Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6HFA9n461DjhO_HO2GMLPPck4h4.roa
File: 6HFA9n461DjhO_HO2GMLPPck4h4.roa (raw, json)
Hash identifier: rYW/Ez0ZC12alPtYWqLjR5dEsyX4yTpxBMXsfTdBFyQ=
Subject key identifier: E8:71:40:F6:7E:3A:D4:38:E1:3B:F1:CE:D8:63:0B:3C:F7:24:E2:1E
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA592009A1FEC35A6192D181980AF1
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6HFA9n461DjhO_HO2GMLPPck4h4.roa
Signing time: Mon 02 Jan 2023 14:54:47 +0000
ROA not before: Mon 02 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25261
IP address blocks: 213.192.232.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:59:20:09:a1:fe:c3:5a:61:92:d1:81:98:0a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e87140f67e3ad438e13bf1ced8630b3cf724e21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ac:be:8b:d6:07:f5:ce:6e:b7:14:05:a3:a0:
47:cc:dd:bf:ad:d5:af:a9:e2:e2:0b:88:b7:98:f3:
8c:af:7d:95:49:5d:99:6b:38:2a:46:7e:e8:ec:c2:
a2:30:50:68:44:39:9e:3f:d1:98:d7:d6:97:ce:5f:
e7:b6:31:66:2c:67:1a:1c:fc:d0:e1:cb:cc:77:37:
92:77:63:df:89:78:fd:29:d0:5e:a8:35:62:f4:50:
2f:5a:2a:68:8d:b4:b9:35:b9:fc:19:f2:f0:cb:07:
d5:c3:66:e2:9f:ac:83:b8:8c:ae:37:7f:c6:ef:2f:
2a:2c:ff:8c:0e:ba:a9:51:65:c8:c4:fa:6e:e1:a1:
61:d5:23:83:04:6b:54:aa:d6:c7:8c:b9:fa:f3:16:
cb:b3:24:47:f0:ca:f9:29:e9:d2:6a:ee:4f:0b:fa:
f6:5a:00:84:2c:1b:61:6e:df:29:92:9c:d0:e2:71:
b7:70:70:55:83:d2:ac:1a:09:97:51:ed:e9:56:8d:
23:d7:07:ed:69:cb:fe:b2:9b:0b:2b:63:e5:29:31:
56:83:77:50:09:bd:1d:4b:68:00:0a:49:3c:8f:0e:
95:0d:20:85:8e:57:9c:36:4e:01:fb:6e:be:e6:28:
b8:42:25:fc:30:28:a8:ac:ea:d9:02:d7:f8:3f:56:
0a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:71:40:F6:7E:3A:D4:38:E1:3B:F1:CE:D8:63:0B:3C:F7:24:E2:1E
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6HFA9n461DjhO_HO2GMLPPck4h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.192.232.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:c2:18:01:f2:4e:7b:92:3c:8f:51:a5:84:43:5c:d4:02:72:
f4:2e:df:79:60:00:c3:6b:db:19:ca:45:7a:f1:af:fc:85:24:
13:a6:25:aa:a1:60:48:bb:af:ae:b1:46:b3:76:d2:1c:b3:80:
d5:8d:6c:4e:1d:12:fe:b6:2f:64:cf:a3:96:a7:cc:ce:97:5e:
23:d9:5d:b7:78:5b:a5:92:4d:da:e1:8b:ac:ca:4e:43:5d:83:
a9:35:76:fd:72:f2:3f:61:f5:c6:6f:ee:4f:e6:27:0c:83:e2:
c0:cd:f4:cd:45:14:94:d1:c4:53:d6:c5:8e:a5:3f:e4:87:ae:
20:74:e6:8a:97:08:b3:ca:ed:15:0c:6f:0e:49:04:8b:50:f0:
e3:6e:ec:4a:4c:ec:93:4e:ef:96:6b:fb:33:13:90:1e:63:0a:
48:7e:74:a7:81:6d:29:8a:a7:71:3f:fc:d9:60:0b:cd:bb:d3:
68:b3:a1:6b:31:8f:ee:c2:01:1e:96:c7:59:db:ce:bb:47:24:
b2:92:1a:62:14:f4:23:c5:22:67:ca:d4:b0:ff:1f:34:b3:e0:
ac:f7:dd:ac:b2:bd:59:90:b1:03:29:57:55:63:31:89:09:4f:
d1:87:92:23:45:c3:98:5c:04:4d:55:75:71:7b:ec:3f:98:89:
08:9d:98:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lkgCaH+w1phktGBmArxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODcxNDBmNjdlM2FkNDM4ZTEzYmYxY2VkODYzMGIzY2Y3MjRlMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKy+i9YH9c5utxQFo6BHzN2/rdWv
qeLiC4i3mPOMr32VSV2ZazgqRn7o7MKiMFBoRDmeP9GY19aXzl/ntjFmLGcaHPzQ
4cvMdzeSd2PfiXj9KdBeqDVi9FAvWipojbS5Nbn8GfLwywfVw2bin6yDuIyuN3/G
7y8qLP+MDrqpUWXIxPpu4aFh1SODBGtUqtbHjLn68xbLsyRH8Mr5KenSau5PC/r2
WgCELBthbt8pkpzQ4nG3cHBVg9KsGgmXUe3pVo0j1wftacv+spsLK2PlKTFWg3dQ
Cb0dS2gACkk8jw6VDSCFjlecNk4B+26+5ii4QiX8MCiorOrZAtf4P1YKmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOhxQPZ+OtQ44TvxzthjCzz3JOIeMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvNkhGQTluNDYxRGpoT19ITzJHTUxQUGNrNGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1cDoMA0G
CSqGSIb3DQEBCwUAA4IBAQDYwhgB8k57kjyPUaWEQ1zUAnL0Lt95YADDa9sZykV6
8a/8hSQTpiWqoWBIu6+usUazdtIcs4DVjWxOHRL+ti9kz6OWp8zOl14j2V23eFul
kk3a4Yusyk5DXYOpNXb9cvI/YfXGb+5P5icMg+LAzfTNRRSU0cRT1sWOpT/kh64g
dOaKlwizyu0VDG8OSQSLUPDjbuxKTOyTTu+Wa/szE5AeYwpIfnSngW0piqdxP/zZ
YAvNu9Nos6FrMY/uwgEelsdZ2867RySykhpiFPQjxSJnytSw/x80s+Cs992ssr1Z
kLEDKVdVYzGJCU/Rh5IjRcOYXARNVXVxe+w/mIkInZgc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net