/QWHtbx1jUjhTspCilxk9wv7_wV0.roa
Signing time: Mon 02 Jan 2023 01:54:59 +0000
ROA not before: Mon 02 Jan 2023 01:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35830
IP address blocks: 37.44.254.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6a:8d:bc:6e:60:f0:8a:ee:df:8a:47:d0:1e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Validity
Not Before: Jan 2 01:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4161ed6f1d63523853b290a297193dc2feffc15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:5b:35:e2:73:ee:2e:48:0f:db:4a:53:6a:
eb:c4:f7:9a:66:30:00:06:f4:20:4d:3a:e9:c9:ac:
c3:b4:4e:12:c6:2d:ac:ae:41:ed:a6:7a:10:9d:c7:
50:54:31:00:b7:22:9c:be:a2:71:95:c3:57:95:a7:
44:b0:7d:c8:9b:e3:ba:2e:bc:71:50:d7:f4:40:9a:
5e:17:39:65:0a:c0:2d:4c:66:bb:ae:4b:54:31:f0:
73:50:93:a0:09:46:a6:92:bc:8d:cc:8b:2e:f1:dc:
b9:18:85:7c:6e:fc:97:16:c1:5a:d6:53:66:11:f2:
5a:f5:ae:de:95:dd:f5:8b:ff:09:6f:c6:51:e5:f7:
5b:0b:61:52:0f:44:8b:98:e0:a1:5f:53:c6:bd:e1:
77:55:60:d8:93:6c:49:fa:9c:e9:9a:7e:bd:52:61:
c5:2e:d3:6e:f0:f5:fb:fe:c5:ca:74:66:f0:c5:4a:
d8:8f:86:cb:f0:30:f8:9b:0a:92:1d:29:6d:e0:90:
0f:49:37:52:05:85:eb:0c:be:34:59:9e:21:f2:0a:
a4:09:20:d5:af:a6:22:7d:cc:16:39:a9:2d:34:ff:
13:b7:eb:41:7e:ea:2d:3d:37:6c:e4:f9:8b:95:59:
42:c3:cb:4c:04:d5:a6:1e:f8:d1:ee:41:cd:60:bd:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:61:ED:6F:1D:63:52:38:53:B2:90:A2:97:19:3D:C2:FE:FF:C1:5D
X509v3 Authority Key Identifier:
keyid:2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/QWHtbx1jUjhTspCilxk9wv7_wV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.254.0/23
Signature Algorithm: sha256WithRSAEncryption
06:19:57:3a:3c:6d:81:eb:4b:e7:03:c8:18:8c:0d:a3:1e:a6:
81:e5:58:39:a5:3d:b6:1e:32:26:01:e1:05:af:a4:f4:56:4c:
2c:f4:f0:3c:ee:0d:e9:88:78:47:05:3d:9b:04:73:01:45:83:
a1:7c:f7:48:84:58:da:e0:19:7c:a4:49:d2:1e:62:64:37:bc:
5a:2f:a4:0f:c4:92:c9:da:34:1c:5f:f7:99:8f:8f:26:0d:be:
e2:80:05:ed:8a:b2:3d:42:f0:fa:2e:86:58:ed:3b:65:ac:05:
fc:00:20:1f:a9:1a:9b:31:9b:e0:90:2e:30:2c:3d:4a:20:63:
4c:98:65:1f:5f:ec:40:05:1e:04:6b:0a:f4:bc:59:f2:9e:36:
af:40:c7:ba:db:d0:b2:5d:84:11:5e:61:ee:f8:5c:69:c0:22:
dd:53:c1:1f:49:e0:59:48:aa:c3:58:a6:e4:d9:36:1f:13:cb:
2e:3a:a0:32:f4:2e:0f:98:ba:67:16:79:13:38:2c:d5:ab:be:
76:60:64:71:45:40:c8:dd:7f:c3:b4:b5:2c:18:fc:05:fd:01:
31:d7:c3:89:c5:c7:a1:5b:9c:27:af:04:2e:76:20:c7:64:c7:
be:5e:b1:18:26:64:50:d9:82:0f:ab:14:b5:1b:36:36:49:5f:
4f:c9:91:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGqNvG5g8Iru34pH0B4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDk1MTZkYjk0MTc5NTJkZWRkOTI1MmZlNWQ4M2YwOWEz
ZDk5ZjUwHhcNMjMwMTAyMDE1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTYxZWQ2ZjFkNjM1MjM4NTNiMjkwYTI5NzE5M2RjMmZlZmZjMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI9bNeJz7i5ID9tKU2rrxPeaZjAA
BvQgTTrpyazDtE4Sxi2srkHtpnoQncdQVDEAtyKcvqJxlcNXladEsH3Im+O6Lrxx
UNf0QJpeFzllCsAtTGa7rktUMfBzUJOgCUamkryNzIsu8dy5GIV8bvyXFsFa1lNm
EfJa9a7eld31i/8Jb8ZR5fdbC2FSD0SLmOChX1PGveF3VWDYk2xJ+pzpmn69UmHF
LtNu8PX7/sXKdGbwxUrYj4bL8DD4mwqSHSlt4JAPSTdSBYXrDL40WZ4h8gqkCSDV
r6YifcwWOaktNP8Tt+tBfuotPTds5PmLlVlCw8tMBNWmHvjR7kHNYL3EqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFh7W8dY1I4U7KQopcZPcL+/8FdMB8GA1UdIwQY
MBaAFCzZUW25QXlS3t2SUv5dg/CaPZn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEt
YzAwNDU0ZTBiMTJhLzEvUVdIdGJ4MWpVamhUc3BDaWx4azl3djdfd1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEtYzAwNDU0ZTBiMTJh
LzEvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJSz+MA0G
CSqGSIb3DQEBCwUAA4IBAQAGGVc6PG2B60vnA8gYjA2jHqaB5Vg5pT22HjImAeEF
r6T0Vkws9PA87g3piHhHBT2bBHMBRYOhfPdIhFja4Bl8pEnSHmJkN7xaL6QPxJLJ
2jQcX/eZj48mDb7igAXtirI9QvD6LoZY7TtlrAX8ACAfqRqbMZvgkC4wLD1KIGNM
mGUfX+xABR4Eawr0vFnynjavQMe629CyXYQRXmHu+FxpwCLdU8EfSeBZSKrDWKbk
2TYfE8suOqAy9C4PmLpnFnkTOCzVq752YGRxRUDI3X/DtLUsGPwF/QEx18OJxceh
W5wnrwQudiDHZMe+XrEYJmRQ2YIPqxS1GzY2SV9PyZHv
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net