Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uMiecAiEETloiGBVot91TroADcc.roa
File: uMiecAiEETloiGBVot91TroADcc.roa (raw, json)
Hash identifier: ClWz+eD9vAM8RRyRUf+WHQS3FV8ggMwdooJVK6Jo5oM=
Subject key identifier: B8:C8:9E:70:08:84:11:39:68:88:60:55:A2:DF:75:4E:BA:00:0D:C7
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0187F9C0A8661DE5B090754377A27422E048
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uMiecAiEETloiGBVot91TroADcc.roa
Signing time: Mon 08 May 2023 05:06:05 +0000
ROA not before: Mon 08 May 2023 05:06:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.96.0/24 maxlen: 24
94.131.98.0/24 maxlen: 24
94.131.97.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.103.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
94.131.116.0/24 maxlen: 24
94.131.114.0/24 maxlen: 24
95.164.84.0/22 maxlen: 24
95.164.8.0/22 maxlen: 24
95.164.16.0/22 maxlen: 24
95.164.44.0/22 maxlen: 24
94.131.2.0/24 maxlen: 24
94.131.3.0/24 maxlen: 24
94.131.8.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f9:c0:a8:66:1d:e5:b0:90:75:43:77:a2:74:22:e0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: May 8 05:06:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8c89e700884113968886055a2df754eba000dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:84:e6:28:e2:87:73:ae:a0:a9:56:c3:28:
52:f0:60:31:26:f6:32:51:1e:b2:29:54:06:db:87:
2e:6e:6d:a1:ae:b4:c6:da:44:03:26:cb:c0:d6:96:
46:80:35:2d:97:92:5f:ff:d3:86:b1:d2:b2:a4:d6:
6e:28:20:17:55:aa:45:64:c7:87:53:bd:cb:30:ef:
47:c1:a4:86:d5:d1:25:ac:ec:93:ec:09:3f:2a:68:
f6:1f:e8:d9:61:58:e1:b6:18:a7:8f:0d:87:63:8c:
6a:ca:30:c3:07:cb:61:8a:c0:d6:fa:48:d5:46:92:
b9:c6:d6:a7:26:05:c4:ff:0d:5d:f0:62:b5:31:3d:
63:e0:d3:6a:11:29:ba:76:fd:57:48:66:29:67:9e:
fa:60:97:61:02:a1:4d:a6:fa:7a:c0:7f:9c:93:10:
cd:21:ac:06:7e:51:c4:43:3e:7c:55:a6:9b:30:55:
2d:f8:42:7d:aa:17:b1:29:23:c9:62:3a:53:83:7c:
42:ba:2e:6e:28:f1:b3:47:15:8b:f6:18:95:87:d2:
90:41:f9:64:6b:65:f7:19:dc:f7:80:1e:26:4f:89:
03:f4:b7:1f:a7:cb:1e:c2:2d:0c:12:e4:a5:bc:66:
b7:c4:79:50:96:ec:bf:dd:18:ec:e1:31:13:d5:6f:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C8:9E:70:08:84:11:39:68:88:60:55:A2:DF:75:4E:BA:00:0D:C7
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uMiecAiEETloiGBVot91TroADcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.8.0/21
94.131.96.0/21
94.131.105.0-94.131.111.255
94.131.114.0/24
94.131.116.0/24
95.164.8.0/22
95.164.16.0/22
95.164.44.0/22
95.164.84.0/22
Signature Algorithm: sha256WithRSAEncryption
80:e5:9c:41:b2:fc:be:32:51:5c:45:7a:01:29:15:e0:e5:cc:
ca:fc:56:b1:16:45:39:bb:d2:55:fb:03:af:72:9c:3b:00:02:
35:79:74:1d:91:f4:b8:18:f8:62:7f:ee:94:d3:c7:93:6f:b9:
c1:06:a3:a3:a1:08:ca:e8:a4:a8:4e:d6:b9:91:a8:26:2c:f6:
84:d8:49:4d:91:72:ff:07:02:9d:b6:f9:3d:b8:a1:c4:ec:fa:
eb:79:ea:8f:00:9d:e0:a4:7d:dc:43:94:f2:9a:b9:9e:2f:d3:
e2:fc:ef:7d:31:a8:f3:8e:89:f4:c8:f1:c3:78:95:9d:90:0d:
b3:c1:37:94:59:60:55:a9:8e:75:7c:ca:86:fc:c4:76:26:45:
da:a3:89:c1:b3:a8:d8:1e:ab:ee:b3:21:0e:12:64:71:57:06:
15:ac:7a:43:5a:8d:94:68:b0:34:20:46:1c:62:86:94:55:c3:
ac:bf:26:82:a4:42:48:2b:6e:b2:c7:27:e9:32:06:96:a2:a0:
9b:77:c1:a9:fb:3a:ab:b0:f2:f6:69:84:af:b1:08:bf:3d:4d:
38:48:2f:7c:22:73:4c:eb:45:ab:76:80:dd:bb:e4:96:62:0d:
09:a5:90:e1:47:8a:b1:47:52:52:3c:bc:36:20:ec:76:35:86:
95:33:24:ab
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYf5wKhmHeWwkHVDd6J0IuBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNTA4MDUwNjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM4OWU3MDA4ODQxMTM5Njg4ODYwNTVhMmRmNzU0ZWJhMDAwZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJWE5ijih3OuoKlWwyhS8GAxJvYy
UR6yKVQG24cubm2hrrTG2kQDJsvA1pZGgDUtl5Jf/9OGsdKypNZuKCAXVapFZMeH
U73LMO9HwaSG1dElrOyT7Ak/Kmj2H+jZYVjhthinjw2HY4xqyjDDB8thisDW+kjV
RpK5xtanJgXE/w1d8GK1MT1j4NNqESm6dv1XSGYpZ576YJdhAqFNpvp6wH+ckxDN
IawGflHEQz58VaabMFUt+EJ9qhexKSPJYjpTg3xCui5uKPGzRxWL9hiVh9KQQflk
a2X3Gdz3gB4mT4kD9Lcfp8sewi0MEuSlvGa3xHlQluy/3Rjs4TET1W9QwQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLjInnAIhBE5aIhgVaLfdU66AA3HMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvdU1pZWNBaUVFVGxvaUdCVm90OTFUcm9BRGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBXoMCAwQD
XoMIAwQDXoNgMAwDBABeg2kDBAReg2ADBABeg3IDBABeg3QDBAJfpAgDBAJfpBAD
BAJfpCwDBAJfpFQwDQYJKoZIhvcNAQELBQADggEBAIDlnEGy/L4yUVxFegEpFeDl
zMr8VrEWRTm70lX7A69ynDsAAjV5dB2R9LgY+GJ/7pTTx5NvucEGo6OhCMropKhO
1rmRqCYs9oTYSU2Rcv8HAp22+T24ocTs+ut56o8AneCkfdxDlPKauZ4v0+L8730x
qPOOifTI8cN4lZ2QDbPBN5RZYFWpjnV8yob8xHYmRdqjicGzqNgeq+6zIQ4SZHFX
BhWsekNajZRosDQgRhxihpRVw6y/JoKkQkgrbrLHJ+kyBpaioJt3wan7Oquw8vZp
hK+xCL89TThIL3wic0zrRat2gN275JZiDQmlkOFHirFHUlI8vDYg7HY1hpUzJKs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:55 2025 by rpki-client