Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/3UoCkqmcRGXObdLXj9ZqZUYnKv4.roa
File: 3UoCkqmcRGXObdLXj9ZqZUYnKv4.roa (raw, json)
Hash identifier: b7Ng/Gw7NwGl18eB5b/OqU5a9nzbreBirFpUc5G/3hs=
Subject key identifier: DD:4A:02:92:A9:9C:44:65:CE:6D:D2:D7:8F:D6:6A:65:46:27:2A:FE
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 091F8954
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/3UoCkqmcRGXObdLXj9ZqZUYnKv4.roa
Signing time: Sat 01 Jan 2022 14:02:19 +0000
ROA not before: Sat 01 Jan 2022 14:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2612
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153061716 (0x91f8954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 1 14:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd4a0292a99c4465ce6dd2d78fd66a6546272afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:34:5b:e7:a3:62:ad:cf:8b:3e:8a:d5:55:18:
25:58:db:7f:3e:e6:da:55:d6:e0:41:bf:7b:8b:ec:
15:03:9a:89:14:c1:b8:93:cf:91:61:fd:93:e8:75:
17:81:d9:b3:e4:14:e4:47:c3:39:c8:46:11:5b:5f:
a8:c9:92:b7:f5:ed:4e:a8:06:7a:fa:ba:94:29:f4:
92:91:8f:85:db:30:9c:0d:f1:03:64:65:64:3f:a8:
b9:bc:9a:b5:1d:09:b9:14:1f:97:dc:d4:a9:3e:59:
34:9c:ac:d8:1c:38:ed:d8:29:7e:77:10:d7:a7:57:
26:6d:f1:ce:fd:f3:28:a5:ef:30:34:67:86:84:73:
c0:f9:e1:59:db:7a:3f:62:27:69:81:01:48:2e:2f:
a8:fb:cc:ec:26:35:a0:4d:b0:42:2e:50:c8:b2:54:
d2:56:75:97:3d:4a:8d:d5:d8:bc:4c:95:bc:be:45:
fa:e4:a2:9b:cd:11:93:88:9e:5e:a6:23:7a:d1:d1:
f4:b9:47:5a:bd:f6:b1:5b:f4:d2:e3:73:69:37:69:
94:ef:34:ea:19:49:f9:77:ba:42:2a:b4:a7:c2:4e:
f8:47:23:08:09:14:85:f6:05:f8:5e:41:74:a8:b1:
96:45:2d:26:6f:34:0f:a3:cd:ec:a8:6d:c1:70:8c:
11:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4A:02:92:A9:9C:44:65:CE:6D:D2:D7:8F:D6:6A:65:46:27:2A:FE
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/3UoCkqmcRGXObdLXj9ZqZUYnKv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:15:2d:64:7c:1b:f0:d5:29:42:ff:41:c1:68:d4:28:f1:09:
c1:12:4f:c2:c7:dd:e8:12:24:f9:51:50:51:2f:c1:3b:6f:b6:
64:79:68:f9:b4:ba:59:c7:b5:92:85:3a:0c:0b:d3:a7:1f:62:
f1:ec:d6:3b:ce:5f:75:c6:c5:6d:f7:24:dc:7b:49:d9:4f:67:
47:ae:0d:63:4d:eb:16:e6:ca:a9:48:e7:b9:0b:c8:b3:87:97:
21:1a:a7:a2:c4:1f:35:f6:06:1b:9e:7f:2d:33:88:ef:90:74:
33:5d:25:ca:cf:b8:ec:c3:c2:42:13:68:0e:48:20:02:c7:2b:
6e:d6:a3:16:7c:4d:44:86:39:39:22:4d:0e:44:2f:3e:9a:09:
eb:fc:04:20:42:96:33:f5:50:38:58:39:0c:b3:f2:a5:6f:c1:
1b:85:80:06:eb:ce:a5:34:a5:2f:2d:a9:cc:99:03:55:5e:9d:
6f:ed:5a:b3:b4:2a:db:ff:23:22:6f:5d:da:45:6d:a3:d3:05:
f5:69:73:a3:2e:b9:4d:81:b9:93:f6:4b:c4:1a:93:cd:c0:60:
9b:db:81:06:06:9c:b0:8e:ed:b3:ea:a4:8e:82:fe:30:62:7d:
7c:08:9d:df:9b:c2:39:73:2a:4d:96:2e:00:0e:40:83:e1:7e:
36:a7:10:95
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECR+JVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWRjYzc3NmIyYmY1OTViZjRiM2U2MGJiYTQyNDVmMDEyMGEyMTc2MB4XDTIyMDEw
MTE0MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ0YTAyOTJhOTlj
NDQ2NWNlNmRkMmQ3OGZkNjZhNjU0NjI3MmFmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOU0W+ejYq3Piz6K1VUYJVjbfz7m2lXW4EG/e4vsFQOaiRTB
uJPPkWH9k+h1F4HZs+QU5EfDOchGEVtfqMmSt/XtTqgGevq6lCn0kpGPhdswnA3x
A2RlZD+oubyatR0JuRQfl9zUqT5ZNJys2Bw47dgpfncQ16dXJm3xzv3zKKXvMDRn
hoRzwPnhWdt6P2InaYEBSC4vqPvM7CY1oE2wQi5QyLJU0lZ1lz1KjdXYvEyVvL5F
+uSim80Rk4ieXqYjetHR9LlHWr32sVv00uNzaTdplO806hlJ+Xe6Qiq0p8JO+Ecj
CAkUhfYF+F5BdKixlkUtJm80D6PN7KhtwXCMEZECAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTdSgKSqZxEZc5t0teP1mplRicq/jAfBgNVHSMEGDAWgBR13Md2sr9ZW/Sz
5gu6QkXwEgohdjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RkekhkcktfV1Z2MHMtWUx1a0pGOEJJS0lYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvNTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8x
LzNVb0NrcW1jUkdYT2JkTFhqOVpxWlVZbkt2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
NTgxYzVkLWJjOWItNDBhNi1hNWE0LTY0NTQwMjA1ZWNmNC8xL2RkekhkcktfV1Z2
MHMtWUx1a0pGOEJJS0lYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0GCSqGSIb3DQEBCwUAA4IB
AQBrFS1kfBvw1SlC/0HBaNQo8QnBEk/Cx93oEiT5UVBRL8E7b7ZkeWj5tLpZx7WS
hToMC9OnH2Lx7NY7zl91xsVt9yTce0nZT2dHrg1jTesW5sqpSOe5C8izh5chGqei
xB819gYbnn8tM4jvkHQzXSXKz7jsw8JCE2gOSCACxytu1qMWfE1Ehjk5Ik0ORC8+
mgnr/AQgQpYz9VA4WDkMs/Klb8EbhYAG686lNKUvLanMmQNVXp1v7VqztCrb/yMi
b13aRW2j0wX1aXOjLrlNgbmT9kvEGpPNwGCb24EGBpywju2z6qSOgv4wYn18CJ3f
m8I5cypNli4ADkCD4X42pxCV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:02 2024 by rpki-client on console-fra.rpki-client.org