Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/BIUeryZhahi20I1q_jD2ve1TWag.roa
File: BIUeryZhahi20I1q_jD2ve1TWag.roa (raw, json)
Hash identifier: j8DuIubtngIEvzw8P9qxIRPdD2ivTTd7sHf8vw8sCCo=
Subject key identifier: 04:85:1E:AF:26:61:6A:18:B6:D0:8D:6A:FE:30:F6:BD:ED:53:59:A8
Certificate issuer: /CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Certificate serial: 01860849355FC17A4FBFC3274D8A4DA3B914
Authority key identifier: 55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/BIUeryZhahi20I1q_jD2ve1TWag.roa
Signing time: Tue 31 Jan 2023 14:44:20 +0000
ROA not before: Tue 31 Jan 2023 14:44:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49188
IP address blocks: 95.169.197.0/24 maxlen: 24
95.169.198.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:49:35:5f:c1:7a:4f:bf:c3:27:4d:8a:4d:a3:b9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Validity
Not Before: Jan 31 14:44:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04851eaf26616a18b6d08d6afe30f6bded5359a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b9:74:27:51:ae:12:11:8a:bf:7b:11:77:4d:
c9:65:b3:a2:7d:9b:99:36:42:85:51:2d:89:ec:8b:
a2:bd:96:cf:a3:d8:1f:af:a3:2b:05:51:84:31:1c:
a3:1f:4b:8c:8c:34:a4:3a:27:60:20:5b:2a:bd:21:
68:5c:39:54:39:7b:96:c6:78:6c:5b:ec:47:0a:fb:
54:e2:18:b6:37:c4:b7:8a:13:0d:22:17:f5:7b:57:
7e:9b:e1:3c:4d:dd:e4:43:58:58:e8:f7:b1:67:dc:
24:ce:a6:7c:d8:40:ec:46:d1:0b:42:bd:cd:41:56:
95:6a:ea:30:ee:c7:4b:f5:40:7b:09:06:24:fc:0f:
23:b9:be:13:ff:37:88:6d:80:d3:88:aa:11:bc:39:
2c:da:db:c7:c9:7c:0d:03:dc:d1:b0:97:41:f5:29:
78:13:5f:0b:67:a2:5f:68:34:f7:d7:65:55:7b:23:
b2:d1:9b:42:75:58:3c:f4:06:71:00:09:6e:6f:08:
a3:57:d2:dc:5d:f8:af:d2:e0:09:9d:1f:17:48:a3:
5b:c6:53:4d:9e:c6:8b:48:2e:48:9d:38:ab:92:71:
39:9b:6a:d7:0d:d1:8d:7f:91:8c:88:2d:4e:fd:c5:
2f:36:71:16:3c:60:3d:3c:1a:65:68:22:30:c6:03:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:85:1E:AF:26:61:6A:18:B6:D0:8D:6A:FE:30:F6:BD:ED:53:59:A8
X509v3 Authority Key Identifier:
keyid:55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/BIUeryZhahi20I1q_jD2ve1TWag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VXsKwQuGQqJ909dO1ste4EXme5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.197.0-95.169.198.255
95.169.204.0/24
Signature Algorithm: sha256WithRSAEncryption
63:dd:0e:12:97:6d:90:fd:71:52:32:75:0c:c7:b1:7e:2d:5f:
fa:22:99:44:f9:ae:90:b8:85:ff:38:ef:88:94:24:c6:dd:78:
c9:47:76:47:8a:e4:68:b5:a6:20:c9:63:d8:be:13:5d:ef:52:
c8:db:26:6a:d8:26:b3:74:3c:d8:ed:2c:11:dd:63:a8:f9:d5:
c2:5c:ed:d9:0a:c3:1a:37:bc:14:69:95:9a:eb:1f:59:90:2d:
f0:b5:ba:3a:06:fc:38:f3:3e:f3:37:ab:5b:b5:86:ac:7d:a4:
8d:c0:cd:11:de:09:6c:c0:cd:61:be:3f:4b:4e:df:7f:96:b8:
53:6e:b4:91:10:e2:7b:fc:49:02:e6:4c:a0:65:66:c2:0b:0d:
7a:1b:d8:14:c8:aa:a2:43:99:9c:19:26:f4:2e:1b:08:25:78:
05:4f:5a:f4:25:9f:8f:0d:19:aa:75:94:75:5d:e7:27:8e:ff:
1c:3c:0d:41:74:f3:27:b0:27:85:12:e8:0a:88:a3:ae:62:70:
a8:ae:75:5d:cd:ab:86:1f:d5:62:78:cd:ca:96:b5:9a:1f:83:
81:de:c3:61:78:bd:07:70:ac:48:57:5b:21:cd:fd:54:fa:09:
d8:1a:54:11:1f:45:a2:e5:47:c0:b6:3b:30:a9:b2:4a:00:08:
5c:ef:97:8c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYYISTVfwXpPv8MnTYpNo7kUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2IwYWMxMGI4NjQyYTI3ZGQzZDc0ZWQ2Y2I1ZWUwNDVl
NjdiOTcwHhcNMjMwMTMxMTQ0NDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg1MWVhZjI2NjE2YTE4YjZkMDhkNmFmZTMwZjZiZGVkNTM1OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLl0J1GuEhGKv3sRd03JZbOifZuZ
NkKFUS2J7IuivZbPo9gfr6MrBVGEMRyjH0uMjDSkOidgIFsqvSFoXDlUOXuWxnhs
W+xHCvtU4hi2N8S3ihMNIhf1e1d+m+E8Td3kQ1hY6PexZ9wkzqZ82EDsRtELQr3N
QVaVauow7sdL9UB7CQYk/A8jub4T/zeIbYDTiKoRvDks2tvHyXwNA9zRsJdB9Sl4
E18LZ6JfaDT312VVeyOy0ZtCdVg89AZxAAlubwijV9LcXfiv0uAJnR8XSKNbxlNN
nsaLSC5InTirknE5m2rXDdGNf5GMiC1O/cUvNnEWPGA9PBplaCIwxgO2BwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFASFHq8mYWoYttCNav4w9r3tU1moMB8GA1UdIwQY
MBaAFFV7CsELhkKifdPXTtbLXuBF5nuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYt
ZmJlMWEwZDBhYTk4LzEvQklVZXJ5WmhhaGkyMEkxcV9qRDJ2ZTFUV2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYtZmJlMWEwZDBhYTk4
LzEvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABfqcUD
BABfqcYDBABfqcwwDQYJKoZIhvcNAQELBQADggEBAGPdDhKXbZD9cVIydQzHsX4t
X/oimUT5rpC4hf8474iUJMbdeMlHdkeK5Gi1piDJY9i+E13vUsjbJmrYJrN0PNjt
LBHdY6j51cJc7dkKwxo3vBRplZrrH1mQLfC1ujoG/DjzPvM3q1u1hqx9pI3AzRHe
CWzAzWG+P0tO33+WuFNutJEQ4nv8SQLmTKBlZsILDXob2BTIqqJDmZwZJvQuGwgl
eAVPWvQln48NGap1lHVd5yeO/xw8DUF08yewJ4US6AqIo65icKiudV3Nq4Yf1WJ4
zcqWtZofg4Hew2F4vQdwrEhXWyHN/VT6CdgaVBEfRaLlR8C2OzCpskoACFzvl4w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org