Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/SKsBaOUKHvswcWVqK4ExN5VZip4.roa
File: SKsBaOUKHvswcWVqK4ExN5VZip4.roa (raw, json)
Hash identifier: UFACT67C9jKU7D3sFChqBMrImlO+G1VHfEFoMymYiOk=
Subject key identifier: 48:AB:01:68:E5:0A:1E:FB:30:71:65:6A:2B:81:31:37:95:59:8A:9E
Certificate issuer: /CN=b862b85a1d2c51d99069ca3a5aff52ecc6a9aab4
Certificate serial: 010C78A1
Authority key identifier: B8:62:B8:5A:1D:2C:51:D9:90:69:CA:3A:5A:FF:52:EC:C6:A9:AA:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/SKsBaOUKHvswcWVqK4ExN5VZip4.roa
Signing time: Sat 01 Jan 2022 02:55:20 +0000
ROA not before: Sat 01 Jan 2022 02:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29404
IP address blocks: 217.73.144.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17594529 (0x10c78a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b862b85a1d2c51d99069ca3a5aff52ecc6a9aab4
Validity
Not Before: Jan 1 02:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48ab0168e50a1efb3071656a2b81313795598a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7f:fc:76:60:44:d3:c6:4c:fb:d5:0b:d9:a9:
8a:cf:1f:78:9a:6b:58:2a:4d:3a:ee:af:13:aa:d4:
d2:ca:20:d6:16:62:d9:8b:24:8b:f3:69:59:f1:2d:
93:51:de:2b:a1:7c:24:d2:69:5b:c8:4a:56:22:f6:
52:c5:47:14:71:2b:08:31:f9:42:60:8c:49:3b:f1:
e3:5f:93:cf:9b:ab:76:2d:ef:13:dc:21:52:94:63:
c5:f7:07:cc:c0:41:97:21:fc:15:04:69:9d:ce:b4:
5c:26:90:92:df:13:bb:94:ec:2e:b1:b5:d4:bb:b3:
3b:ef:72:6c:81:c8:94:e8:45:f1:b7:ef:87:d9:b3:
3a:83:1b:7f:84:2e:44:ac:f8:9c:10:0d:3c:54:2e:
a0:05:8a:71:0c:e2:51:a6:ce:91:ab:b1:ad:81:d1:
3e:bb:c0:35:06:ca:ee:e5:21:4a:14:77:14:5b:b7:
47:d1:38:e3:bc:ee:92:72:96:c7:db:45:18:8b:37:
12:da:ad:9d:54:e9:c2:04:88:d7:08:0e:d4:a1:62:
af:39:f2:05:c6:19:ab:90:f0:b0:3b:fa:bf:ab:22:
9a:95:42:58:5b:64:f9:75:02:aa:0e:20:70:64:07:
53:61:35:1a:41:23:55:3d:08:b2:2d:b3:31:39:7e:
fc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AB:01:68:E5:0A:1E:FB:30:71:65:6A:2B:81:31:37:95:59:8A:9E
X509v3 Authority Key Identifier:
keyid:B8:62:B8:5A:1D:2C:51:D9:90:69:CA:3A:5A:FF:52:EC:C6:A9:AA:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/SKsBaOUKHvswcWVqK4ExN5VZip4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.144.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:72:55:15:d4:ab:e8:73:b1:16:08:e2:db:5e:22:c1:48:82:
bd:30:c0:f9:54:64:cc:72:b9:50:74:e6:f7:d0:b2:7b:bb:a7:
