Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/zY7rWoRB1qMoGa65eXGkSTbvvsY.roa
File: zY7rWoRB1qMoGa65eXGkSTbvvsY.roa (raw, json)
Hash identifier: 22o9yWVMik+SjDrA8X3tC1rr0FHurDV3SIH1HXw0zKU=
Subject key identifier: CD:8E:EB:5A:84:41:D6:A3:28:19:AE:B9:79:71:A4:49:36:EF:BE:C6
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 018804B06640CAECC706B3E9F6AAEB680302
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/zY7rWoRB1qMoGa65eXGkSTbvvsY.roa
Signing time: Wed 10 May 2023 08:04:09 +0000
ROA not before: Wed 10 May 2023 08:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209235
IP address blocks: 2.56.84.0/24 maxlen: 24
45.141.242.0/24 maxlen: 24
45.141.255.0/24 maxlen: 24
193.38.224.0/24 maxlen: 24
2a09:c0c0::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:b0:66:40:ca:ec:c7:06:b3:e9:f6:aa:eb:68:03:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: May 10 08:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd8eeb5a8441d6a32819aeb97971a44936efbec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0e:c4:3a:33:a5:5c:7b:30:e6:94:9e:de:40:
0e:35:a6:e8:f7:0b:28:07:32:49:a9:dd:1e:9b:ef:
0c:6b:fd:1d:01:d6:c5:f8:ed:5e:f7:6f:6c:17:21:
7a:a7:ef:c5:82:42:92:11:80:cd:ba:ec:a6:61:ff:
30:d5:e1:2b:b9:9f:55:78:d6:54:18:97:23:d1:ac:
06:08:7e:b4:c9:82:6a:16:fb:f5:b9:42:33:fa:20:
8d:de:d8:9d:c2:9a:2c:d2:9c:62:72:c7:f3:6f:63:
d7:58:27:7c:72:fb:26:48:bb:a5:bf:0b:e4:9f:d1:
ab:8e:99:b7:f1:9b:dd:e5:e1:7b:04:2a:37:dc:12:
99:41:ac:e5:d4:d7:89:2b:42:b8:52:d6:81:a8:74:
e0:ad:15:5b:93:f6:2a:11:ca:ab:ee:79:88:27:ef:
fb:44:64:49:2f:bd:7a:4f:53:74:9f:68:e7:78:b5:
06:20:2c:df:58:a1:77:4d:80:f1:04:76:2c:6d:ac:
99:7a:47:c4:91:ab:1d:fb:31:49:85:98:70:6f:bc:
00:c4:a7:7e:dc:d6:98:34:56:65:06:ff:ca:9a:39:
c0:52:ed:e0:46:29:e6:d3:dc:f7:18:97:b2:dc:03:
b7:eb:5c:56:bb:c0:86:0a:ce:2b:c6:95:00:d3:c7:
a8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8E:EB:5A:84:41:D6:A3:28:19:AE:B9:79:71:A4:49:36:EF:BE:C6
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/zY7rWoRB1qMoGa65eXGkSTbvvsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.84.0/24
45.141.242.0/24
45.141.255.0/24
193.38.224.0/24
IPv6:
2a09:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:be:d4:ac:ab:f5:eb:4a:7a:07:f2:bc:2f:31:72:a4:da:83:
6d:b5:a5:7e:a4:a5:ab:aa:cb:17:98:5f:66:75:55:0b:0e:82:
c6:9b:d3:75:4a:dd:d4:25:96:26:a1:68:ad:e0:18:4e:ba:9f:
6d:2d:73:df:01:f7:76:fa:a9:e2:c6:2a:3f:c6:4f:c9:d3:4f:
a2:d6:68:a2:c5:19:11:b0:83:55:d6:14:5e:e4:3f:51:1f:3b:
fa:0f:3d:09:12:97:21:ca:a4:8e:62:b3:3d:34:2f:71:a4:4e:
e6:9d:30:4f:e0:d2:9d:0f:81:43:3b:9f:4e:c1:2c:89:23:34:
93:f8:f9:dd:95:17:62:ab:0e:1e:7f:a2:23:ea:38:34:0d:20:
87:ab:f2:80:f6:c8:64:28:c5:49:3c:d6:06:05:2b:a6:a0:e1:
d2:1a:ad:15:3b:29:63:ce:01:b5:88:dd:57:3c:4f:88:eb:35:
db:74:7b:58:8d:20:2a:fc:1f:3b:2e:a8:af:a5:db:4e:f4:97:
cb:0d:bf:7d:bc:31:f6:57:a1:ae:d9:c4:96:a9:0f:a8:a1:89:
43:55:e6:3c:c9:d5:de:e6:ff:0b:6a:43:37:53:58:f7:cd:9a:
f0:35:4e:90:f1:0a:a1:0f:c8:96:f6:eb:b9:8a:45:7c:bd:b8:
49:95:4e:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYgEsGZAyuzHBrPp9qrraAMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjMwNTEwMDgwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhlZWI1YTg0NDFkNmEzMjgxOWFlYjk3OTcxYTQ0OTM2ZWZiZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA7EOjOlXHsw5pSe3kAONabo9wso
BzJJqd0em+8Ma/0dAdbF+O1e929sFyF6p+/FgkKSEYDNuuymYf8w1eEruZ9VeNZU
GJcj0awGCH60yYJqFvv1uUIz+iCN3tidwpos0pxicsfzb2PXWCd8cvsmSLulvwvk
n9Grjpm38Zvd5eF7BCo33BKZQazl1NeJK0K4UtaBqHTgrRVbk/YqEcqr7nmIJ+/7
RGRJL716T1N0n2jneLUGICzfWKF3TYDxBHYsbayZekfEkasd+zFJhZhwb7wAxKd+
3NaYNFZlBv/KmjnAUu3gRinm09z3GJey3AO361xWu8CGCs4rxpUA08eoJwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM2O61qEQdajKBmuuXlxpEk2777GMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvelk3cldvUkIxcU1vR2E2NWVYR2tTVGJ2dnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAAjhUAwQA
LY3yAwQALY3/AwQAwSbgMA0EAgACMAcDBQMqCcDAMA0GCSqGSIb3DQEBCwUAA4IB
AQCSvtSsq/XrSnoH8rwvMXKk2oNttaV+pKWrqssXmF9mdVULDoLGm9N1St3UJZYm
oWit4BhOup9tLXPfAfd2+qnixio/xk/J00+i1miixRkRsINV1hRe5D9RHzv6Dz0J
EpchyqSOYrM9NC9xpE7mnTBP4NKdD4FDO59OwSyJIzST+PndlRdiqw4ef6Ij6jg0
DSCHq/KA9shkKMVJPNYGBSumoOHSGq0VOyljzgG1iN1XPE+I6zXbdHtYjSAq/B87
LqivpdtO9JfLDb99vDH2V6Gu2cSWqQ+ooYlDVeY8ydXe5v8LakM3U1j3zZrwNU6Q
8QqhD8iW9uu5ikV8vbhJlU5Q
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net