Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ULpkA-H8wweomR_60XmPGGzwVek.roa
File: ULpkA-H8wweomR_60XmPGGzwVek.roa (raw, json)
Hash identifier: fHPizS1TxvFXh8l6ENf40+C7gVqJpUwDkv15oBqBwLI=
Subject key identifier: 50:BA:64:03:E1:FC:C3:07:A8:99:1F:FA:D1:79:8F:18:6C:F0:55:E9
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 0188FF8BDDA877F2B82E95CC21BD3AC72CCF
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ULpkA-H8wweomR_60XmPGGzwVek.roa
Signing time: Wed 28 Jun 2023 01:08:56 +0000
ROA not before: Wed 28 Jun 2023 01:08:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 79.139.52.0/22 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:8b:dd:a8:77:f2:b8:2e:95:cc:21:bd:3a:c7:2c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Jun 28 01:08:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ba6403e1fcc307a8991ffad1798f186cf055e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b2:09:f4:77:c9:c2:49:ef:5d:9c:b6:01:f0:
4e:98:d7:63:0e:c1:36:9a:aa:54:97:dc:49:a0:d2:
c5:de:9e:c2:27:10:f9:58:3d:5a:c5:b5:23:aa:b1:
c9:db:24:fc:c7:60:cb:f8:4b:5f:6a:58:c0:2d:39:
d7:86:29:8c:e6:16:83:ea:15:53:2f:9b:29:1e:25:
5f:c1:ca:3e:6c:95:70:35:a9:6b:cf:79:f7:47:7f:
8d:ec:5a:0d:61:29:7c:4a:dc:c9:b5:e9:a6:4d:0b:
8e:61:84:d5:d5:74:19:27:4b:16:ef:83:da:26:d1:
55:ea:86:3b:10:38:4f:73:6d:94:cd:27:e8:3c:52:
60:1e:b1:e0:e0:50:f8:35:6d:c1:d8:b9:05:0f:e6:
39:9b:c6:7a:43:e1:f2:91:2c:fb:b5:d4:0d:23:33:
65:fe:46:1f:cf:9c:57:80:31:e7:7a:8e:13:ba:f6:
24:0e:62:d8:8f:2d:05:93:e3:b0:09:e0:3d:92:75:
db:ad:02:1b:d6:db:03:c3:61:68:20:30:f0:18:c6:
07:8a:c5:fe:d1:d2:28:8e:5d:f7:08:66:08:b6:6c:
76:7d:d2:26:eb:f9:a8:eb:dc:df:f8:e2:b2:da:76:
36:d4:97:56:01:bd:0a:ba:5a:bf:30:6c:50:a0:26:
6c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BA:64:03:E1:FC:C3:07:A8:99:1F:FA:D1:79:8F:18:6C:F0:55:E9
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ULpkA-H8wweomR_60XmPGGzwVek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
95.178.8.0/21
116.50.16.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:30:56:6e:c7:83:64:57:a5:b8:12:89:97:5f:00:a0:88:2c:
65:a2:3e:9a:d2:a7:a2:68:71:01:30:7c:9d:72:2f:fc:db:d6:
03:40:7d:26:ab:de:4c:a5:c3:a1:62:f0:2f:ac:87:59:1c:bf:
e9:a5:f1:dd:22:af:d3:2d:ab:d8:17:4f:dd:ba:30:1f:9a:a2:
64:b0:91:df:d6:b2:b7:53:26:e4:75:9f:44:f2:fe:e3:0f:31:
4d:a7:8f:35:bb:6e:3b:4f:91:8f:53:ca:d4:96:0d:6f:92:48:
05:0c:db:e2:eb:76:df:2b:82:5a:78:70:96:0b:3b:08:5e:ed:
16:27:e4:6b:6e:3d:5d:9c:2f:f1:7d:19:9c:40:dd:9f:84:57:
09:34:43:b8:3e:ae:f5:63:f8:dd:d0:f1:da:b4:96:1f:71:cd:
83:e0:f2:ac:ee:08:91:8c:6f:c1:52:2a:51:53:c1:89:0e:05:
0c:1b:00:88:7e:e6:0c:95:9e:c4:54:56:55:d8:39:7e:7c:5e:
44:a8:fc:38:63:40:35:91:c7:bf:56:f4:f2:64:4a:12:dc:bc:
a5:0f:ae:b2:d9:65:2d:c2:2e:15:af:ff:8f:82:5c:35:fd:b1:
37:e9:fc:cd:e7:b1:e2:32:6d:e6:2d:ab:d1:a2:2a:39:68:d0:
ef:ef:8a:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYj/i92od/K4LpXMIb06xyzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwNjI4MDEwODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJhNjQwM2UxZmNjMzA3YTg5OTFmZmFkMTc5OGYxODZjZjA1NWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bIJ9HfJwknvXZy2AfBOmNdjDsE2
mqpUl9xJoNLF3p7CJxD5WD1axbUjqrHJ2yT8x2DL+EtfaljALTnXhimM5haD6hVT
L5spHiVfwco+bJVwNalrz3n3R3+N7FoNYSl8StzJtemmTQuOYYTV1XQZJ0sW74Pa
JtFV6oY7EDhPc22UzSfoPFJgHrHg4FD4NW3B2LkFD+Y5m8Z6Q+HykSz7tdQNIzNl
/kYfz5xXgDHneo4TuvYkDmLYjy0Fk+OwCeA9knXbrQIb1tsDw2FoIDDwGMYHisX+
0dIojl33CGYItmx2fdIm6/mo69zf+OKy2nY21JdWAb0Kulq/MGxQoCZsGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFC6ZAPh/MMHqJkf+tF5jxhs8FXpMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvVUxwa0EtSDh3d2VvbVJfNjBYbVBHR3p3VmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCT4s0AwQD
X7IIAwQDdDIQMA0GCSqGSIb3DQEBCwUAA4IBAQCiMFZux4NkV6W4EomXXwCgiCxl
oj6a0qeiaHEBMHydci/829YDQH0mq95MpcOhYvAvrIdZHL/ppfHdIq/TLavYF0/d
ujAfmqJksJHf1rK3UybkdZ9E8v7jDzFNp481u247T5GPU8rUlg1vkkgFDNvi63bf
K4JaeHCWCzsIXu0WJ+Rrbj1dnC/xfRmcQN2fhFcJNEO4Pq71Y/jd0PHatJYfcc2D
4PKs7giRjG/BUipRU8GJDgUMGwCIfuYMlZ7EVFZV2Dl+fF5EqPw4Y0A1kce/VvTy
ZEoS3LylD66y2WUtwi4Vr/+Pglw1/bE36fzN57HiMm3mLavRoio5aNDv74o4
-----END CERTIFICATE-----
Generated at Mon Nov 13 09:13:26 2023 by rpki-client on console-ams.rpki-client.org