Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/A8RbLz-hAvRRpPnVIlvRFjFxlqg.roa
File: A8RbLz-hAvRRpPnVIlvRFjFxlqg.roa (raw, json)
Hash identifier: N4dJhNdkUYz+8ZThX7RyLe4YUyB6b3pB7Aq7MORRuB4=
Subject key identifier: 03:C4:5B:2F:3F:A1:02:F4:51:A4:F9:D5:22:5B:D1:16:31:71:96:A8
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 37410504
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/A8RbLz-hAvRRpPnVIlvRFjFxlqg.roa
Signing time: Sat 01 Jan 2022 05:59:18 +0000
ROA not before: Sat 01 Jan 2022 05:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31262
IP address blocks: 212.49.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927008004 (0x37410504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03c45b2f3fa102f451a4f9d5225bd116317196a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:53:b4:25:dc:2d:fe:34:cf:eb:d6:81:6f:
63:c2:57:a7:cc:75:f5:3c:56:41:6c:67:a2:7b:bd:
ed:e6:8e:f0:3c:03:3a:78:55:c2:d6:af:72:b4:71:
4e:69:21:1b:20:0c:14:04:93:1a:f3:62:8a:68:5a:
d5:57:b9:cd:ab:ff:5e:a7:5e:a8:47:39:fa:39:48:
63:a1:2b:3e:5d:44:18:a5:07:5d:ce:75:08:fb:f4:
f1:c2:12:b2:5c:ed:a4:08:e3:c1:32:f1:6a:0d:9c:
37:a2:80:87:52:77:5d:60:a5:8d:2b:c0:94:51:60:
9c:40:c0:ca:07:bb:60:82:bb:4c:8b:d0:4f:c6:3b:
04:e4:c9:e3:ed:d1:7b:b8:f6:e3:ad:28:47:f9:2e:
55:15:be:f1:ec:1a:a5:06:c6:89:ca:b5:d2:f4:60:
64:00:3e:c4:35:4d:be:b6:f7:bb:80:01:9d:18:56:
ea:06:f5:da:10:91:03:c8:15:06:c4:5b:01:bb:3a:
03:14:ea:5e:79:cd:90:af:c5:3b:79:e8:c1:12:74:
65:20:8c:c4:57:45:14:ae:22:11:9b:a3:7e:bd:9b:
2a:c8:4d:f4:d8:f6:a1:14:15:40:78:07:fd:bb:d3:
56:19:84:18:8d:b8:20:f9:30:6d:4f:73:8c:b8:43:
8b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C4:5B:2F:3F:A1:02:F4:51:A4:F9:D5:22:5B:D1:16:31:71:96:A8
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/A8RbLz-hAvRRpPnVIlvRFjFxlqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c7:f6:7f:99:b2:cc:13:2e:55:4e:fe:cc:8a:8c:dd:28:96:
92:c1:6e:eb:06:0b:ae:70:ea:ce:80:26:1c:77:3d:ff:9d:37:
76:a8:19:a3:55:43:63:e3:4d:81:fc:7d:62:16:b5:6b:ec:7d:
bf:b2:f9:0f:52:c5:e0:6f:24:ac:0e:83:32:c1:10:13:f3:83:
c1:72:7a:57:87:e2:97:aa:26:74:58:2d:e2:02:db:8b:01:6d:
e9:b7:a6:fc:99:06:5e:9a:a7:85:f0:07:32:e9:d2:e1:2d:a5:
8e:01:e9:0a:84:80:20:77:fa:32:56:c2:72:72:ec:58:2e:65:
9f:d9:b3:5d:d9:5e:0e:a7:9d:a1:75:69:8e:31:ff:9f:d0:88:
9c:fc:e7:69:1a:e7:94:0a:c4:53:14:71:d1:d3:b9:21:da:85:
ad:a4:70:62:d0:7c:5e:da:ae:e5:f1:a0:11:e8:7a:fb:d0:86:
99:a6:03:95:16:62:73:15:a9:27:c8:18:53:14:3f:79:bf:5c:
29:8e:a8:d2:90:2b:ba:5e:6d:92:e7:65:41:4a:cf:8f:83:79:
7f:be:35:c2:9e:ac:09:50:5e:ec:22:99:c1:1e:e9:88:2d:be:
79:76:27:e7:81:5b:7c:52:c0:5c:5c:ae:e8:ce:f5:fc:89:9c:
89:4d:19:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN0EFBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNjNDViMmYzZmEx
MDJmNDUxYTRmOWQ1MjI1YmQxMTYzMTcxOTZhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSpU7Ql3C3+NM/r1oFvY8JXp8x19TxWQWxnonu97eaO8DwD
OnhVwtavcrRxTmkhGyAMFASTGvNiimha1Ve5zav/XqdeqEc5+jlIY6ErPl1EGKUH
Xc51CPv08cISslztpAjjwTLxag2cN6KAh1J3XWCljSvAlFFgnEDAyge7YIK7TIvQ
T8Y7BOTJ4+3Re7j2460oR/kuVRW+8ewapQbGicq10vRgZAA+xDVNvrb3u4ABnRhW
6gb12hCRA8gVBsRbAbs6AxTqXnnNkK/FO3nowRJ0ZSCMxFdFFK4iEZujfr2bKshN
9Nj2oRQVQHgH/bvTVhmEGI24IPkwbU9zjLhDi8kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDxFsvP6EC9FGk+dUiW9EWMXGWqDAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L0E4UmJMei1oQXZSUnBQblZJbHZSRmpGeGxxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQxkTANBgkqhkiG9w0BAQsFAAOC
AQEAoMf2f5myzBMuVU7+zIqM3SiWksFu6wYLrnDqzoAmHHc9/503dqgZo1VDY+NN
gfx9Yha1a+x9v7L5D1LF4G8krA6DMsEQE/ODwXJ6V4fil6omdFgt4gLbiwFt6bem
/JkGXpqnhfAHMunS4S2ljgHpCoSAIHf6MlbCcnLsWC5ln9mzXdleDqedoXVpjjH/
n9CInPznaRrnlArEUxRx0dO5IdqFraRwYtB8Xtqu5fGgEeh6+9CGmaYDlRZicxWp
J8gYUxQ/eb9cKY6o0pArul5tkudlQUrPj4N5f741wp6sCVBe7CKZwR7piC2+eXYn
54FbfFLAXFyu6M71/ImciU0ZVg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net