Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/UGC7ZDvQfpWFhuYTa-1sTvq7bjc.roa
File: UGC7ZDvQfpWFhuYTa-1sTvq7bjc.roa (raw, json)
Hash identifier: oaMMkVgfkv0tXceot+Qh3ojdeI1Dm8FXlfYRBnKdRmc=
Subject key identifier: 50:60:BB:64:3B:D0:7E:95:85:86:E6:13:6B:ED:6C:4E:FA:BB:6E:37
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 018C4022D9A6C9AC1B97ED5A6CDABDF8859C
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/UGC7ZDvQfpWFhuYTa-1sTvq7bjc.roa
Signing time: Wed 06 Dec 2023 17:17:54 +0000
ROA not before: Wed 06 Dec 2023 17:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/19 maxlen: 19
83.172.128.0/18 maxlen: 22
83.172.160.0/21 maxlen: 21
83.172.168.0/22 maxlen: 22
83.172.180.0/22 maxlen: 22
83.172.184.0/21 maxlen: 21
2a02:cec0::/30 maxlen: 30
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:22:d9:a6:c9:ac:1b:97:ed:5a:6c:da:bd:f8:85:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Dec 6 17:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5060bb643bd07e958586e6136bed6c4efabb6e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:2b:0c:2d:da:25:b8:e1:ff:ac:05:a4:58:
62:93:b1:cd:24:3f:90:94:8a:c8:3f:38:7a:c3:ce:
63:4d:ef:76:27:ee:33:ee:8f:1e:77:58:d1:32:58:
91:23:31:45:e0:04:68:68:8e:da:64:5c:d4:cb:b1:
5f:aa:3c:e5:60:e7:94:52:1c:de:2c:32:b7:3e:4b:
ce:0d:2d:09:64:10:9d:d6:aa:ea:41:86:84:42:17:
79:0e:f7:bf:3d:3d:f7:3e:9d:82:16:76:d3:42:b1:
77:66:e4:40:15:ed:1d:77:61:11:ad:01:dd:8d:46:
d3:e7:9e:1c:df:c8:1f:24:17:b5:84:3f:ca:d9:32:
bf:fe:44:e9:79:4e:5f:a1:b3:6e:73:28:99:bf:bf:
d3:61:fc:e9:34:72:26:e8:71:3a:d4:20:ad:f3:af:
3f:f2:e3:6c:48:e9:2c:fe:a2:a4:76:54:a1:f7:0d:
7e:03:11:4d:6e:ea:66:1c:68:5a:dd:ed:93:2b:a4:
ba:32:61:3e:5b:1a:34:54:05:f5:f2:29:99:a3:19:
49:7f:38:9b:ef:84:1b:26:77:05:15:16:f0:fd:cb:
d5:a5:e1:c9:33:37:96:fb:85:7f:78:58:4b:ec:e5:
78:16:31:2d:68:98:53:b1:de:0d:4d:3c:0c:a4:0a:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:60:BB:64:3B:D0:7E:95:85:86:E6:13:6B:ED:6C:4E:FA:BB:6E:37
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/UGC7ZDvQfpWFhuYTa-1sTvq7bjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0/18
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
8d:d2:8f:4a:d6:38:b1:28:4d:c5:8f:ef:f9:fd:6a:33:a4:be:
bd:80:d4:76:81:fb:b1:87:0e:09:69:8e:15:cf:d5:c8:27:8a:
8a:7d:3f:36:58:2f:75:8f:6c:b2:e4:52:0d:df:bd:48:a6:16:
af:ab:c4:6d:67:e2:06:41:b3:2e:67:03:10:0c:83:52:f7:23:
8f:63:83:c4:ae:f8:a2:96:7f:5b:9a:d0:00:e0:20:8b:2f:81:
74:41:61:15:fd:46:9d:59:01:8b:58:81:ad:0c:a7:e2:fb:64:
32:cf:b7:22:bb:cb:9a:f4:18:b9:2c:37:76:c0:33:2f:66:34:
90:51:c5:1f:4c:3c:6a:14:f4:72:01:bf:04:91:e7:37:2d:09:
a7:9a:75:b4:c2:81:23:19:6f:85:5b:fe:9f:52:a6:c5:55:b1:
c2:c4:80:b5:e1:50:52:3c:e0:71:14:26:9a:2f:6b:a8:7c:5d:
9e:54:53:d0:d1:60:6d:5b:16:a5:4f:5a:f6:d3:60:8d:04:72:
c0:54:04:8e:2a:e7:6b:e2:9b:23:65:d6:f0:bb:06:66:c6:ee:
54:32:ee:81:5a:65:9f:92:e6:a6:68:d5:e7:44:b0:23:b1:9d:
61:26:e5:92:5f:9a:f8:d8:a6:d4:60:c8:0a:95:25:51:bb:ec:
f0:99:6a:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxAItmmyawbl+1abNq9+IWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjMxMjA2MTcxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDYwYmI2NDNiZDA3ZTk1ODU4NmU2MTM2YmVkNmM0ZWZhYmI2ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqagrDC3aJbjh/6wFpFhik7HNJD+Q
lIrIPzh6w85jTe92J+4z7o8ed1jRMliRIzFF4ARoaI7aZFzUy7FfqjzlYOeUUhze
LDK3PkvODS0JZBCd1qrqQYaEQhd5Dve/PT33Pp2CFnbTQrF3ZuRAFe0dd2ERrQHd
jUbT554c38gfJBe1hD/K2TK//kTpeU5fobNucyiZv7/TYfzpNHIm6HE61CCt868/
8uNsSOks/qKkdlSh9w1+AxFNbupmHGha3e2TK6S6MmE+Wxo0VAX18imZoxlJfzib
74QbJncFFRbw/cvVpeHJMzeW+4V/eFhL7OV4FjEtaJhTsd4NTTwMpAospQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFBgu2Q70H6VhYbmE2vtbE76u243MB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvVUdDN1pEdlFmcFdGaHVZVGEtMXNUdnE3YmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGU6yAMA0E
AgACMAcDBQIqAs7AMA0GCSqGSIb3DQEBCwUAA4IBAQCN0o9K1jixKE3Fj+/5/Woz
pL69gNR2gfuxhw4JaY4Vz9XIJ4qKfT82WC91j2yy5FIN371Iphavq8RtZ+IGQbMu
ZwMQDINS9yOPY4PErviiln9bmtAA4CCLL4F0QWEV/UadWQGLWIGtDKfi+2Qyz7ci
u8ua9Bi5LDd2wDMvZjSQUcUfTDxqFPRyAb8Ekec3LQmnmnW0woEjGW+FW/6fUqbF
VbHCxIC14VBSPOBxFCaaL2uofF2eVFPQ0WBtWxalT1r202CNBHLAVASOKudr4psj
ZdbwuwZmxu5UMu6BWmWfkuamaNXnRLAjsZ1hJuWSX5r42KbUYMgKlSVRu+zwmWr8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:23 2024 by rpki-client on console-fra.rpki-client.org