Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/SHgflu2GulkbE8OCRQoeCsLCeu4.roa
File: SHgflu2GulkbE8OCRQoeCsLCeu4.roa (raw, json)
Hash identifier: Kpuc4TAxxoX2sjIBrrh+akkYStBcWfuLSsl4yAu4oWw=
Subject key identifier: 48:78:1F:96:ED:86:BA:59:1B:13:C3:82:45:0A:1E:0A:C2:C2:7A:EE
Certificate issuer: /CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Certificate serial: 01837F7C7CE1690112A1B734E93EE251BF65
Authority key identifier: 53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/SHgflu2GulkbE8OCRQoeCsLCeu4.roa
Signing time: Tue 27 Sep 2022 15:06:48 +0000
ROA not before: Tue 27 Sep 2022 15:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24642
IP address blocks: 77.233.32.0/19 maxlen: 19
81.18.160.0/20 maxlen: 20
2001:1aa8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:7c:7c:e1:69:01:12:a1:b7:34:e9:3e:e2:51:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Validity
Not Before: Sep 27 15:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48781f96ed86ba591b13c382450a1e0ac2c27aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:e7:dc:56:1f:b9:82:bc:c9:94:eb:81:77:
ca:fb:eb:b9:ef:25:ec:f4:a2:8d:b3:6c:ae:02:6a:
87:15:e1:d8:ae:b8:d9:7e:0e:aa:d3:6e:3d:21:34:
42:28:62:c9:75:f8:a0:4e:f7:4c:81:86:e8:74:41:
9f:da:f0:da:ae:b5:68:fd:36:a5:69:42:8b:27:53:
11:ae:b9:4c:10:f7:64:d2:d6:d3:6a:eb:01:48:8a:
2d:82:0f:44:72:ed:5d:01:e5:fb:1a:d8:c3:0c:e1:
36:79:15:ff:af:ae:73:b1:3f:d9:0f:41:92:90:7f:
a2:2f:08:12:c2:9a:9d:f8:02:62:b6:88:45:3f:91:
fe:f6:93:b7:f8:85:0e:e1:8b:06:0b:2c:46:a1:53:
62:42:b1:f5:c0:bf:a6:56:da:af:47:88:80:db:2f:
01:94:90:a5:1a:9d:cd:08:23:01:77:de:f7:f5:93:
41:51:1c:d5:87:48:d3:7d:bf:22:8d:00:f6:ad:a1:
3d:4d:51:11:8f:74:16:c2:62:f5:d6:ed:61:5c:1f:
c5:98:9a:f7:11:ce:02:e8:10:df:41:fc:10:84:88:
4e:1a:d3:9e:94:a3:eb:ab:e2:ad:ae:96:8a:5a:7b:
ba:be:dc:88:a5:18:e5:73:90:d9:af:c9:0c:61:08:
c4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:78:1F:96:ED:86:BA:59:1B:13:C3:82:45:0A:1E:0A:C2:C2:7A:EE
X509v3 Authority Key Identifier:
keyid:53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/SHgflu2GulkbE8OCRQoeCsLCeu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.233.32.0/19
81.18.160.0/20
IPv6:
2001:1aa8::/32
Signature Algorithm: sha256WithRSAEncryption
10:e3:70:2a:e8:f2:f9:55:c1:5c:65:40:de:3e:db:53:5e:1b:
96:f0:e3:75:64:ed:59:80:e2:b6:76:f4:c8:aa:cc:b5:84:4e:
d5:37:71:7d:a6:00:da:0d:6b:fa:ae:61:57:8b:28:bc:f9:61:
b3:3d:83:87:44:29:94:1a:de:7e:7e:02:77:a8:ba:c8:6c:be:
98:c4:e8:ba:11:3c:23:a5:f2:c1:55:dc:2f:e8:ab:c1:e0:13:
38:1a:90:00:98:33:c3:ef:9f:2a:e2:2b:61:d6:28:f5:fc:39:
2a:eb:16:e1:7b:c3:e5:1b:be:90:87:e5:23:7e:a8:b4:6e:b9:
25:d0:77:ba:43:56:07:40:80:36:27:3e:27:89:af:d7:83:01:
84:9a:49:9f:66:5f:fa:2b:94:d8:e3:d4:c1:8b:9b:5a:72:93:
d4:8a:0b:1d:38:6b:0a:5f:b7:19:51:36:91:11:4c:f2:e5:02:
c6:9d:e1:bc:ca:a4:85:93:86:18:bc:58:6e:cc:4f:fe:9a:65:
f3:c4:da:8b:54:4d:6d:99:e1:14:03:f1:26:41:08:b5:06:3f:
bc:d7:51:07:94:cc:69:6b:d1:e5:09:e7:fe:66:4d:3f:9d:90:
3f:ab:9f:e3:a3:bc:4c:73:8f:e9:bf:26:42:ca:34:b7:6f:d6:
be:3f:90:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYN/fHzhaQESobc06T7iUb9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTNhOWE4NWZhMTFmYzRiZjE1NmZhYjRkOGQ4NGEwOGU1
ZDY2ZjkwHhcNMjIwOTI3MTUwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc4MWY5NmVkODZiYTU5MWIxM2MzODI0NTBhMWUwYWMyYzI3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIbn3FYfuYK8yZTrgXfK++u57yXs
9KKNs2yuAmqHFeHYrrjZfg6q0249ITRCKGLJdfigTvdMgYbodEGf2vDarrVo/Tal
aUKLJ1MRrrlMEPdk0tbTausBSIotgg9Ecu1dAeX7GtjDDOE2eRX/r65zsT/ZD0GS
kH+iLwgSwpqd+AJitohFP5H+9pO3+IUO4YsGCyxGoVNiQrH1wL+mVtqvR4iA2y8B
lJClGp3NCCMBd9739ZNBURzVh0jTfb8ijQD2raE9TVERj3QWwmL11u1hXB/FmJr3
Ec4C6BDfQfwQhIhOGtOelKPrq+KtrpaKWnu6vtyIpRjlc5DZr8kMYQjEyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEh4H5bthrpZGxPDgkUKHgrCwnruMB8GA1UdIwQY
MBaAFFNTqahfoR/EvxVvq02NhKCOXWb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUt
NzlkOTM0ZTRhOTlhLzEvU0hnZmx1Mkd1bGtiRThPQ1JRb2VDc0xDZXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUtNzlkOTM0ZTRhOTlh
LzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFTekgAwQE
URKgMA0EAgACMAcDBQAgARqoMA0GCSqGSIb3DQEBCwUAA4IBAQAQ43Aq6PL5VcFc
ZUDePttTXhuW8ON1ZO1ZgOK2dvTIqsy1hE7VN3F9pgDaDWv6rmFXiyi8+WGzPYOH
RCmUGt5+fgJ3qLrIbL6YxOi6ETwjpfLBVdwv6KvB4BM4GpAAmDPD758q4ith1ij1
/Dkq6xbhe8PlG76Qh+Ujfqi0brkl0He6Q1YHQIA2Jz4nia/XgwGEmkmfZl/6K5TY
49TBi5tacpPUigsdOGsKX7cZUTaREUzy5QLGneG8yqSFk4YYvFhuzE/+mmXzxNqL
VE1tmeEUA/EmQQi1Bj+811EHlMxpa9HlCef+Zk0/nZA/q5/jo7xMc4/pvyZCyjS3
b9a+P5D+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:45 2024 by rpki-client on console-ams.rpki-client.org