Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2a2e6-d16c-47e6-a595-e82c4910bf63/1/vNa3vESNdqirSs8LzAOSyjh4lP8.roa
File: vNa3vESNdqirSs8LzAOSyjh4lP8.roa (raw, json)
Hash identifier: aebEUU5PWaQXM1S6rUA+j2X46c7M8Bie73zGerXjjQE=
Subject key identifier: BC:D6:B7:BC:44:8D:76:A8:AB:4A:CF:0B:CC:03:92:CA:38:78:94:FF
Certificate issuer: /CN=d5720fceadeb8ae6d9a7d1a1d18db8ece4606f40
Certificate serial: 01851A36C4DDFA559D8CFD211D68464E1A03
Authority key identifier: D5:72:0F:CE:AD:EB:8A:E6:D9:A7:D1:A1:D1:8D:B8:EC:E4:60:6F:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XIPzq3riubZp9Gh0Y247ORgb0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2a2e6-d16c-47e6-a595-e82c4910bf63/1/vNa3vESNdqirSs8LzAOSyjh4lP8.roa
Signing time: Fri 16 Dec 2022 09:14:35 +0000
ROA not before: Fri 16 Dec 2022 09:14:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212068
IP address blocks: 151.216.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:36:c4:dd:fa:55:9d:8c:fd:21:1d:68:46:4e:1a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5720fceadeb8ae6d9a7d1a1d18db8ece4606f40
Validity
Not Before: Dec 16 09:14:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bcd6b7bc448d76a8ab4acf0bcc0392ca387894ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:cd:81:6a:03:e9:cd:73:cc:12:12:cc:04:
c1:3c:28:89:16:22:65:80:4e:5b:30:26:a4:97:b9:
f3:75:48:7e:17:1c:56:82:90:28:d8:02:4e:d9:3e:
68:e5:76:da:83:72:1b:28:78:fa:8f:13:53:6d:0f:
1f:94:50:31:72:da:4f:19:06:de:8d:d4:7a:32:80:
fc:95:46:2a:63:77:12:0e:93:fe:a9:cd:e6:46:e4:
e9:9c:a2:34:ed:cc:aa:a3:7f:08:df:5b:b8:c4:23:
ca:ba:7c:f5:d1:01:c7:24:76:26:9c:bd:aa:77:8b:
37:79:ae:3c:82:50:a2:1e:e0:bb:a0:9b:c9:6b:32:
49:2b:3b:cf:e8:70:9c:67:bd:c6:22:6f:51:11:6b:
b4:db:00:55:2e:6d:e8:1a:56:19:e5:0b:51:8e:c8:
74:a2:db:11:b1:02:c8:2b:e6:19:91:57:39:a7:f8:
8e:00:18:e4:85:2e:05:65:43:4a:a7:3f:b8:27:05:
38:e5:a1:fc:a2:86:7a:83:60:89:f1:6f:37:7e:49:
c6:ab:18:20:e0:b7:3b:aa:38:43:44:5f:ae:f1:7b:
1e:20:30:6b:e6:34:e5:e2:e9:3b:49:64:3a:df:7b:
dc:e8:75:fc:aa:61:01:6b:62:3a:4e:fb:7e:1f:cc:
cd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D6:B7:BC:44:8D:76:A8:AB:4A:CF:0B:CC:03:92:CA:38:78:94:FF
X509v3 Authority Key Identifier:
keyid:D5:72:0F:CE:AD:EB:8A:E6:D9:A7:D1:A1:D1:8D:B8:EC:E4:60:6F:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XIPzq3riubZp9Gh0Y247ORgb0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2a2e6-d16c-47e6-a595-e82c4910bf63/1/vNa3vESNdqirSs8LzAOSyjh4lP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2a2e6-d16c-47e6-a595-e82c4910bf63/1/1XIPzq3riubZp9Gh0Y247ORgb0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/22
