Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Ar9ZFVriAV5iQX8I4GxkC0o-O-U.roa
File: Ar9ZFVriAV5iQX8I4GxkC0o-O-U.roa (raw, json)
Hash identifier: 8/fFZLsTVABUQccMTh1kuth/UeB7WKkU8IpJSaxT64o=
Subject key identifier: 02:BF:59:15:5A:E2:01:5E:62:41:7F:08:E0:6C:64:0B:4A:3E:3B:E5
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 373CFD02
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Ar9ZFVriAV5iQX8I4GxkC0o-O-U.roa
Signing time: Sat 01 Jan 2022 05:59:16 +0000
ROA not before: Sat 01 Jan 2022 05:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8239
IP address blocks: 84.18.0.0/19 maxlen: 24
212.59.192.0/19 maxlen: 24
195.5.64.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 926743810 (0x373cfd02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 1 05:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02bf59155ae2015e62417f08e06c640b4a3e3be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:ad:2a:a0:41:d2:88:37:8f:58:38:96:ea:
81:8b:a6:c2:29:0a:8d:11:aa:f0:b8:31:33:0a:b9:
12:a1:b3:10:ce:2a:44:ed:b5:b5:a7:51:96:8b:66:
24:f3:aa:f9:b8:6b:5b:b9:57:1b:cf:44:7a:ab:50:
52:60:bf:ca:f6:9f:7e:2e:54:61:35:66:36:f3:55:
26:be:3f:32:58:f6:75:15:bc:7c:74:e2:2c:e8:5d:
e2:d7:64:8f:08:18:6d:d3:57:bd:05:9e:c3:88:58:
1f:7d:17:d1:72:11:b6:be:d7:6c:b3:87:f0:e0:71:
67:27:f0:6a:13:06:a5:b4:dd:90:40:12:e2:82:16:
9f:d5:98:17:f9:05:ca:fa:cd:62:45:98:26:f4:2b:
f3:70:80:8b:04:e0:0b:65:2a:76:ca:8f:da:45:c0:
5d:c2:48:36:4b:ed:0f:f1:b7:9f:ae:bd:d6:8b:b6:
47:71:ea:b1:68:57:92:0d:12:05:00:f2:85:b2:7d:
04:5d:80:07:6f:df:ee:ca:91:0c:33:9e:2a:b3:11:
14:fe:75:8e:d3:b5:ed:3a:98:41:45:58:78:67:2b:
a1:77:4e:4c:42:17:d9:15:75:28:99:21:45:ad:86:
c4:9b:73:54:08:4c:b9:e4:de:7b:0a:d2:e8:30:5b:
c5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:59:15:5A:E2:01:5E:62:41:7F:08:E0:6C:64:0B:4A:3E:3B:E5
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/Ar9ZFVriAV5iQX8I4GxkC0o-O-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
195.5.64.0/19
212.59.192.0/19
Signature Algorithm: sha256WithRSAEncryption
17:67:6d:dd:c5:b8:19:13:44:c9:26:a1:2a:c5:56:73:56:7b:
6d:32:c8:8d:01:ca:70:d4:7e:2d:a3:eb:9e:69:6d:5b:60:c5:
bc:9a:d5:3d:1d:e3:58:70:aa:cc:9b:04:66:fe:fb:ec:1c:fd:
51:5b:2a:34:92:49:04:68:2c:54:e6:68:24:10:31:a4:70:38:
ca:f2:b1:1e:f1:a1:e8:e3:c9:36:1e:c2:8b:e5:a3:57:26:dd:
34:58:d1:85:2d:71:e1:b4:1b:1b:e7:a3:7f:14:f9:fe:2a:2f:
b9:db:5b:be:36:c4:fc:11:5b:2d:8a:97:93:53:f0:92:f4:19:
42:b2:57:20:f2:01:f7:33:6e:e1:a4:2f:b3:c8:b8:15:a4:64:
8a:47:50:d0:34:55:33:31:eb:b0:26:77:ce:7d:8b:3a:5b:d5:
b5:dc:ae:dc:4e:61:a7:79:1f:53:be:73:46:88:9d:da:9b:ce:
e8:ec:4f:59:08:6d:4a:a4:d8:2a:77:1a:22:74:2b:9a:dc:3c:
a6:9a:06:7a:e4:45:fc:e8:3d:83:f8:56:20:0e:da:de:e9:84:
22:1d:a5:45:e7:dc:ec:02:48:ea:f2:4f:ed:a9:c1:2d:bd:b9:
ed:4b:20:96:fb:10:31:e9:df:3d:16:4f:4d:e5:2f:b8:c1:d5:
aa:c6:f4:48
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENzz9AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQwM2I1ZTQ1Y2Q1OGJlNWY2YzVkMzNmYTU2NWFiNDkyMjNlM2RiMB4XDTIyMDEw
MTA1NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJiZjU5MTU1YWUy
MDE1ZTYyNDE3ZjA4ZTA2YzY0MGI0YTNlM2JlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5BrSqgQdKIN49YOJbqgYumwikKjRGq8LgxMwq5EqGzEM4q
RO21tadRlotmJPOq+bhrW7lXG89EeqtQUmC/yvaffi5UYTVmNvNVJr4/Mlj2dRW8
fHTiLOhd4tdkjwgYbdNXvQWew4hYH30X0XIRtr7XbLOH8OBxZyfwahMGpbTdkEAS
4oIWn9WYF/kFyvrNYkWYJvQr83CAiwTgC2UqdsqP2kXAXcJINkvtD/G3n6691ou2
R3HqsWhXkg0SBQDyhbJ9BF2AB2/f7sqRDDOeKrMRFP51jtO17TqYQUVYeGcroXdO
TEIX2RV1KJkhRa2GxJtzVAhMueTeewrS6DBbxScCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQCv1kVWuIBXmJBfwjgbGQLSj475TAfBgNVHSMEGDAWgBToQDteRc1Yvl9s
XTP6Vlq0kiPj2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8x
L0FyOVpGVnJpQVY1aVFYOEk0R3hrQzBvLU8tVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJhNi8xLzZFQTdYa1hOV0w1
ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBVQSAAMEBcMFQAMEBdQ7wDANBgkq
hkiG9w0BAQsFAAOCAQEAF2dt3cW4GRNEySahKsVWc1Z7bTLIjQHKcNR+LaPrnmlt
W2DFvJrVPR3jWHCqzJsEZv777Bz9UVsqNJJJBGgsVOZoJBAxpHA4yvKxHvGh6OPJ
Nh7Ci+WjVybdNFjRhS1x4bQbG+ejfxT5/iovudtbvjbE/BFbLYqXk1PwkvQZQrJX
IPIB9zNu4aQvs8i4FaRkikdQ0DRVMzHrsCZ3zn2LOlvVtdyu3E5hp3kfU75zRoid
2pvO6OxPWQhtSqTYKncaInQrmtw8ppoGeuRF/Og9g/hWIA7a3umEIh2lRefc7AJI
6vJP7anBLb257UsglvsQMenfPRZPTeUvuMHVqsb0SA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net