Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cXOiZmV53Mgxj_0GTDNqXfPwV2I.roa
File: cXOiZmV53Mgxj_0GTDNqXfPwV2I.roa (raw, json)
Hash identifier: h/g8e4D2JqF6QFUvBQiyRu6Lqoyv6n32xINDiNNLG/s=
Subject key identifier: 71:73:A2:66:65:79:DC:C8:31:8F:FD:06:4C:33:6A:5D:F3:F0:57:62
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 1ABBEB62
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cXOiZmV53Mgxj_0GTDNqXfPwV2I.roa
Signing time: Sat 01 Jan 2022 00:54:13 +0000
ROA not before: Sat 01 Jan 2022 00:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60932
IP address blocks: 82.97.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448523106 (0x1abbeb62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 00:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7173a2666579dcc8318ffd064c336a5df3f05762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c5:61:2a:ce:af:32:70:89:b0:8f:57:bd:aa:
85:5a:ce:04:96:84:43:7f:5c:c4:fb:40:ab:e1:91:
d2:9b:13:d6:6b:8a:74:4c:1e:65:9b:d7:df:78:db:
66:87:51:be:9a:b8:8c:f2:9a:a4:eb:a3:44:d7:09:
ff:bb:f0:d2:01:2a:56:87:43:4f:8e:47:77:a3:41:
dd:e2:55:45:4f:3f:86:61:84:1d:e0:35:ff:24:d0:
73:19:eb:b3:4a:fc:c1:58:be:b4:77:e0:e0:6c:7f:
9d:b7:f2:34:ee:10:3d:54:08:7b:7b:14:aa:4c:3f:
f8:00:a4:6c:ea:c2:f5:1b:25:2e:da:cb:a4:c7:33:
ac:d4:86:2b:1b:70:f7:0d:4e:30:37:f7:72:36:cf:
54:8d:56:fd:d4:20:f6:a2:05:4f:a8:30:6c:52:37:
df:b6:76:46:00:b1:56:df:5d:d9:e2:a3:04:0f:35:
09:06:9b:7e:d3:15:90:4f:30:0e:47:d4:3e:de:5c:
67:cf:0b:e2:8f:45:31:c8:4a:a8:3b:3a:4c:60:4c:
fc:f8:00:7b:18:47:1f:a8:f6:3e:cb:42:55:2f:c0:
a9:59:41:a7:10:2b:04:a0:ad:97:d2:56:d4:6b:66:
24:99:4d:6c:22:1c:6c:08:2b:a0:ca:5c:25:5c:ac:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:73:A2:66:65:79:DC:C8:31:8F:FD:06:4C:33:6A:5D:F3:F0:57:62
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cXOiZmV53Mgxj_0GTDNqXfPwV2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.243.0/24
Signature Algorithm: sha256WithRSAEncryption
61:cb:37:3f:8c:47:73:21:6a:1d:8f:c4:5b:1d:f5:9b:9f:1f:
8f:97:c8:ef:2c:03:c2:9d:a7:e8:a4:52:83:b1:71:eb:69:a4:
e0:3f:e3:f0:90:6b:88:ea:91:ef:5b:bb:82:7d:45:21:58:fe:
91:68:cb:4a:29:f0:b7:41:c1:6f:b7:fa:06:56:60:76:eb:34:
7f:e6:3e:e9:ab:d6:b6:ba:ec:07:53:77:86:38:6c:7c:22:b5:
e9:3d:09:e3:e6:db:16:24:b5:a6:e4:7b:7e:1a:76:35:d4:18:
46:99:80:42:81:9a:89:3a:ff:39:aa:b8:c4:f1:43:75:58:40:
93:fe:b3:3c:de:5d:a4:a3:05:ce:e9:31:9e:68:a3:60:2c:89:
ce:ff:4e:a0:3c:d6:d1:da:72:c9:83:55:59:a2:5a:30:61:2b:
71:33:c5:43:b0:24:1b:08:21:06:20:1e:49:93:cd:10:fc:f8:
6f:be:59:f1:7c:86:2d:5a:3b:35:21:e4:7e:d3:ae:8b:6f:f5:
65:b6:36:d6:aa:ab:ed:84:64:c9:66:7a:be:46:19:31:e5:59:
bb:ff:ba:a3:f5:4f:cc:b3:0f:6a:ba:19:87:0d:7d:ab:25:5e:
6c:e7:e8:6d:0f:da:78:34:da:11:e7:73:a9:05:b6:bc:cb:1e:
25:60:13:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGrvrYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMB4XDTIyMDEw
MTAwNTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE3M2EyNjY2NTc5
ZGNjODMxOGZmZDA2NGMzMzZhNWRmM2YwNTc2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTFYSrOrzJwibCPV72qhVrOBJaEQ39cxPtAq+GR0psT1muK
dEweZZvX33jbZodRvpq4jPKapOujRNcJ/7vw0gEqVodDT45Hd6NB3eJVRU8/hmGE
HeA1/yTQcxnrs0r8wVi+tHfg4Gx/nbfyNO4QPVQIe3sUqkw/+ACkbOrC9RslLtrL
pMczrNSGKxtw9w1OMDf3cjbPVI1W/dQg9qIFT6gwbFI337Z2RgCxVt9d2eKjBA81
CQabftMVkE8wDkfUPt5cZ88L4o9FMchKqDs6TGBM/PgAexhHH6j2PstCVS/AqVlB
pxArBKCtl9JW1GtmJJlNbCIcbAgroMpcJVysDusCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxc6JmZXncyDGP/QZMM2pd8/BXYjAfBgNVHSMEGDAWgBRt2zizQ9otEZMJ
7aoZx6eIcDJ+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkczRzMFBhTFJHVENlMnFHY2VuaUhBeWZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvYzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8x
L2NYT2labVY1M01neGpfMEdURE5xWGZQd1YySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
Yzk2MWEwLTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJH
VENlMnFHY2VuaUhBeWZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJh8zANBgkqhkiG9w0BAQsFAAOC
AQEAYcs3P4xHcyFqHY/EWx31m58fj5fI7ywDwp2n6KRSg7Fx62mk4D/j8JBriOqR
71u7gn1FIVj+kWjLSinwt0HBb7f6BlZgdus0f+Y+6avWtrrsB1N3hjhsfCK16T0J
4+bbFiS1puR7fhp2NdQYRpmAQoGaiTr/Oaq4xPFDdVhAk/6zPN5dpKMFzukxnmij
YCyJzv9OoDzW0dpyyYNVWaJaMGErcTPFQ7AkGwghBiAeSZPNEPz4b75Z8XyGLVo7
NSHkftOui2/1ZbY21qqr7YRkyWZ6vkYZMeVZu/+6o/VPzLMParoZhw19qyVebOfo
bQ/aeDTaEedzqQW2vMseJWATbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org