cd:45:71:22:e7:79:b4:d2:86:a2:a1:54:60:96:f1:05:db:6f:
44:89:db:1a:d5:f0:f0:67:db:4e:c9:d2:14:ba:01:dc:eb:05:
77:86:e9:b3:44:b3:cc:64:c4:93:24:5a:c4:3f:4c:fe:0a:af:
ba:15:b9:b1:42:e5:54:45:9f:61:1f:c7:67:8e:1f:2c:8f:bc:
dd:b5:d5:aa:08:33:ce:b1:80:a6:6e:a7:b8:db:2a:b6:91:c7:
f1:a3:f3:bd:45:0f:b5:00:31:cb:37:c5:72:d9:56:fd:09:09:
cf:fa:2c:ed:43:2a:30:05:3c:94:61:d6:1c:b1:07:37:bb:6d:
1f:58:03:75:e0:f6:cb:31:67:d3:16:a8:5d:e9:5c:c5:d8:a7:
a0:f9:b4:7b:71:25:c3:3a:dd:15:87:7c:80:9a:79:59:d2:f3:
b0:65:9b:90:f2:97:1c:39:b3:aa:74:79:92:47:22:eb:29:06:
7e:43:06:0f:86:18:f5:3a:c5:52:98:8c:81:4a:01:e3:00:84:
2f:2b:92:85:2b:9f:95:48:be:47:ba:fd:3c:6e:cb:91:7c:e6:
2c:88:e0:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQx4oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODYyYjg1YTFkMmM1MWQ5OTA2OWNhM2E1YWZmNTJlY2M2YTlhYWI0MB4XDTIyMDEw
MTAyNTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhhYjAxNjhlNTBh
MWVmYjMwNzE2NTZhMmI4MTMxMzc5NTU5OGE5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZ//HZgRNPGTPvVC9mpis8feJprWCpNOu6vE6rU0sog1hZi
2Yski/NpWfEtk1HeK6F8JNJpW8hKViL2UsVHFHErCDH5QmCMSTvx41+Tz5urdi3v
E9whUpRjxfcHzMBBlyH8FQRpnc60XCaQkt8Tu5TsLrG11LuzO+9ybIHIlOhF8bfv
h9mzOoMbf4QuRKz4nBANPFQuoAWKcQziUabOkauxrYHRPrvANQbK7uUhShR3FFu3
R9E447zuknKWx9tFGIs3EtqtnVTpwgSI1wgO1KFirznyBcYZq5DwsDv6v6simpVC
WFtk+XUCqg4gcGQHU2E1GkEjVT0Isi2zMTl+/GcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIqwFo5Qoe+zBxZWorgTE3lVmKnjAfBgNVHSMEGDAWgBS4YrhaHSxR2ZBp
yjpa/1LsxqmqtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VHSzRXaDBzVWRtUWFjbzZXdjlTN01hcHFyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvY2IyMjBmLTFhM2EtNGNiYS04MmNmLTI3OGZkNDc1ZjNmYi8x
L1NLc0JhT1VLSHZzd2NXVnFLNEV4TjVWWmlwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
Y2IyMjBmLTFhM2EtNGNiYS04MmNmLTI3OGZkNDc1ZjNmYi8xL3VHSzRXaDBzVWRt
UWFjbzZXdjlTN01hcHFyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNlJkDANBgkqhkiG9w0BAQsFAAOC
AQEAPnJVFdSr6HOxFgji214iwUiCvTDA+VRkzHK5UHTm99Cye7unzUVxIud5tNKG
oqFUYJbxBdtvRInbGtXw8GfbTsnSFLoB3OsFd4bps0SzzGTEkyRaxD9M/gqvuhW5
sULlVEWfYR/HZ44fLI+83bXVqggzzrGApm6nuNsqtpHH8aPzvUUPtQAxyzfFctlW
/QkJz/os7UMqMAU8lGHWHLEHN7ttH1gDdeD2yzFn0xaoXelcxdinoPm0e3Elwzrd
FYd8gJp5WdLzsGWbkPKXHDmzqnR5kkci6ykGfkMGD4YY9TrFUpiMgUoB4wCELyuS
hSuflUi+R7r9PG7LkXzmLIjgLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:20 2024 by rpki-client on console-fra.rpki-client.org