Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a11477-7d10-47e9-8b5c-7b7244e69a93/1/ufbgTCtchFlfi3SVNJ_3aDs0wt0.roa
File: ufbgTCtchFlfi3SVNJ_3aDs0wt0.roa (raw, json)
Hash identifier: JMd22N9Xlq8oSZpXEtcbd8eXH0hJOgNtFQYCtWZxuuQ=
Subject key identifier: B9:F6:E0:4C:2B:5C:84:59:5F:8B:74:95:34:9F:F7:68:3B:34:C2:DD
Certificate issuer: /CN=1f773a137d5bfb5869f57dac7f359ec2818047a4
Certificate serial: 01856DC1EE115900E315553C8A681D83C6CB
Authority key identifier: 1F:77:3A:13:7D:5B:FB:58:69:F5:7D:AC:7F:35:9E:C2:81:80:47:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3c6E31b-1hp9X2sfzWewoGAR6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a11477-7d10-47e9-8b5c-7b7244e69a93/1/ufbgTCtchFlfi3SVNJ_3aDs0wt0.roa
Signing time: Sun 01 Jan 2023 14:35:03 +0000
ROA not before: Sun 01 Jan 2023 14:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35112
IP address blocks: 146.19.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ee:11:59:00:e3:15:55:3c:8a:68:1d:83:c6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f773a137d5bfb5869f57dac7f359ec2818047a4
Validity
Not Before: Jan 1 14:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9f6e04c2b5c84595f8b7495349ff7683b34c2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6e:2e:1b:19:a3:ac:14:30:ff:8b:ce:10:6c:
27:c9:25:55:fe:ff:4b:48:a5:08:58:1b:a0:d1:c1:
f4:80:b6:cc:17:d5:55:22:5b:99:d6:ab:7d:99:d3:
8d:37:25:fd:77:e4:0e:ad:7f:81:4c:a4:e2:59:c9:
12:b6:f5:f5:46:dc:77:f2:36:be:d0:09:54:d2:a4:
1a:d7:29:5b:f7:e6:6d:7b:cb:47:70:2e:e3:b0:8b:
7e:4c:84:c3:22:eb:79:b1:43:89:87:30:0a:ff:0f:
bc:6d:98:8f:55:24:84:0a:d8:17:01:51:4c:d2:5a:
c6:aa:d9:54:a6:2c:0c:85:fe:68:86:26:a5:db:5f:
cf:b7:4e:b7:54:90:2a:55:47:d4:96:7f:f6:55:a6:
1e:d8:b0:6e:76:ed:12:63:d5:11:b8:b1:9a:83:68:
6e:c7:05:1a:e3:f1:f4:0a:26:47:9c:2d:76:73:40:
df:87:fa:40:93:01:ef:8f:b8:12:cd:87:98:84:2b:
f7:d8:6f:4b:aa:d5:da:bc:a0:f5:d5:5b:67:7c:00:
e7:47:58:dd:a3:c3:a6:91:98:b9:48:8e:23:83:3d:
67:52:cc:37:d1:58:3b:4c:a7:06:23:bb:d6:ae:e2:
6d:bb:16:ae:39:7c:23:d5:e9:02:ac:09:d4:60:1c:
bc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F6:E0:4C:2B:5C:84:59:5F:8B:74:95:34:9F:F7:68:3B:34:C2:DD
X509v3 Authority Key Identifier:
keyid:1F:77:3A:13:7D:5B:FB:58:69:F5:7D:AC:7F:35:9E:C2:81:80:47:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3c6E31b-1hp9X2sfzWewoGAR6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a11477-7d10-47e9-8b5c-7b7244e69a93/1/ufbgTCtchFlfi3SVNJ_3aDs0wt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a11477-7d10-47e9-8b5c-7b7244e69a93/1/H3c6E31b-1hp9X2sfzWewoGAR6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:bf:0a:9d:3d:3a:8c:6b:bb:b0:02:df:75:1c:f2:ee:0c:2a:
d2:08:96:7c:4b:12:95:40:e8:30:bf:c7:b8:ff:5c:97:67:2a:
19:4a:54:94:67:74:5c:9f:41:6e:d1:5b:1b:19:46:44:1a:62:
28:14:28:65:f4:e7:46:6a:4b:ce:7e:ce:9c:cc:ed:5b:15:54:
05:94:d4:69:07:96:94:2b:ad:4b:bf:fc:4b:e6:74:ef:ad:ce:
43:1a:25:45:59:31:4d:8f:41:99:7c:9c:45:63:fe:cb:4e:f5:
0f:93:b2:1c:22:c2:b0:33:f0:9f:0b:91:47:72:18:1b:a6:cf:
b1:c0:80:f7:ad:e9:e0:b6:2b:06:3a:35:21:d2:90:6b:f3:67:
49:64:53:1e:43:6a:62:7e:f3:32:a0:f7:f4:25:e9:65:4a:89:
bb:a5:6e:9f:be:ab:0f:36:86:bb:c5:92:9f:12:91:07:d5:c5:
dc:8c:b8:ae:3c:ee:09:2a:b9:eb:50:05:e6:ac:a6:35:71:b1:
a5:77:ec:fb:c0:00:20:9a:64:d3:35:9e:f1:fd:fa:4c:0b:0a:
86:39:fd:4b:fa:f0:3e:e7:ef:70:f1:fc:7d:ed:24:ff:a9:a7:
81:cd:f3:30:1c:29:93:d0:14:e3:d0:12:64:92:0a:f1:4b:f4:
74:92:8c:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwe4RWQDjFVU8imgdg8bLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzczYTEzN2Q1YmZiNTg2OWY1N2RhYzdmMzU5ZWMyODE4
MDQ3YTQwHhcNMjMwMTAxMTQzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY2ZTA0YzJiNWM4NDU5NWY4Yjc0OTUzNDlmZjc2ODNiMzRjMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm4uGxmjrBQw/4vOEGwnySVV/v9L
SKUIWBug0cH0gLbMF9VVIluZ1qt9mdONNyX9d+QOrX+BTKTiWckStvX1Rtx38ja+
0AlU0qQa1ylb9+Zte8tHcC7jsIt+TITDIut5sUOJhzAK/w+8bZiPVSSECtgXAVFM
0lrGqtlUpiwMhf5ohial21/Pt063VJAqVUfUln/2VaYe2LBudu0SY9URuLGag2hu
xwUa4/H0CiZHnC12c0Dfh/pAkwHvj7gSzYeYhCv32G9LqtXavKD11VtnfADnR1jd
o8OmkZi5SI4jgz1nUsw30Vg7TKcGI7vWruJtuxauOXwj1ekCrAnUYBy8EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn24EwrXIRZX4t0lTSf92g7NMLdMB8GA1UdIwQY
MBaAFB93OhN9W/tYafV9rH81nsKBgEekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNjNkUzMWItMWhwOVgyc2Z6V2V3b0dBUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hMTE0NzctN2QxMC00N2U5LThiNWMt
N2I3MjQ0ZTY5YTkzLzEvdWZiZ1RDdGNoRmxmaTNTVk5KXzNhRHMwd3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hMTE0NzctN2QxMC00N2U5LThiNWMtN2I3MjQ0ZTY5YTkz
LzEvSDNjNkUzMWItMWhwOVgyc2Z6V2V3b0dBUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCdvwqdPTqMa7uwAt91HPLuDCrSCJZ8SxKVQOgwv8e4
/1yXZyoZSlSUZ3Rcn0Fu0VsbGUZEGmIoFChl9OdGakvOfs6czO1bFVQFlNRpB5aU
K61Lv/xL5nTvrc5DGiVFWTFNj0GZfJxFY/7LTvUPk7IcIsKwM/CfC5FHchgbps+x
wID3rengtisGOjUh0pBr82dJZFMeQ2pifvMyoPf0JellSom7pW6fvqsPNoa7xZKf
EpEH1cXcjLiuPO4JKrnrUAXmrKY1cbGld+z7wAAgmmTTNZ7x/fpMCwqGOf1L+vA+
5+9w8fx97ST/qaeBzfMwHCmT0BTj0BJkkgrxS/R0koxp
-----END CERTIFICATE-----
Generated at Fri Dec 22 15:01:11 2023 by rpki-client on console-fra.rpki-client.org