Signature Algorithm: sha256WithRSAEncryption
98:39:7a:9a:50:07:e2:71:8d:76:7a:b0:90:07:8f:a0:eb:b4:
75:85:58:81:8f:42:68:09:22:3d:78:5a:70:07:e5:7c:47:b5:
e9:ef:c5:cd:a3:c2:2d:cb:e2:b5:88:ce:c5:b7:f5:a7:12:26:
34:ca:0c:78:00:5c:94:5c:b6:35:0b:28:10:03:54:81:18:01:
8f:73:a9:26:a8:ea:ec:5e:54:63:fe:9b:2c:1c:0d:20:2e:95:
5e:4c:1a:86:03:9f:63:75:b1:cb:7e:13:21:b1:a6:51:d8:8c:
79:35:db:1f:2a:71:e2:23:05:aa:c5:fa:1a:43:47:01:11:92:
5f:b3:95:fb:1f:1f:4b:4a:c6:4f:03:9a:cc:ef:5d:4c:43:f5:
1d:1e:49:d8:78:fb:ef:d4:d2:60:9f:9e:3f:d3:ea:df:43:4e:
3f:0c:26:da:51:37:bd:4c:c5:9e:ac:14:d1:ac:1a:0a:47:83:
f3:fb:68:a6:58:09:2e:40:dd:dd:eb:9c:59:66:d3:07:92:fd:
e6:af:33:1b:3c:66:5e:58:c3:a2:bf:4f:52:df:a5:7e:49:7e:
4e:f1:f7:db:eb:7b:2b:87:32:ce:55:62:2a:85:7b:05:5d:31:
e8:46:7b:84:15:e2:2b:95:24:4c:95:fd:bf:6c:c7:6a:41:e7:
53:65:cb:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUaNsTd+lWdjP0hHWhGThoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzIwZmNlYWRlYjhhZTZkOWE3ZDFhMWQxOGRiOGVjZTQ2
MDZmNDAwHhcNMjIxMjE2MDkxNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Q2YjdiYzQ0OGQ3NmE4YWI0YWNmMGJjYzAzOTJjYTM4Nzg5NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA7NgWoD6c1zzBISzATBPCiJFiJl
gE5bMCakl7nzdUh+FxxWgpAo2AJO2T5o5Xbag3IbKHj6jxNTbQ8flFAxctpPGQbe
jdR6MoD8lUYqY3cSDpP+qc3mRuTpnKI07cyqo38I31u4xCPKunz10QHHJHYmnL2q
d4s3ea48glCiHuC7oJvJazJJKzvP6HCcZ73GIm9REWu02wBVLm3oGlYZ5QtRjsh0
otsRsQLIK+YZkVc5p/iOABjkhS4FZUNKpz+4JwU45aH8ooZ6g2CJ8W83fknGqxgg
4Lc7qjhDRF+u8XseIDBr5jTl4uk7SWQ633vc6HX8qmEBa2I6Tvt+H8zNJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzWt7xEjXaoq0rPC8wDkso4eJT/MB8GA1UdIwQY
MBaAFNVyD86t64rm2afRodGNuOzkYG9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhJUHpxM3JpdWJacDlHaDBZMjQ3T1JnYjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmEyZTYtZDE2Yy00N2U2LWE1OTUt
ZTgyYzQ5MTBiZjYzLzEvdk5hM3ZFU05kcWlyU3M4THpBT1N5amg0bFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmEyZTYtZDE2Yy00N2U2LWE1OTUtZTgyYzQ5MTBiZjYz
LzEvMVhJUHpxM3JpdWJacDlHaDBZMjQ3T1JnYjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl9gEMA0G
CSqGSIb3DQEBCwUAA4IBAQCYOXqaUAficY12erCQB4+g67R1hViBj0JoCSI9eFpw
B+V8R7Xp78XNo8Ity+K1iM7Ft/WnEiY0ygx4AFyUXLY1CygQA1SBGAGPc6kmqOrs
XlRj/pssHA0gLpVeTBqGA59jdbHLfhMhsaZR2Ix5NdsfKnHiIwWqxfoaQ0cBEZJf
s5X7Hx9LSsZPA5rM711MQ/UdHknYePvv1NJgn54/0+rfQ04/DCbaUTe9TMWerBTR
rBoKR4Pz+2imWAkuQN3d65xZZtMHkv3mrzMbPGZeWMOiv09S36V+SX5O8ffb63sr
hzLOVWIqhXsFXTHoRnuEFeIrlSRMlf2/bMdqQedTZcvY
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:50 2023 by rpki-client on console.sobornost.net