Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/BPUM_PZ3uczDdAUnVJe8YFx4S14.roa
File: BPUM_PZ3uczDdAUnVJe8YFx4S14.roa (raw, json)
Hash identifier: sepS/Hy8qpPDTy19Krtr6CYqYH3meMyCOCoVExUTgPI=
Subject key identifier: 04:F5:0C:FC:F6:77:B9:CC:C3:74:05:27:54:97:BC:60:5C:78:4B:5E
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 018EB893700A473E66D8F41661899429E31B
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/BPUM_PZ3uczDdAUnVJe8YFx4S14.roa
Signing time: Sun 07 Apr 2024 12:40:53 +0000
ROA not before: Sun 07 Apr 2024 12:40:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 82.215.71.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
193.109.184.0/24 maxlen: 24
193.109.186.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:1031::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b8:93:70:0a:47:3e:66:d8:f4:16:61:89:94:29:e3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Apr 7 12:40:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04f50cfcf677b9ccc37405275497bc605c784b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cc:e1:d8:d0:40:ff:ce:a9:27:ac:c3:a4:9e:
aa:60:a2:e3:fb:ae:00:ae:5e:7c:84:af:d3:5b:08:
c1:19:d4:aa:e2:18:eb:b2:00:48:37:96:7b:78:da:
2c:51:a7:76:1a:0b:79:bf:e5:04:22:c6:b8:49:5e:
29:8f:6f:f7:45:08:3c:b0:ba:cf:41:fe:7b:3d:08:
ec:e0:d0:d6:f0:2b:85:07:20:29:b2:d4:81:5a:46:
85:0f:8f:74:55:23:1e:25:42:56:a9:8b:a2:54:8f:
7a:66:d8:33:bd:27:c4:3c:41:21:c9:51:b0:f9:5d:
49:a6:8c:88:d3:42:7a:85:0d:aa:0e:95:ff:96:fc:
1a:33:a2:de:f1:5f:17:97:cc:02:ad:c7:b4:17:d2:
c1:a8:1c:b8:e0:3d:b5:1b:5e:df:22:7f:59:77:00:
7b:94:08:94:03:18:71:3f:50:77:08:56:6b:1a:44:
11:36:46:e5:ff:90:6d:c8:0d:f2:4d:19:18:57:70:
be:4f:40:fa:e2:41:c9:04:a0:26:83:9b:9c:63:40:
83:f6:b6:3d:73:80:ee:3f:85:9c:bc:f3:ee:77:44:
1f:02:98:34:0a:cf:95:50:ae:7e:bd:ad:f7:68:36:
66:4f:ce:85:39:0f:ea:31:fd:95:d4:99:b2:5a:6e:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F5:0C:FC:F6:77:B9:CC:C3:74:05:27:54:97:BC:60:5C:78:4B:5E
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/BPUM_PZ3uczDdAUnVJe8YFx4S14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.71.0/24
193.109.184.0/21
IPv6:
2001:b18::/32
Signature Algorithm: sha256WithRSAEncryption
56:22:f2:2a:e5:3b:1b:82:f2:2e:0a:0c:5f:5b:f6:90:02:0b:
96:46:33:44:49:bc:ce:c3:77:99:8f:f5:8d:11:1d:7f:10:4d:
5e:4b:0f:e3:e3:37:96:82:49:91:6b:de:e3:51:b5:b9:9b:75:
be:9c:fe:79:52:ef:b3:89:4d:cc:37:f0:c8:34:c0:c2:99:58:
be:09:4c:f9:89:60:25:2e:f4:d6:7a:0e:9d:0a:bd:3d:e6:10:
5b:c6:5f:6c:ef:d0:9b:95:15:96:23:27:f1:ef:69:56:1b:a5:
08:45:78:b3:17:da:fd:95:59:9e:ae:37:82:bb:f5:48:1d:05:
16:95:fa:cc:a8:0b:eb:c5:5f:b4:e5:13:c5:c0:d6:fb:6d:96:
eb:15:e4:01:89:29:0e:6b:68:97:f6:34:21:f9:7e:a2:6b:a3:
13:57:7b:26:95:64:6b:6f:e2:11:1e:41:54:51:16:4a:36:c9:
dc:79:00:9a:4e:4b:82:73:50:14:a7:f0:f4:7e:e8:90:85:6b:
fa:36:45:06:7e:7f:46:d6:3e:de:ca:5f:d3:2b:e3:58:7e:8d:
ed:3d:8f:00:32:e8:cd:09:15:e6:13:2f:43:3f:2f:6d:2f:d2:
c6:17:10:9c:eb:74:8b:d1:b5:2b:2b:4e:be:68:10:a1:86:76:
21:e6:2a:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY64k3AKRz5m2PQWYYmUKeMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjQwNDA3MTI0MDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY1MGNmY2Y2NzdiOWNjYzM3NDA1Mjc1NDk3YmM2MDVjNzg0YjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mzh2NBA/86pJ6zDpJ6qYKLj+64A
rl58hK/TWwjBGdSq4hjrsgBIN5Z7eNosUad2Ggt5v+UEIsa4SV4pj2/3RQg8sLrP
Qf57PQjs4NDW8CuFByApstSBWkaFD490VSMeJUJWqYuiVI96ZtgzvSfEPEEhyVGw
+V1JpoyI00J6hQ2qDpX/lvwaM6Le8V8Xl8wCrce0F9LBqBy44D21G17fIn9ZdwB7
lAiUAxhxP1B3CFZrGkQRNkbl/5BtyA3yTRkYV3C+T0D64kHJBKAmg5ucY0CD9rY9
c4DuP4WcvPPud0QfApg0Cs+VUK5+va33aDZmT86FOQ/qMf2V1JmyWm6pFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAT1DPz2d7nMw3QFJ1SXvGBceEteMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvQlBVTV9QWjN1Y3pEZEFVblZKZThZRng0UzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUtdHAwQD
wW24MA0EAgACMAcDBQAgAQsYMA0GCSqGSIb3DQEBCwUAA4IBAQBWIvIq5TsbgvIu
CgxfW/aQAguWRjNESbzOw3eZj/WNER1/EE1eSw/j4zeWgkmRa97jUbW5m3W+nP55
Uu+ziU3MN/DINMDCmVi+CUz5iWAlLvTWeg6dCr095hBbxl9s79CblRWWIyfx72lW
G6UIRXizF9r9lVmerjeCu/VIHQUWlfrMqAvrxV+05RPFwNb7bZbrFeQBiSkOa2iX
9jQh+X6ia6MTV3smlWRrb+IRHkFUURZKNsnceQCaTkuCc1AUp/D0fuiQhWv6NkUG
fn9G1j7eyl/TK+NYfo3tPY8AMujNCRXmEy9DPy9tL9LGFxCc63SL0bUrK06+aBCh
hnYh5irt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org