Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UHcRY9nFFi9e_1Xja3VaAu3kKq0.roa
File: UHcRY9nFFi9e_1Xja3VaAu3kKq0.roa (raw, json)
Hash identifier: /IEMBasWvWTaxt0P77sWtu3kDkpfqZmXwRMDnMd/pqs=
Subject key identifier: 50:77:11:63:D9:C5:16:2F:5E:FF:55:E3:6B:75:5A:02:ED:E4:2A:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E80CFC4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UHcRY9nFFi9e_1Xja3VaAu3kKq0.roa
Signing time: Wed 18 May 2022 07:08:17 +0000
ROA not before: Wed 18 May 2022 07:08:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
109.206.238.0/24 maxlen: 24
84.21.172.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 511758276 (0x1e80cfc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 18 07:08:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50771163d9c5162f5eff55e36b755a02ede42aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c2:53:d2:e2:7e:fd:92:a0:cd:03:f3:b7:e0:
f6:f1:c8:70:ee:5d:d6:ee:a7:2f:49:b3:bb:41:94:
3b:6b:cd:94:a1:c6:ad:b3:a0:75:c0:46:fe:4e:d6:
ea:fa:a9:1d:ba:e9:48:71:5a:77:8c:33:06:d0:4e:
d5:dc:3f:bb:86:7a:10:1a:7d:6b:79:d6:68:1d:db:
c4:c6:61:ee:75:c8:73:00:5f:ac:4b:cb:4b:23:0d:
5f:da:51:da:68:94:1a:84:d8:53:b9:76:fa:7d:64:
1e:47:fe:f0:69:d0:4a:dc:6c:27:5e:85:80:11:6c:
9d:80:23:56:9f:42:3b:c8:40:05:f3:2d:5a:c9:d7:
f0:5f:7d:d7:31:51:f1:cd:83:22:c6:02:6d:70:1d:
71:23:0f:bf:6d:e3:f9:c0:2e:17:0e:e1:8e:fe:2d:
4f:bc:16:7c:62:ae:74:3d:c3:a2:1b:77:8a:66:2e:
53:ec:17:f6:e7:42:ba:b2:fc:e6:ea:82:f0:20:c2:
02:6c:25:18:45:0b:57:96:81:77:17:af:1a:47:75:
31:5b:ab:f0:8a:b3:5c:c7:00:50:61:60:e4:24:86:
51:d9:73:ab:ca:d5:22:d9:e5:82:7e:1a:88:42:d6:
7d:0c:e4:1c:ea:23:0e:5b:4e:ba:95:b0:7e:4c:97:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:77:11:63:D9:C5:16:2F:5E:FF:55:E3:6B:75:5A:02:ED:E4:2A:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UHcRY9nFFi9e_1Xja3VaAu3kKq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.172.0/23
87.121.122.0-87.121.125.255
109.206.238.0/24
185.207.12.0/24
Signature Algorithm: sha256WithRSAEncryption
01:52:55:c4:d2:59:fa:ff:49:43:6c:b3:a3:c2:64:a1:97:4d:
c7:fa:65:e1:91:87:2e:07:84:f6:78:22:e6:f6:17:fc:d9:b6:
8b:a2:5f:f5:de:f0:33:9e:e4:a3:41:b8:fd:76:41:6e:ef:08:
1e:cd:4d:88:49:e9:0e:92:7a:c1:73:4c:4e:8f:6f:58:d9:f7:
9b:49:71:a4:d0:b9:d1:6f:9e:16:04:f1:5f:51:22:99:0e:99:
ac:da:26:12:ca:94:bb:77:87:55:04:54:22:58:cc:35:e9:c2:
ab:33:75:f6:df:e4:1d:dd:a8:94:c3:57:c2:1b:9f:b5:21:21:
be:70:4e:f0:74:f2:08:82:3e:0a:5a:3f:ec:3b:05:36:83:27:
ad:da:23:ca:9c:4f:54:3b:21:41:c1:34:71:15:40:3c:2a:a2:
6a:ef:66:03:a2:f8:8b:73:f2:3c:66:d4:2d:74:89:77:2e:bc:
d4:d6:e3:24:a4:e2:aa:f7:41:dd:a5:3e:17:34:e7:6e:1b:a7:
84:2b:91:97:ad:e9:e0:37:1f:db:be:f2:07:c1:24:0b:93:11:
c7:30:5c:c8:f2:1a:55:89:28:90:5f:21:b2:a5:bd:aa:bd:05:
de:e2:a1:75:3a:fc:d7:13:fe:7a:0b:09:e7:5b:54:31:4e:83:
c8:06:ba:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHoDPxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
ODA3MDgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA3NzExNjNkOWM1
MTYyZjVlZmY1NWUzNmI3NTVhMDJlZGU0MmFhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfCU9Lifv2SoM0D87fg9vHIcO5d1u6nL0mzu0GUO2vNlKHG
rbOgdcBG/k7W6vqpHbrpSHFad4wzBtBO1dw/u4Z6EBp9a3nWaB3bxMZh7nXIcwBf
rEvLSyMNX9pR2miUGoTYU7l2+n1kHkf+8GnQStxsJ16FgBFsnYAjVp9CO8hABfMt
WsnX8F991zFR8c2DIsYCbXAdcSMPv23j+cAuFw7hjv4tT7wWfGKudD3Doht3imYu
U+wX9udCurL85uqC8CDCAmwlGEULV5aBdxevGkd1MVur8IqzXMcAUGFg5CSGUdlz
q8rVItnlgn4aiELWfQzkHOojDltOupWwfkyXKiECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRQdxFj2cUWL17/VeNrdVoC7eQqrTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1VIY1JZOW5GRmk5ZV8xWGphM1ZhQXUza0txMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAVQVrDAMAwQBV3l6AwQBV3l8AwQA
bc7uAwQAuc8MMA0GCSqGSIb3DQEBCwUAA4IBAQABUlXE0ln6/0lDbLOjwmShl03H
+mXhkYcuB4T2eCLm9hf82baLol/13vAznuSjQbj9dkFu7wgezU2ISekOknrBc0xO
j29Y2febSXGk0LnRb54WBPFfUSKZDpms2iYSypS7d4dVBFQiWMw16cKrM3X23+Qd
3aiUw1fCG5+1ISG+cE7wdPIIgj4KWj/sOwU2gyet2iPKnE9UOyFBwTRxFUA8KqJq
72YDoviLc/I8ZtQtdIl3LrzU1uMkpOKq90HdpT4XNOduG6eEK5GXrengNx/bvvIH
wSQLkxHHMFzI8hpViSiQXyGypb2qvQXe4qF1OvzXE/56CwnnW1QxToPIBrra
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org