Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/BaRvGy2mvuhe_-DLC74K5cWmDE4.roa
File: BaRvGy2mvuhe_-DLC74K5cWmDE4.roa (raw, json)
Hash identifier: i9hp5OSLRQxLinm6gmOhK7NqBFOiiRf+sEIIQsBPl58=
Subject key identifier: 05:A4:6F:1B:2D:A6:BE:E8:5E:FF:E0:CB:0B:BE:0A:E5:C5:A6:0C:4E
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 01856D8AF196B107A546386CBB158C76DFB1
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/BaRvGy2mvuhe_-DLC74K5cWmDE4.roa
Signing time: Sun 01 Jan 2023 13:35:00 +0000
ROA not before: Sun 01 Jan 2023 13:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52045
IP address blocks: 185.41.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f1:96:b1:07:a5:46:38:6c:bb:15:8c:76:df:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Jan 1 13:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05a46f1b2da6bee85effe0cb0bbe0ae5c5a60c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:2d:4e:de:62:1a:de:0f:80:b1:19:51:78:
00:3a:d3:f1:ec:bd:84:76:03:9e:c0:3b:d3:c3:af:
86:f7:ac:85:b2:7e:bf:6b:2b:46:51:3d:ad:62:13:
f4:7c:12:5e:9f:b2:0f:c6:4c:51:8f:e0:57:fc:37:
69:62:39:ac:67:17:a4:64:77:19:0e:c5:1a:6c:c3:
1e:f0:8c:15:47:ae:29:42:ac:c3:55:de:09:2f:3b:
60:77:ec:22:91:96:e1:c3:65:c9:fb:06:fe:99:ac:
57:26:99:c2:b3:ab:ad:ff:fa:c0:90:e8:56:56:88:
dd:b1:ee:9e:f3:39:03:92:83:9e:c8:36:b7:59:19:
3d:22:ca:d5:f0:84:c9:cb:4b:60:dd:a5:95:79:65:
b3:85:dd:20:fd:38:69:9a:85:26:2f:a0:52:d9:22:
94:bf:a9:d6:e0:6c:38:74:e8:f8:79:8e:1b:6e:9a:
8a:64:bc:67:33:03:16:d4:2b:a3:0c:77:52:e9:0e:
bc:36:3d:4c:21:27:73:55:4f:35:69:c6:31:fc:6f:
20:21:c9:aa:b5:77:c0:0e:c6:18:70:85:a2:39:59:
0b:bd:ab:d5:9f:e5:08:74:0e:5c:82:ce:bd:2a:97:
8d:89:e2:56:ee:6f:b8:5f:7f:6b:13:00:31:9d:98:
1f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A4:6F:1B:2D:A6:BE:E8:5E:FF:E0:CB:0B:BE:0A:E5:C5:A6:0C:4E
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/BaRvGy2mvuhe_-DLC74K5cWmDE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.21.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e1:07:04:44:33:21:11:b5:f8:41:1f:d0:12:c8:98:88:43:
4f:9a:f3:ce:a2:4e:a9:ee:b8:df:17:25:76:b0:88:19:2f:32:
35:6a:26:b5:c5:e0:ff:c1:fa:70:f8:d9:70:ba:f7:15:7f:80:
9e:f3:46:5e:05:ca:41:48:91:d7:e0:be:04:8f:af:6c:96:19:
8a:52:41:a7:eb:b3:45:18:96:d6:f6:0f:0b:98:40:1e:7c:22:
86:95:a6:ff:54:36:27:c5:fd:30:f6:2d:8c:54:28:71:69:36:
b1:f8:b9:1b:ac:18:c7:6f:b4:61:bd:1c:1d:f2:7f:6b:11:85:
a4:49:83:45:21:c2:6e:62:bb:87:34:e2:0e:14:cb:19:10:1a:
f9:ba:f6:14:69:37:21:df:7b:c0:91:0a:61:c6:d5:73:21:fa:
20:00:4a:6c:7a:ba:bd:f7:61:01:a2:e8:1d:ff:be:69:64:8e:
35:79:89:db:f5:95:b9:e6:2b:5c:1d:cc:d3:93:13:92:8a:2c:
61:5b:39:e9:21:61:44:48:00:0c:d6:d2:2d:68:8a:93:a8:22:
7d:0d:d2:45:eb:3c:55:e3:c9:d5:43:04:73:3a:97:13:40:df:
a1:aa:10:bf:ad:97:b4:67:8e:34:05:dc:4a:3e:65:35:1b:22:
39:82:47:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtivGWsQelRjhsuxWMdt+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGZlZWE5YzdkZTI0NmU2ZDdkMWE1MDc0MDYyODViMjI2
ZjkyODYwHhcNMjMwMTAxMTMzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE0NmYxYjJkYTZiZWU4NWVmZmUwY2IwYmJlMGFlNWM1YTYwYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuastTt5iGt4PgLEZUXgAOtPx7L2E
dgOewDvTw6+G96yFsn6/aytGUT2tYhP0fBJen7IPxkxRj+BX/DdpYjmsZxekZHcZ
DsUabMMe8IwVR64pQqzDVd4JLztgd+wikZbhw2XJ+wb+maxXJpnCs6ut//rAkOhW
Vojdse6e8zkDkoOeyDa3WRk9IsrV8ITJy0tg3aWVeWWzhd0g/ThpmoUmL6BS2SKU
v6nW4Gw4dOj4eY4bbpqKZLxnMwMW1CujDHdS6Q68Nj1MISdzVU81acYx/G8gIcmq
tXfADsYYcIWiOVkLvavVn+UIdA5cgs69KpeNieJW7m+4X39rEwAxnZgfIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWkbxstpr7oXv/gywu+CuXFpgxOMB8GA1UdIwQY
MBaAFHPf7qnH3iRubX0aUHQGKFsib5KGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMt
NDQ2ZDBhN2U5NDA0LzEvQmFSdkd5Mm12dWhlXy1ETEM3NEs1Y1dtREU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMtNDQ2ZDBhN2U5NDA0
LzEvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSkVMA0G
CSqGSIb3DQEBCwUAA4IBAQCH4QcERDMhEbX4QR/QEsiYiENPmvPOok6p7rjfFyV2
sIgZLzI1aia1xeD/wfpw+NlwuvcVf4Ce80ZeBcpBSJHX4L4Ej69slhmKUkGn67NF
GJbW9g8LmEAefCKGlab/VDYnxf0w9i2MVChxaTax+LkbrBjHb7RhvRwd8n9rEYWk
SYNFIcJuYruHNOIOFMsZEBr5uvYUaTch33vAkQphxtVzIfogAEpserq992EBougd
/75pZI41eYnb9ZW55itcHczTkxOSiixhWznpIWFESAAM1tItaIqTqCJ9DdJF6zxV
48nVQwRzOpcTQN+hqhC/rZe0Z440BdxKPmU1GyI5gkcM
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net