Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ujKMHNvc2ajUfef779RfeXR-2vc.roa
File: ujKMHNvc2ajUfef779RfeXR-2vc.roa (raw, json)
Hash identifier: A7142gIgJ6q0KxGrEJLIoRJo/G403tHV3qvcBN5V6co=
Subject key identifier: BA:32:8C:1C:DB:DC:D9:A8:D4:7D:E7:FB:EF:D4:5F:79:74:7E:DA:F7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A5D776F499B5DE6B8EE9B278378C3C7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ujKMHNvc2ajUfef779RfeXR-2vc.roa
Signing time: Mon 26 Sep 2022 15:14:49 +0000
ROA not before: Mon 26 Sep 2022 15:14:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49006
IP address blocks: 85.159.117.0/24 maxlen: 24
45.10.12.0/22 maxlen: 22
91.214.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:5d:77:6f:49:9b:5d:e6:b8:ee:9b:27:83:78:c3:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 15:14:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba328c1cdbdcd9a8d47de7fbefd45f79747edaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:89:61:ec:1b:46:26:cb:61:bb:b4:71:c4:
43:6d:07:5f:00:26:31:91:9b:ac:b2:48:52:11:dc:
72:75:5f:3c:16:c2:0d:97:8d:c3:59:e0:76:99:81:
60:7d:86:48:b5:e6:a1:ef:7b:e7:41:ca:70:c4:09:
9d:6f:89:62:21:84:d7:06:3f:34:a2:05:3e:5f:f4:
0b:32:57:b8:6f:dc:91:09:77:ca:ac:90:72:b0:91:
b7:0c:c9:6f:3a:d3:d0:46:a2:b9:c9:92:0a:bb:5f:
f5:02:7b:6b:1f:32:7b:47:27:cb:f6:a7:86:3d:7f:
f7:35:2f:9f:41:96:a8:07:5c:d4:b7:7a:86:7e:fb:
6a:59:44:50:1b:b7:2e:12:07:72:4e:96:2e:72:08:
26:76:e2:91:79:55:b6:16:ab:7d:36:a4:52:c9:26:
68:a8:5d:04:f2:39:38:58:13:d1:7f:86:9a:41:fa:
90:53:fa:ce:bb:9f:9c:9e:5b:5c:87:33:ba:6c:21:
ec:ee:ba:28:0d:ee:37:d2:24:72:ce:0e:7d:4e:a3:
7d:39:ba:31:57:5f:58:ef:0f:32:fe:20:55:e4:af:
2d:46:1f:e8:2d:65:01:35:56:8b:41:2c:e3:88:ff:
92:8f:ab:85:e1:3b:5c:2c:74:30:96:e5:f1:02:74:
c5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:32:8C:1C:DB:DC:D9:A8:D4:7D:E7:FB:EF:D4:5F:79:74:7E:DA:F7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ujKMHNvc2ajUfef779RfeXR-2vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.12.0/22
85.159.117.0/24
91.214.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:c7:70:db:74:76:3e:b4:c2:84:5e:09:9c:75:32:99:4b:a5:
91:4d:67:ba:d8:f0:74:f2:1f:5c:9f:56:8e:82:77:49:d7:e7:
48:2c:79:84:64:11:64:c1:5c:70:33:24:ea:ae:74:83:c8:89:
37:42:33:6f:cc:f8:3e:cc:85:e2:ce:8f:1e:cb:2d:80:5d:0d:
d0:2c:96:f3:26:e5:65:8a:79:05:1f:2b:69:6c:ee:b6:54:8e:
48:f7:30:c3:0f:51:fa:4c:61:07:1a:59:13:c8:0b:81:b3:03:
3d:ee:b1:3c:bd:e8:a8:ea:2d:12:10:92:eb:02:fc:c4:69:f3:
2c:bb:aa:5a:7c:a5:22:b8:ea:0b:b3:eb:7e:01:cf:5b:38:3c:
89:b0:f3:cf:e3:80:df:51:aa:87:da:22:79:c6:9b:55:d3:42:
f9:04:f6:84:ba:61:06:f3:d4:c1:eb:cb:35:72:14:9d:92:0e:
a6:98:46:f1:61:b5:c3:07:fb:67:9d:2c:fc:d0:d5:a1:21:ad:
ef:ea:09:09:1e:b4:f8:72:fa:c6:9b:64:e4:f5:46:96:8b:77:
27:c4:cb:a3:ac:9b:a3:45:5d:eb:cc:4a:bc:3f:46:4e:c7:c4:
d8:2d:d8:1a:19:38:53:5c:2a:18:5e:0e:48:05:5b:7e:ac:85:
26:cf:c0:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN6XXdvSZtd5rjumyeDeMPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTUxNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTMyOGMxY2RiZGNkOWE4ZDQ3ZGU3ZmJlZmQ0NWY3OTc0N2VkYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxGJYewbRibLYbu0ccRDbQdfACYx
kZusskhSEdxydV88FsINl43DWeB2mYFgfYZIteah73vnQcpwxAmdb4liIYTXBj80
ogU+X/QLMle4b9yRCXfKrJBysJG3DMlvOtPQRqK5yZIKu1/1AntrHzJ7RyfL9qeG
PX/3NS+fQZaoB1zUt3qGfvtqWURQG7cuEgdyTpYucggmduKReVW2Fqt9NqRSySZo
qF0E8jk4WBPRf4aaQfqQU/rOu5+cnltchzO6bCHs7rooDe430iRyzg59TqN9Obox
V19Y7w8y/iBV5K8tRh/oLWUBNVaLQSzjiP+Sj6uF4TtcLHQwluXxAnTF8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLoyjBzb3Nmo1H3n++/UX3l0ftr3MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdWpLTUhOdmMyYWpVZmVmNzc5UmZlWFItMnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQoMAwQA
VZ91AwQCW9bIMA0GCSqGSIb3DQEBCwUAA4IBAQA8x3DbdHY+tMKEXgmcdTKZS6WR
TWe62PB08h9cn1aOgndJ1+dILHmEZBFkwVxwMyTqrnSDyIk3QjNvzPg+zIXizo8e
yy2AXQ3QLJbzJuVlinkFHytpbO62VI5I9zDDD1H6TGEHGlkTyAuBswM97rE8veio
6i0SEJLrAvzEafMsu6pafKUiuOoLs+t+Ac9bODyJsPPP44DfUaqH2iJ5xptV00L5
BPaEumEG89TB68s1chSdkg6mmEbxYbXDB/tnnSz80NWhIa3v6gkJHrT4cvrGm2Tk
9UaWi3cnxMujrJujRV3rzEq8P0ZOx8TYLdgaGThTXCoYXg5IBVt+rIUmz8BG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org