Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/1-zm8Td7EG8KcTJsC-S2ujEskr3s.roa
File: 1-zm8Td7EG8KcTJsC-S2ujEskr3s.roa (raw, json)
Hash identifier: cmMwNUCUabuhV4pF2XnvziX/soiqJs3oBVFMOOg5axg=
Subject key identifier: FB:39:BC:4D:DE:C4:1B:C2:9C:4C:9B:02:F9:2D:AE:8C:4B:24:AF:7B
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 0254971D
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/1-zm8Td7EG8KcTJsC-S2ujEskr3s.roa
Signing time: Sat 01 Jan 2022 14:08:29 +0000
ROA not before: Sat 01 Jan 2022 14:08:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202513
IP address blocks: 45.141.252.0/23 maxlen: 24
193.38.226.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39098141 (0x254971d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Jan 1 14:08:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb39bc4ddec41bc29c4c9b02f92dae8c4b24af7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:cf:99:57:6f:74:b7:17:de:44:79:86:7d:
cc:a7:7e:f2:b9:eb:10:45:e0:30:1a:fc:4e:2e:ba:
c2:f3:81:6e:d6:ff:df:07:b5:d8:63:8e:1d:1c:a0:
67:1b:c8:dc:12:80:b1:6f:3f:4b:c5:b9:bf:a7:b7:
87:2f:68:11:1b:59:1b:87:74:c3:ef:ab:5c:07:14:
14:4f:d7:09:7c:ac:a9:0d:ae:87:ac:3e:82:46:93:
4a:31:21:2b:f8:35:ae:ca:5a:b5:37:90:66:5d:47:
cd:1c:10:d0:00:2c:d5:76:1a:69:2d:79:0d:83:f1:
ef:bf:52:75:f8:0f:17:7f:0f:a3:b3:22:8f:4e:4d:
d6:e4:a2:52:5a:95:b7:24:d1:e8:2d:b6:53:9a:a1:
a0:d7:77:cd:50:93:36:45:9c:5a:8d:fc:bf:dc:d3:
d5:b2:60:59:d1:25:9b:cf:97:5e:f7:5b:73:05:6e:
80:bb:7f:4c:cc:c3:88:49:ad:4a:d0:8d:0e:e4:7b:
13:bf:e9:8e:28:8f:8e:dc:fc:a9:8c:08:7d:e5:89:
ce:d3:1b:c9:ce:98:e5:c7:7e:6b:89:27:38:87:f9:
f4:39:3f:14:9c:8c:71:21:5f:0b:59:ae:a2:e0:72:
c8:4d:cd:5b:0b:1d:c7:90:33:fc:33:6e:07:5f:41:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:39:BC:4D:DE:C4:1B:C2:9C:4C:9B:02:F9:2D:AE:8C:4B:24:AF:7B
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/1-zm8Td7EG8KcTJsC-S2ujEskr3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.252.0/23
193.38.226.0/23
Signature Algorithm: sha256WithRSAEncryption
19:f4:b0:59:79:6e:3b:94:2d:f5:f3:98:3c:28:2f:22:4a:d7:
f1:d5:a9:4f:0e:4a:ed:ad:86:b3:ee:b2:02:a0:fb:f2:94:fe:
2d:97:d0:ca:9e:60:2b:57:64:47:e5:11:a0:53:73:6e:d7:5c:
13:86:f5:de:84:e8:48:ad:58:7e:b7:70:ce:32:ac:ba:5b:15:
06:21:43:18:2e:44:91:67:86:dd:77:fa:3f:41:7e:8c:c4:48:
02:d1:e8:80:51:07:39:71:97:70:a7:45:2f:f8:d0:52:70:60:
02:2f:26:f6:57:f3:17:ba:92:5b:a3:9e:75:59:d1:88:c4:bb:
76:6b:e2:10:32:02:1a:5d:67:35:a4:c8:b7:f4:91:b2:9e:64:
35:9a:6f:f4:ff:77:62:82:3f:6c:4b:63:b8:bf:5d:f5:76:92:
d1:ea:66:89:65:1f:27:f7:ab:e1:f0:0e:a6:d1:73:c7:19:d1:
83:34:ca:9b:0c:44:b7:92:aa:34:5c:ea:cd:9a:ab:be:92:aa:
bf:b8:7a:ba:c1:35:7c:2f:75:73:6f:ca:f1:51:be:49:01:2b:
68:e7:9e:aa:7a:d3:58:c1:13:11:3b:4f:79:73:67:39:09:28:
4f:92:3d:92:82:1a:d9:cf:74:1a:3f:af:c7:23:2b:0d:c0:b4:
96:01:4b:fa
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEAlSXHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmM3OGVlZWY3YWNiNDUxZmMzNzU3NWZlYjkxMTRkZmNjYzFjZGZiMB4XDTIyMDEw
MTE0MDgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIzOWJjNGRkZWM0
MWJjMjljNGM5YjAyZjkyZGFlOGM0YjI0YWY3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyCz5lXb3S3F95EeYZ9zKd+8rnrEEXgMBr8Ti66wvOBbtb/
3we12GOOHRygZxvI3BKAsW8/S8W5v6e3hy9oERtZG4d0w++rXAcUFE/XCXysqQ2u
h6w+gkaTSjEhK/g1rspatTeQZl1HzRwQ0AAs1XYaaS15DYPx779SdfgPF38Po7Mi
j05N1uSiUlqVtyTR6C22U5qhoNd3zVCTNkWcWo38v9zT1bJgWdElm8+XXvdbcwVu
gLt/TMzDiEmtStCNDuR7E7/pjiiPjtz8qYwIfeWJztMbyc6Y5cd+a4knOIf59Dk/
FJyMcSFfC1muouByyE3NWwsdx5Az/DNuB19BBrkCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT7ObxN3sQbwpxMmwL5La6MSySvezAfBgNVHSMEGDAWgBQyx47u96y0Ufw3
V1/rkRTfzMHN+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01zZU83dmVzdEZIOE4xZGY2NUVVMzh6Qnpmcy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMjI1YmNiLTZkM2QtNGMwZS04MjRmLTJmMWM4ZTQwOGI2NC8x
LzEtem04VGQ3RUc4S2NUSnNDLVMydWpFc2tyM3Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0
LzIyNWJjYi02ZDNkLTRjMGUtODI0Zi0yZjFjOGU0MDhiNjQvMS9Nc2VPN3Zlc3RG
SDhOMWRmNjVFVTM4ekJ6ZnMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAEtjfwDBAHBJuIwDQYJKoZIhvcN
AQELBQADggEBABn0sFl5bjuULfXzmDwoLyJK1/HVqU8OSu2thrPusgKg+/KU/i2X
0MqeYCtXZEflEaBTc27XXBOG9d6E6EitWH63cM4yrLpbFQYhQxguRJFnht13+j9B
fozESALR6IBRBzlxl3CnRS/40FJwYAIvJvZX8xe6klujnnVZ0YjEu3Zr4hAyAhpd
ZzWkyLf0kbKeZDWab/T/d2KCP2xLY7i/XfV2ktHqZollHyf3q+HwDqbRc8cZ0YM0
ypsMRLeSqjRc6s2aq76Sqr+4errBNXwvdXNvyvFRvkkBK2jnnqp601jBExE7T3lz
ZzkJKE+SPZKCGtnPdBo/r8cjKw3AtJYBS/o=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net