Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/nuUCWHyyxZrRljHQJ87UEEaJiBw.roa
File: nuUCWHyyxZrRljHQJ87UEEaJiBw.roa (raw, json)
Hash identifier: r7X7gfKyToBHuFHjIhg9Xn8P13z5om6oALl+CoBoqGY=
Subject key identifier: 9E:E5:02:58:7C:B2:C5:9A:D1:96:31:D0:27:CE:D4:10:46:89:88:1C
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 0457DF
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/nuUCWHyyxZrRljHQJ87UEEaJiBw.roa
Signing time: Wed 06 Apr 2022 19:56:07 +0000
ROA not before: Wed 06 Apr 2022 19:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47943
IP address blocks: 2001:b18:1017::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284639 (0x457df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Apr 6 19:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ee502587cb2c59ad19631d027ced4104689881c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3f:18:35:50:ce:ce:d5:fa:84:ad:ca:96:65:
9b:56:22:4e:51:32:f9:94:0b:cd:49:d7:4f:b8:c8:
b6:6a:52:04:73:c0:9f:57:8a:9b:ad:89:bf:ae:ad:
0b:c1:03:9a:d8:54:db:c2:48:0e:ca:12:02:6c:56:
4c:12:dd:97:83:fd:ea:03:d6:2a:45:fc:5b:fc:0e:
62:01:7a:4e:35:e1:af:4a:91:aa:89:7c:1a:fa:9e:
df:24:db:63:1a:14:85:8a:db:d1:aa:c4:d5:0f:46:
ef:9b:56:f4:79:44:da:42:1b:60:e6:b1:a5:fe:0f:
bb:5f:c9:33:5b:62:eb:a2:70:9f:69:89:34:64:5f:
1e:b4:60:9d:52:c1:9f:2a:f0:40:e4:e2:89:ad:32:
97:65:e2:3e:33:d1:f5:c3:3c:9f:42:99:c7:64:45:
51:dd:0b:e3:55:96:31:17:2a:ea:2f:9d:2d:06:e0:
bc:c4:6b:15:dd:f7:aa:f5:70:2d:a2:cc:a6:5c:2f:
66:36:a3:17:4e:57:0a:b5:ff:29:bb:7c:a8:73:df:
5d:3c:58:13:0f:0d:8f:41:43:12:e9:4d:2f:49:f5:
79:6f:fd:4a:6d:7e:64:8e:ba:c8:3a:5c:93:f2:d1:
af:02:4c:4b:00:ca:74:ee:4a:74:dc:6c:bf:39:f6:
05:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E5:02:58:7C:B2:C5:9A:D1:96:31:D0:27:CE:D4:10:46:89:88:1C
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/nuUCWHyyxZrRljHQJ87UEEaJiBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18:1017::/48
Signature Algorithm: sha256WithRSAEncryption
0e:b9:0a:ca:e6:a7:a8:52:bd:4b:a6:50:ff:21:af:fb:48:39:
e1:44:c5:80:f0:7d:9c:2e:8f:56:6f:47:01:a9:65:af:c1:e5:
df:18:61:ea:14:8a:67:ff:d5:5b:bf:ca:88:89:f4:56:8d:dd:
46:74:2b:7e:56:4d:3e:6e:41:dd:01:84:35:05:2d:18:d9:f3:
80:4b:5d:75:b4:99:dc:36:97:52:0a:b9:3d:43:0c:e5:35:96:
5f:83:ff:88:64:91:43:31:b9:84:2d:3d:76:7a:8a:b2:35:4e:
89:a2:ab:1c:1d:30:36:8b:ae:bf:61:60:a2:1a:23:ec:60:14:
c6:db:30:bf:a0:ca:68:29:3f:1a:8a:15:b8:ec:f0:08:fa:ee:
ff:7e:dd:ed:f0:2d:d7:d2:b3:fc:8c:60:f1:58:a1:dd:34:87:
78:b9:0d:79:b9:71:1a:a6:2f:ea:c8:4a:e4:c2:f8:e0:47:b2:
cd:cf:a2:b0:92:9d:ad:d9:de:53:21:ff:98:59:a9:72:e5:73:
7e:0d:8d:8b:20:06:63:d7:84:d8:eb:4c:6b:5c:7e:a9:d0:6f:
04:82:33:69:d1:70:d7:63:48:3d:a4:e7:d9:77:3c:75:df:78:
64:c3:09:ae:bc:04:35:8e:c2:c3:60:a2:fd:4f:06:2c:7c:99:
13:7e:d0:06
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDBFffMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBj
NDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1MWU1N2UwHhcNMjIwNDA2
MTk1NjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZWU1MDI1ODdjYjJj
NTlhZDE5NjMxZDAyN2NlZDQxMDQ2ODk4ODFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7z8YNVDOztX6hK3KlmWbViJOUTL5lAvNSddPuMi2alIEc8Cf
V4qbrYm/rq0LwQOa2FTbwkgOyhICbFZMEt2Xg/3qA9YqRfxb/A5iAXpONeGvSpGq
iXwa+p7fJNtjGhSFitvRqsTVD0bvm1b0eUTaQhtg5rGl/g+7X8kzW2LronCfaYk0
ZF8etGCdUsGfKvBA5OKJrTKXZeI+M9H1wzyfQpnHZEVR3QvjVZYxFyrqL50tBuC8
xGsV3feq9XAtosymXC9mNqMXTlcKtf8pu3yoc99dPFgTDw2PQUMS6U0vSfV5b/1K
bX5kjrrIOlyT8tGvAkxLAMp07kp03Gy/OfYFRQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFJ7lAlh8ssWa0ZYx0CfO1BBGiYgcMB8GA1UdIwQYMBaAFAxFeaQCiCnTesrG
X2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
REVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIwLzEv
bnVVQ1dIeXl4WnJSbGpIUUo4N1VFRWFKaUJ3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9l
ZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIwLzEvREVWNXBBS0lLZE42
eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAELGBAXMA0GCSqGSIb3DQEBCwUA
A4IBAQAOuQrK5qeoUr1LplD/Ia/7SDnhRMWA8H2cLo9Wb0cBqWWvweXfGGHqFIpn
/9Vbv8qIifRWjd1GdCt+Vk0+bkHdAYQ1BS0Y2fOAS111tJncNpdSCrk9QwzlNZZf
g/+IZJFDMbmELT12eoqyNU6JoqscHTA2i66/YWCiGiPsYBTG2zC/oMpoKT8aihW4
7PAI+u7/ft3t8C3X0rP8jGDxWKHdNId4uQ15uXEapi/qyErkwvjgR7LNz6Kwkp2t
2d5TIf+YWaly5XN+DY2LIAZj14TY60xrXH6p0G8EgjNp0XDXY0g9pOfZdzx133hk
wwmuvAQ1jsLDYKL9TwYsfJkTftAG
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:42 2025 by rpki-client