Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/I7ks-ibr6L0vqcXMdp2BZrGB-Xk.roa
File: I7ks-ibr6L0vqcXMdp2BZrGB-Xk.roa (raw, json)
Hash identifier: C1YOjOUFvXMBfn5nG56VAOYYQQXiZGNmctovf/24hHQ=
Subject key identifier: 23:B9:2C:FA:26:EB:E8:BD:2F:A9:C5:CC:76:9D:81:66:B1:81:F9:79
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 01856D8AF402D834C8BD6612C531605EC858
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/I7ks-ibr6L0vqcXMdp2BZrGB-Xk.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210896
IP address blocks: 185.239.24.0/24 maxlen: 24
2a0c:d540:1111::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f4:02:d8:34:c8:bd:66:12:c5:31:60:5e:c8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23b92cfa26ebe8bd2fa9c5cc769d8166b181f979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e9:72:18:c8:26:b5:2c:5b:c2:23:ca:3b:c1:
f1:aa:88:95:31:f1:20:88:25:28:1a:d2:18:54:ca:
32:05:90:cb:15:68:6b:f1:f5:8d:99:72:cd:24:ca:
2f:f3:da:46:eb:7b:5e:c5:75:80:89:ed:1e:0c:30:
76:9a:6e:7a:0a:16:56:45:8c:53:99:fe:c5:a2:81:
80:fb:41:44:38:33:6f:bf:b7:83:81:f0:30:72:44:
0b:6f:09:25:15:4f:c6:a2:a6:92:7e:c7:b0:c1:53:
c7:80:cb:c0:f4:b8:9b:8b:1e:91:51:4e:28:73:60:
2d:aa:20:1a:76:f8:14:f7:85:ce:d7:c6:72:1b:73:
d1:50:46:5f:ac:60:c4:39:e6:37:82:2b:0f:65:ed:
19:c2:ce:a5:85:fe:14:ad:26:76:96:65:c2:e0:13:
29:f5:a4:8d:55:76:07:bb:af:db:f3:eb:d6:73:73:
0c:b5:59:1b:0e:59:36:27:1d:64:cf:b0:7d:2c:6b:
ed:e7:d9:b2:f3:8b:04:1c:cb:81:39:fd:0d:96:a8:
e4:1d:44:fa:b0:c1:dd:14:80:ef:a9:3d:8d:2c:15:
8b:f4:3d:12:78:a2:1f:86:80:25:d4:66:3c:7d:8c:
f1:7d:ba:42:7b:81:e0:54:a5:41:f2:e4:4b:e3:3d:
50:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B9:2C:FA:26:EB:E8:BD:2F:A9:C5:CC:76:9D:81:66:B1:81:F9:79
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/I7ks-ibr6L0vqcXMdp2BZrGB-Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.24.0/24
IPv6:
2a0c:d540:1111::/48
Signature Algorithm: sha256WithRSAEncryption
60:e1:93:3a:44:95:33:ac:7a:77:a6:f8:09:ca:5c:fb:26:62:
5f:e7:c3:8b:f2:c0:22:0a:99:b7:78:5a:e2:83:83:e2:cc:d7:
18:47:e0:f1:f7:64:22:3a:f2:b7:0f:69:b9:89:5e:32:7d:fd:
c0:c6:20:b4:dc:a7:74:c4:90:16:57:4d:54:6a:a7:50:12:22:
ff:42:e5:19:05:df:f7:09:c6:ce:1b:7a:7d:eb:bb:15:96:77:
94:92:31:ae:53:65:ee:90:a2:ee:d2:c4:a7:a6:ae:44:6b:0d:
ce:ba:e7:79:db:f2:2d:a4:54:5b:be:1b:42:03:a7:82:dd:c4:
3f:6e:b3:4b:49:46:d5:97:0d:c6:de:91:6e:3f:11:d9:19:11:
39:9e:9d:47:e1:de:b9:c3:aa:42:3a:91:bd:2b:8c:7c:d8:c3:
14:ea:79:8c:3f:44:4b:5c:d8:f6:b3:50:1a:78:5e:16:c9:d4:
21:c8:f5:fa:4a:a9:1c:a2:77:14:d0:38:a7:df:45:ae:65:94:
0c:dd:1f:48:2a:d4:74:b0:64:e2:32:7b:50:28:fc:a8:f4:33:
d8:45:f5:4f:ce:15:ba:fc:55:26:90:8e:a8:9b:2b:85:1f:42:
d3:df:52:de:0a:ca:24:f3:6d:32:64:ee:a5:34:23:94:0e:9c:
47:d2:44:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtivQC2DTIvWYSxTFgXshYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGZlZWE5YzdkZTI0NmU2ZDdkMWE1MDc0MDYyODViMjI2
ZjkyODYwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I5MmNmYTI2ZWJlOGJkMmZhOWM1Y2M3NjlkODE2NmIxODFmOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+lyGMgmtSxbwiPKO8HxqoiVMfEg
iCUoGtIYVMoyBZDLFWhr8fWNmXLNJMov89pG63texXWAie0eDDB2mm56ChZWRYxT
mf7FooGA+0FEODNvv7eDgfAwckQLbwklFU/GoqaSfsewwVPHgMvA9Libix6RUU4o
c2AtqiAadvgU94XO18ZyG3PRUEZfrGDEOeY3gisPZe0Zws6lhf4UrSZ2lmXC4BMp
9aSNVXYHu6/b8+vWc3MMtVkbDlk2Jx1kz7B9LGvt59my84sEHMuBOf0NlqjkHUT6
sMHdFIDvqT2NLBWL9D0SeKIfhoAl1GY8fYzxfbpCe4HgVKVB8uRL4z1QdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCO5LPom6+i9L6nFzHadgWaxgfl5MB8GA1UdIwQY
MBaAFHPf7qnH3iRubX0aUHQGKFsib5KGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMt
NDQ2ZDBhN2U5NDA0LzEvSTdrcy1pYnI2TDB2cWNYTWRwMkJackdCLVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMtNDQ2ZDBhN2U5NDA0
LzEvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAue8YMA8E
AgACMAkDBwAqDNVAEREwDQYJKoZIhvcNAQELBQADggEBAGDhkzpElTOsenem+AnK
XPsmYl/nw4vywCIKmbd4WuKDg+LM1xhH4PH3ZCI68rcPabmJXjJ9/cDGILTcp3TE
kBZXTVRqp1ASIv9C5RkF3/cJxs4ben3ruxWWd5SSMa5TZe6Qou7SxKemrkRrDc66
53nb8i2kVFu+G0IDp4LdxD9us0tJRtWXDcbekW4/EdkZETmenUfh3rnDqkI6kb0r
jHzYwxTqeYw/REtc2PazUBp4XhbJ1CHI9fpKqRyidxTQOKffRa5llAzdH0gq1HSw
ZOIye1Ao/Kj0M9hF9U/OFbr8VSaQjqibK4UfQtPfUt4KyiTzbTJk7qU0I5QOnEfS
RC4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net