Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/U_BEKNBbRtu9vQktRtTqMaB1bMU.roa
File: U_BEKNBbRtu9vQktRtTqMaB1bMU.roa (raw, json)
Hash identifier: R1OLqPRYbo2O0bUa8YTctifEY5JQOykYAfJog7H4dRA=
Subject key identifier: 53:F0:44:28:D0:5B:46:DB:BD:BD:09:2D:46:D4:EA:31:A0:75:6C:C5
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 04164F50
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/U_BEKNBbRtu9vQktRtTqMaB1bMU.roa
Signing time: Tue 01 Feb 2022 12:57:29 +0000
ROA not before: Tue 01 Feb 2022 12:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209588
IP address blocks: 45.129.136.0/24 maxlen: 24
147.78.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68570960 (0x4164f50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Feb 1 12:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53f04428d05b46dbbdbd092d46d4ea31a0756cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c1:bd:b1:ab:68:39:79:74:c1:02:36:ba:8f:
96:53:93:37:ca:5d:37:7b:bc:f1:94:a4:d2:d3:b4:
94:11:1a:ba:7e:84:e3:39:68:f1:1b:95:35:61:3f:
5d:81:46:fa:53:3f:6c:38:32:a1:5b:e2:16:9e:f9:
90:d5:a4:e3:0e:32:af:6e:a0:75:fa:77:36:c2:53:
a5:0b:4b:b2:8e:18:54:b7:13:d5:d3:d5:b7:fc:50:
9a:04:b3:03:dd:16:f7:e6:5f:55:53:98:58:97:91:
6f:98:7e:5c:9a:85:13:d4:23:17:31:e5:50:bd:96:
78:60:9b:80:43:ed:66:ce:65:45:4a:9b:be:16:2b:
9b:28:95:16:8b:62:3d:4f:d0:78:e3:35:6e:5d:e0:
3a:79:ae:ff:b2:41:8e:ef:53:9a:20:cc:5e:4a:a8:
d4:c6:08:f1:85:51:25:ea:47:6d:bc:6a:31:ca:48:
41:c0:fe:b9:07:f8:8e:10:3c:4f:2a:7d:d8:20:f4:
bc:f7:0c:bd:02:25:15:37:cb:99:19:e4:2e:ff:37:
1e:76:fa:7e:f2:62:06:5c:ac:ef:cf:24:9a:0b:91:
1c:b7:ae:d2:da:12:87:bd:25:24:ae:dd:a4:42:91:
7f:f4:7d:0a:dc:81:3a:2f:a3:4d:5d:e6:84:be:bd:
72:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F0:44:28:D0:5B:46:DB:BD:BD:09:2D:46:D4:EA:31:A0:75:6C:C5
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/U_BEKNBbRtu9vQktRtTqMaB1bMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.136.0/24
147.78.47.0/24
Signature Algorithm: sha256WithRSAEncryption
47:06:71:4b:98:7d:ac:0d:9d:94:62:9e:b1:29:42:34:39:c3:
81:3c:59:9f:84:82:3b:1c:36:9e:27:9f:51:1e:5d:df:c0:80:
a6:d9:02:32:1d:fd:a9:7e:4e:6d:eb:6b:70:5d:3d:17:2f:18:
40:d0:7f:11:e5:21:94:5b:88:a3:72:f4:b4:cc:ea:78:20:ac:
4b:16:f3:3d:0a:ac:2e:cc:6b:e4:e8:26:e4:bd:67:7e:1d:17:
f0:39:35:b4:60:86:60:57:61:2d:9c:59:c7:56:af:26:04:1d:
0a:1f:fa:f9:12:8b:1d:37:ef:01:92:91:e6:72:02:9d:70:db:
f9:b3:84:bf:2d:60:80:07:ca:23:59:26:96:8f:f9:05:87:30:
c0:d5:6f:3d:17:2d:4e:c1:91:87:80:f4:c1:f8:fc:da:15:48:
88:16:69:db:fe:6c:ad:d9:49:73:f0:5f:8c:aa:ad:1f:21:0a:
a6:2b:18:26:fb:16:bf:83:e4:97:bd:4b:81:24:22:42:f3:9e:
da:35:39:ee:34:fb:a9:95:05:fc:38:58:23:e8:76:b0:83:6b:
05:72:09:32:c4:03:95:46:7a:fe:71:80:07:96:00:68:4d:5d:
af:e1:99:69:4e:70:6a:04:b4:d5:9b:3b:43:dd:80:6d:1d:76:
18:33:bd:f6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBBZPUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDIw
MTEyNTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNmMDQ0MjhkMDVi
NDZkYmJkYmQwOTJkNDZkNGVhMzFhMDc1NmNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbBvbGraDl5dMECNrqPllOTN8pdN3u88ZSk0tO0lBEaun6E
4zlo8RuVNWE/XYFG+lM/bDgyoVviFp75kNWk4w4yr26gdfp3NsJTpQtLso4YVLcT
1dPVt/xQmgSzA90W9+ZfVVOYWJeRb5h+XJqFE9QjFzHlUL2WeGCbgEPtZs5lRUqb
vhYrmyiVFotiPU/QeOM1bl3gOnmu/7JBju9TmiDMXkqo1MYI8YVRJepHbbxqMcpI
QcD+uQf4jhA8Typ92CD0vPcMvQIlFTfLmRnkLv83Hnb6fvJiBlys788kmguRHLeu
0toSh70lJK7dpEKRf/R9CtyBOi+jTV3mhL69cokCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRT8EQo0FtG2729CS1G1OoxoHVsxTAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
L1VfQkVLTkJiUnR1OXZRa3RSdFRxTWFCMWJNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2BiAMEAJNOLzANBgkqhkiG9w0B
AQsFAAOCAQEARwZxS5h9rA2dlGKesSlCNDnDgTxZn4SCOxw2niefUR5d38CAptkC
Mh39qX5ObetrcF09Fy8YQNB/EeUhlFuIo3L0tMzqeCCsSxbzPQqsLsxr5Ogm5L1n
fh0X8Dk1tGCGYFdhLZxZx1avJgQdCh/6+RKLHTfvAZKR5nICnXDb+bOEvy1ggAfK
I1kmlo/5BYcwwNVvPRctTsGRh4D0wfj82hVIiBZp2/5srdlJc/BfjKqtHyEKpisY
JvsWv4Pkl71LgSQiQvOe2jU57jT7qZUF/DhYI+h2sINrBXIJMsQDlUZ6/nGAB5YA
aE1dr+GZaU5wagS01Zs7Q92AbR12GDO99g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:28 2023 by rpki-client on console-ams.rpki-client.org