Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/J_zllGxklRhJaUTEe6FEDWbTJzc.roa
File: J_zllGxklRhJaUTEe6FEDWbTJzc.roa (raw, json)
Hash identifier: bS68KtT8xQkLzM210isHNtai+4FALxTYyJmjvWEIW1g=
Subject key identifier: 27:FC:E5:94:6C:64:95:18:49:69:44:C4:7B:A1:44:0D:66:D3:27:37
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 3496B801
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/J_zllGxklRhJaUTEe6FEDWbTJzc.roa
Signing time: Sat 01 Jan 2022 08:58:03 +0000
ROA not before: Sat 01 Jan 2022 08:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3491
IP address blocks: 213.248.118.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882292737 (0x3496b801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 08:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27fce5946c649518496944c47ba1440d66d32737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:97:84:40:22:89:11:ea:6f:24:e7:03:73:21:
94:c7:4e:30:f5:7b:66:ce:7e:5a:19:b5:ad:2b:2e:
b3:6c:d0:a3:05:18:f9:ea:06:0b:81:45:73:fb:2b:
40:3a:49:40:1d:08:04:f6:e9:c4:2d:3c:f8:a7:f2:
45:90:33:40:d6:58:da:d5:e9:5b:68:84:e3:5d:a8:
cb:b5:be:c8:c3:f5:a7:84:f7:b5:36:a9:6f:db:17:
d2:6a:a1:32:9c:35:bd:a3:cf:93:5a:42:15:8c:c9:
40:e1:33:90:13:61:b9:fb:ff:ee:35:92:c2:60:77:
8e:47:31:f1:a9:0e:37:e8:24:27:53:80:9f:87:08:
5c:5b:5e:1a:27:1e:b5:37:9a:06:b9:a0:c0:0c:54:
fc:b0:27:46:64:95:e1:3d:b0:8a:56:21:78:48:3a:
27:ce:78:e9:9a:4a:43:12:13:81:f2:76:68:43:ed:
a4:a1:39:a6:f3:55:8b:d1:2e:7f:57:bb:b9:20:8b:
e6:28:25:5b:16:4b:c0:0f:56:32:b1:c4:01:31:97:
f0:fc:92:6b:4b:b5:6b:51:0a:75:43:39:a7:ef:29:
9b:1c:a5:cb:fe:27:8e:19:92:a5:aa:03:d2:00:96:
74:0c:65:07:f1:cf:4f:ed:af:a9:41:0f:65:3c:d1:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FC:E5:94:6C:64:95:18:49:69:44:C4:7B:A1:44:0D:66:D3:27:37
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/J_zllGxklRhJaUTEe6FEDWbTJzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.118.0/23
Signature Algorithm: sha256WithRSAEncryption
07:7f:8a:14:e0:3b:a9:b3:27:0e:bf:1b:a1:b6:52:8c:3e:ed:
2d:b0:c0:02:e5:7e:3b:7f:8a:6a:0b:92:2a:4e:8e:1d:3d:a9:
66:71:9f:37:48:7f:ae:27:17:3a:b2:d6:2d:5a:90:c2:14:4f:
3b:33:d8:0e:12:b7:de:3e:f2:22:94:e8:59:43:80:0b:b7:25:
5e:7e:38:e3:0b:0e:c2:55:ac:e6:2d:5a:62:89:ec:28:9a:6a:
b0:22:d1:c1:cf:82:09:dd:a1:2c:e4:0a:a5:21:62:22:4f:d3:
95:90:8f:03:65:a5:57:b0:ca:0b:01:84:48:eb:15:08:f5:59:
57:1c:b4:53:b4:62:79:b9:30:60:ae:e6:5e:7a:81:72:aa:b3:
d7:1c:74:65:69:46:44:67:b3:1e:02:d7:65:2c:19:9e:df:22:
90:95:da:44:34:20:00:d5:fd:ae:ca:12:c3:eb:cf:a6:bd:31:
6d:7e:79:64:66:b2:65:f6:27:34:ec:97:92:9d:96:f6:b5:f3:
7f:fc:33:56:7e:dd:15:b4:e1:86:23:1a:fc:df:5b:3f:d4:ca:
f4:d2:72:45:40:ac:5d:cf:74:fe:2e:67:07:cf:bb:ca:00:3e:
3d:1a:be:5b:4a:9f:af:c7:70:71:04:46:e6:62:f2:0a:a1:57:
4d:0e:7d:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENJa4ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmE1YjFjMDlhYTMxZjY3MTNjNjFiMzJlNTU4MTA5ZTQ3OTY2ZDQyMB4XDTIyMDEw
MTA4NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdmY2U1OTQ2YzY0
OTUxODQ5Njk0NGM0N2JhMTQ0MGQ2NmQzMjczNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmXhEAiiRHqbyTnA3MhlMdOMPV7Zs5+Whm1rSsus2zQowUY
+eoGC4FFc/srQDpJQB0IBPbpxC08+KfyRZAzQNZY2tXpW2iE412oy7W+yMP1p4T3
tTapb9sX0mqhMpw1vaPPk1pCFYzJQOEzkBNhufv/7jWSwmB3jkcx8akON+gkJ1OA
n4cIXFteGicetTeaBrmgwAxU/LAnRmSV4T2wilYheEg6J8546ZpKQxITgfJ2aEPt
pKE5pvNVi9Euf1e7uSCL5iglWxZLwA9WMrHEATGX8PySa0u1a1EKdUM5p+8pmxyl
y/4njhmSpaoD0gCWdAxlB/HPT+2vqUEPZTzRAxMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQn/OWUbGSVGElpRMR7oUQNZtMnNzAfBgNVHSMEGDAWgBQ7pbHAmqMfZxPG
GzLlWBCeR5ZtQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L082V3h3SnFqSDJjVHhoc3k1VmdRbmtlV2JVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8x
L0pfemxsR3hrbFJoSmFVVEVlNkZFRFdiVEp6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8xL082V3h3SnFqSDJj
VHhoc3k1VmdRbmtlV2JVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdX4djANBgkqhkiG9w0BAQsFAAOC
AQEAB3+KFOA7qbMnDr8bobZSjD7tLbDAAuV+O3+KaguSKk6OHT2pZnGfN0h/ricX
OrLWLVqQwhRPOzPYDhK33j7yIpToWUOAC7clXn444wsOwlWs5i1aYonsKJpqsCLR
wc+CCd2hLOQKpSFiIk/TlZCPA2WlV7DKCwGESOsVCPVZVxy0U7RiebkwYK7mXnqB
cqqz1xx0ZWlGRGezHgLXZSwZnt8ikJXaRDQgANX9rsoSw+vPpr0xbX55ZGayZfYn
NOyXkp2W9rXzf/wzVn7dFbThhiMa/N9bP9TK9NJyRUCsXc90/i5nB8+7ygA+PRq+
W0qfr8dwcQRG5mLyCqFXTQ59eg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net