Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Ue-3bFFh6sixAEeZl2XSlJ28HEU.roa
File: Ue-3bFFh6sixAEeZl2XSlJ28HEU.roa (raw, json)
Hash identifier: Z3YtQf8z3MOl3IER91SeNojXJWLUF5lQK0bXx/wDr0M=
Subject key identifier: 51:EF:B7:6C:51:61:EA:C8:B1:00:47:99:97:65:D2:94:9D:BC:1C:45
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018A3119F6942A5AAAC98921F43F331E2750
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Ue-3bFFh6sixAEeZl2XSlJ28HEU.roa
Signing time: Sat 26 Aug 2023 09:08:19 +0000
ROA not before: Sat 26 Aug 2023 09:08:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31732
IP address blocks: 5.34.216.0/21 maxlen: 21
188.209.155.0/24 maxlen: 24
185.151.236.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:19:f6:94:2a:5a:aa:c9:89:21:f4:3f:33:1e:27:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 26 09:08:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51efb76c5161eac8b10047999765d2949dbc1c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:69:7a:c7:d5:8c:ba:0b:85:35:80:0b:f6:4a:
a4:0b:a5:29:cf:21:16:3c:b0:7b:0a:15:7c:ec:75:
9d:b2:40:ac:03:ce:97:bc:57:a1:99:a3:25:0e:06:
67:78:ba:b9:f1:0d:c2:d8:04:35:3b:ed:10:17:3a:
9e:fa:cf:2e:ec:b0:98:dc:62:90:6b:73:9a:7d:e8:
37:df:0b:5a:cd:80:d7:91:e5:91:a9:cf:1d:ce:17:
a8:91:4d:8d:8a:6f:4f:7d:cb:a3:1c:9d:d9:83:59:
7a:21:a6:e9:a6:7c:27:68:9f:f2:08:ac:4e:4f:e9:
1f:a2:6a:85:00:c3:85:c3:11:64:95:99:20:e5:53:
82:23:88:19:c5:66:43:87:d3:1c:b2:a4:5c:ea:09:
4a:af:32:c9:b8:c0:64:9d:71:0c:cc:8e:12:ba:d2:
e3:b6:93:a6:6a:a3:19:ac:e6:da:c8:b9:c1:56:8a:
55:2c:8e:b1:f0:14:25:c6:cf:bb:e2:5b:95:ae:0e:
f0:60:e2:b6:fd:7f:c5:47:ad:93:04:2c:42:d3:a7:
90:f8:54:1a:96:5b:36:35:af:00:b8:df:15:23:21:
22:65:91:38:d2:40:17:13:7f:be:bd:f7:f5:5f:a5:
50:04:6a:fc:21:a9:6c:36:8a:f7:7c:cc:ec:09:71:
4c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EF:B7:6C:51:61:EA:C8:B1:00:47:99:97:65:D2:94:9D:BC:1C:45
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Ue-3bFFh6sixAEeZl2XSlJ28HEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
185.151.236.0/22
188.209.155.0/24
188.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
11:a7:b7:0e:8b:54:00:10:67:ea:73:8d:9b:35:4d:10:c7:5b:
e5:ef:1c:de:ac:e9:ab:3f:5a:72:46:71:70:56:f5:c8:b1:89:
ee:67:17:95:36:a6:7c:27:95:70:51:d5:da:f2:19:7a:ea:86:
f8:68:ab:aa:36:38:73:9f:de:c2:0d:a0:39:2c:fa:d9:1f:01:
90:5d:86:75:d2:52:82:88:5c:4a:8c:47:17:8f:69:f7:38:84:
04:9b:28:d5:10:24:d0:56:9d:f3:e5:a0:0f:a4:c4:b9:3c:b5:
45:0c:78:b1:5c:6d:55:0a:41:7e:c6:1d:3e:6a:1e:20:f0:92:
e3:f1:02:4f:a3:4d:6e:76:4d:df:fb:ea:8a:50:55:79:cc:4c:
72:55:5e:b4:dc:47:c1:5e:aa:30:87:56:8e:5b:fd:4f:3d:2d:
cc:e9:b2:8d:54:f0:ea:7f:92:64:e9:ab:97:3a:67:54:ad:62:
c2:e6:18:ce:67:3f:35:86:65:78:7c:79:7e:fe:68:b8:12:ec:
17:4b:98:51:57:9d:a7:f7:14:fc:55:42:7e:1a:0c:fc:c6:3a:
d7:e0:8c:42:70:b8:13:64:8d:5c:32:f2:0a:50:d8:cb:b9:b9:
83:3f:7a:73:d9:bf:ee:52:9b:5d:3f:43:1c:d9:ba:25:ce:58:
ec:02:a6:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoxGfaUKlqqyYkh9D8zHidQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODI2MDkwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWVmYjc2YzUxNjFlYWM4YjEwMDQ3OTk5NzY1ZDI5NDlkYmMxYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2l6x9WMuguFNYAL9kqkC6UpzyEW
PLB7ChV87HWdskCsA86XvFehmaMlDgZneLq58Q3C2AQ1O+0QFzqe+s8u7LCY3GKQ
a3Oafeg33wtazYDXkeWRqc8dzheokU2Nim9PfcujHJ3Zg1l6IabppnwnaJ/yCKxO
T+kfomqFAMOFwxFklZkg5VOCI4gZxWZDh9McsqRc6glKrzLJuMBknXEMzI4SutLj
tpOmaqMZrObayLnBVopVLI6x8BQlxs+74luVrg7wYOK2/X/FR62TBCxC06eQ+FQa
lls2Na8AuN8VIyEiZZE40kAXE3++vff1X6VQBGr8IalsNor3fMzsCXFMtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFHvt2xRYerIsQBHmZdl0pSdvBxFMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVWUtM2JGRmg2c2l4QUVlWmwyWFNsSjI4SEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSLYAwQC
uZfsAwQAvNGbAwQDvP0IMA0GCSqGSIb3DQEBCwUAA4IBAQARp7cOi1QAEGfqc42b
NU0Qx1vl7xzerOmrP1pyRnFwVvXIsYnuZxeVNqZ8J5VwUdXa8hl66ob4aKuqNjhz
n97CDaA5LPrZHwGQXYZ10lKCiFxKjEcXj2n3OIQEmyjVECTQVp3z5aAPpMS5PLVF
DHixXG1VCkF+xh0+ah4g8JLj8QJPo01udk3f++qKUFV5zExyVV603EfBXqowh1aO
W/1PPS3M6bKNVPDqf5Jk6auXOmdUrWLC5hjOZz81hmV4fHl+/mi4EuwXS5hRV52n
9xT8VUJ+Ggz8xjrX4IxCcLgTZI1cMvIKUNjLubmDP3pz2b/uUptdP0Mc2bolzljs
AqYF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org