Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/dbaYQx3psahWp1jEbKvBzzY79TY.roa
File: dbaYQx3psahWp1jEbKvBzzY79TY.roa (raw, json)
Hash identifier: zftMhq6UXepJb1f1us/laas8s2fMM3raxIb3XfAVSMY=
Subject key identifier: 75:B6:98:43:1D:E9:B1:A8:56:A7:58:C4:6C:AB:C1:CF:36:3B:F5:36
Certificate issuer: /CN=fc55e0533efaa5624f538b92ed1a973feff89751
Certificate serial: 0182F872B2B4A85A53BD7D2EC3F6AF962AE2
Authority key identifier: FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/dbaYQx3psahWp1jEbKvBzzY79TY.roa
Signing time: Thu 01 Sep 2022 09:47:22 +0000
ROA not before: Thu 01 Sep 2022 09:47:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39144
IP address blocks: 185.132.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:72:b2:b4:a8:5a:53:bd:7d:2e:c3:f6:af:96:2a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc55e0533efaa5624f538b92ed1a973feff89751
Validity
Not Before: Sep 1 09:47:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75b698431de9b1a856a758c46cabc1cf363bf536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:20:b2:4e:8d:42:e7:74:35:13:d5:65:18:
56:29:92:eb:54:6e:f2:f3:e5:12:d9:84:17:39:f9:
a4:aa:a4:28:cc:3d:dd:50:1d:b7:bd:61:ba:c6:d5:
32:f2:2c:16:eb:4d:2c:11:ce:17:51:09:bc:cd:2e:
45:53:e9:57:42:db:76:a5:d1:74:8a:13:43:d9:75:
a4:7a:02:7c:37:73:f3:5d:bc:a5:f6:93:e9:06:20:
59:c5:ca:64:28:69:b1:7f:e1:61:62:70:29:cf:ac:
66:4e:90:1d:25:71:b1:11:1b:00:76:d7:d8:ee:77:
76:5f:48:d6:59:27:90:5d:a0:0c:3d:3a:83:93:10:
87:50:8d:26:af:e9:a7:bc:d0:38:03:96:76:e8:92:
47:10:e0:74:f8:a4:1b:16:4e:65:63:98:81:75:a2:
14:77:34:4b:0d:2e:fc:a1:b9:08:ca:d1:5a:fb:f5:
9b:7d:28:17:d6:51:c5:ae:95:95:f3:92:4c:23:72:
34:65:5d:4c:cf:05:50:79:17:0d:6a:f1:e8:cb:9a:
7e:9e:cf:af:05:31:d1:66:df:b6:87:c8:ee:51:af:
4c:a3:ed:c4:f6:1f:b5:3c:a5:ed:32:4a:d2:30:7d:
54:94:32:2b:e8:69:54:34:cd:30:30:0c:a5:60:a7:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B6:98:43:1D:E9:B1:A8:56:A7:58:C4:6C:AB:C1:CF:36:3B:F5:36
X509v3 Authority Key Identifier:
keyid:FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/dbaYQx3psahWp1jEbKvBzzY79TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/_FXgUz76pWJPU4uS7RqXP-_4l1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
f5:4a:51:12:a7:81:74:98:42:c9:8c:a6:52:bb:9e:b5:98:1b:
b4:e4:a9:3b:32:fe:88:41:b3:82:b1:87:40:2f:3e:28:34:bb:
fb:49:41:13:c6:75:d7:62:69:43:f6:79:0a:97:33:9e:0a:2d:
8e:fd:df:ca:c6:f5:f3:51:aa:e8:79:85:e2:40:fa:a2:72:7a:
97:9a:1b:05:53:8e:c6:1b:ac:84:b2:59:86:c2:9d:f3:d4:8a:
82:ce:0a:5b:ef:5b:8f:54:5f:7d:b2:4c:1a:6e:1c:17:09:37:
13:6f:d7:28:0c:86:0f:e1:c8:8e:0e:c5:88:74:bc:64:3e:04:
55:d8:44:ef:a9:79:c1:ef:a0:16:31:75:02:60:6e:ee:6a:fe:
37:e2:31:88:70:a5:52:da:b2:3e:dd:36:33:80:f9:ac:a7:ec:
c4:14:6d:58:d1:21:86:0e:d4:7f:23:e6:d1:75:f9:33:f8:3a:
66:3f:fb:3d:e3:dc:7f:82:e5:f3:b6:68:c4:bc:ca:ae:31:8c:
07:df:db:51:40:47:bd:de:26:bf:51:b3:5b:13:42:51:90:37:
61:39:fc:8b:ad:a0:a9:69:ff:54:67:86:73:07:6c:d7:22:12:
5a:04:c8:ba:3b:f3:80:8a:56:8a:4d:33:a5:ee:cd:52:60:0a:
ff:31:99:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL4crK0qFpTvX0uw/avliriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNTVlMDUzM2VmYWE1NjI0ZjUzOGI5MmVkMWE5NzNmZWZm
ODk3NTEwHhcNMjIwOTAxMDk0NzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI2OTg0MzFkZTliMWE4NTZhNzU4YzQ2Y2FiYzFjZjM2M2JmNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0wgsk6NQud0NRPVZRhWKZLrVG7y
8+US2YQXOfmkqqQozD3dUB23vWG6xtUy8iwW600sEc4XUQm8zS5FU+lXQtt2pdF0
ihND2XWkegJ8N3PzXbyl9pPpBiBZxcpkKGmxf+FhYnApz6xmTpAdJXGxERsAdtfY
7nd2X0jWWSeQXaAMPTqDkxCHUI0mr+mnvNA4A5Z26JJHEOB0+KQbFk5lY5iBdaIU
dzRLDS78obkIytFa+/WbfSgX1lHFrpWV85JMI3I0ZV1MzwVQeRcNavHoy5p+ns+v
BTHRZt+2h8juUa9Mo+3E9h+1PKXtMkrSMH1UlDIr6GlUNM0wMAylYKeBBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHW2mEMd6bGoVqdYxGyrwc82O/U2MB8GA1UdIwQY
MBaAFPxV4FM++qViT1OLku0alz/v+JdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODIt
YTUyODYyYjQ0NTYzLzEvZGJhWVF4M3BzYWhXcDFqRWJLdkJ6elk3OVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODItYTUyODYyYjQ0NTYz
LzEvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYS8MA0G
CSqGSIb3DQEBCwUAA4IBAQD1SlESp4F0mELJjKZSu561mBu05Kk7Mv6IQbOCsYdA
Lz4oNLv7SUETxnXXYmlD9nkKlzOeCi2O/d/KxvXzUaroeYXiQPqicnqXmhsFU47G
G6yEslmGwp3z1IqCzgpb71uPVF99skwabhwXCTcTb9coDIYP4ciODsWIdLxkPgRV
2ETvqXnB76AWMXUCYG7uav434jGIcKVS2rI+3TYzgPmsp+zEFG1Y0SGGDtR/I+bR
dfkz+DpmP/s949x/guXztmjEvMquMYwH39tRQEe93ia/UbNbE0JRkDdhOfyLraCp
af9UZ4ZzB2zXIhJaBMi6O/OAilaKTTOl7s1SYAr/MZka
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:08 2023 by rpki-client on console.sobornost.net