Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Uwdc63gulAi6HKhGdfSTGC1ZzjE.roa
File: Uwdc63gulAi6HKhGdfSTGC1ZzjE.roa (raw, json)
Hash identifier: K27avX677uVTq1hhne+hQYwdr0CrkyTu17t+AkHLZXg=
Subject key identifier: 53:07:5C:EB:78:2E:94:08:BA:1C:A8:46:75:F4:93:18:2D:59:CE:31
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D559909C5AC9BD5D0243426E353081
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Uwdc63gulAi6HKhGdfSTGC1ZzjE.roa
Signing time: Mon 02 Jan 2023 04:55:08 +0000
ROA not before: Mon 02 Jan 2023 04:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43149
IP address blocks: 46.17.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:59:90:9c:5a:c9:bd:5d:02:43:42:6e:35:30:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53075ceb782e9408ba1ca84675f493182d59ce31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8f:03:f7:6b:b6:be:eb:85:75:b3:d3:a3:71:
8d:ea:60:9c:55:31:23:aa:7b:d1:51:12:fd:fc:b4:
d1:6f:cd:4c:a0:3d:a4:60:95:d6:89:35:bf:9e:cb:
f7:06:f9:45:93:71:7e:87:25:ec:c6:d6:a8:82:0f:
63:40:a1:bf:ce:09:87:97:5a:01:52:86:e5:ff:2f:
46:ea:9d:43:09:41:83:b6:c4:25:68:9b:29:4d:60:
0d:4f:97:a1:12:95:dc:81:be:4b:f5:33:7d:fd:17:
2b:30:78:8a:83:6d:3b:63:0f:0e:96:ab:7b:e9:3f:
33:96:09:6d:2a:01:63:b4:34:54:3c:8e:28:36:66:
62:89:4f:26:23:37:fc:8f:83:ff:b8:07:71:d0:5c:
68:4f:b4:46:b9:73:3d:f7:e4:86:40:a4:cd:f7:fc:
22:bf:29:7e:a8:34:ad:e0:6e:ee:2c:9d:3a:be:1f:
93:c7:9f:85:ff:25:5e:7f:da:32:04:6a:67:53:1d:
c7:5c:33:92:55:3b:eb:17:39:77:03:ea:9d:7a:e4:
a9:1d:de:a5:19:94:2b:64:a8:38:20:29:53:94:d0:
29:b1:9a:d5:f5:bf:81:4e:8c:95:59:8f:7b:1d:cc:
49:76:bb:ff:13:ee:99:d6:ce:81:6a:5e:f0:6b:44:
84:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:07:5C:EB:78:2E:94:08:BA:1C:A8:46:75:F4:93:18:2D:59:CE:31
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Uwdc63gulAi6HKhGdfSTGC1ZzjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:df:64:dc:7d:03:8c:36:1a:48:fe:91:cf:88:bb:bd:0e:6b:
f5:b0:a8:57:f4:18:b4:dc:9d:d2:d5:eb:fa:6f:a6:36:24:7e:
02:e0:ab:1d:ef:9e:89:36:42:80:cc:94:88:a5:4b:fa:ae:c9:
ae:86:90:02:97:aa:2b:4f:1f:5b:3a:2a:4e:e5:d4:35:01:ea:
d5:5a:5c:2d:01:17:e1:16:ba:1c:8b:4a:6c:ce:06:de:2b:ff:
e1:c3:49:58:60:9c:9d:a2:70:2e:fb:a0:f7:35:ec:fd:83:09:
80:7e:e6:80:db:78:d0:fe:cb:e6:f3:de:12:d5:cc:c6:36:01:
86:f3:f5:af:d4:9a:9f:11:a3:4f:79:2f:45:b1:ca:e8:aa:5a:
c5:2c:e2:79:db:d1:e7:85:71:f1:53:d7:87:09:fe:be:6b:e4:
22:07:11:c0:cd:71:23:53:77:2c:ff:9d:7d:0a:9e:07:99:d0:
27:3f:d1:79:93:fa:78:ba:3d:21:b1:53:0d:86:1f:28:fe:7c:
9f:cc:a3:5a:6f:19:b3:f9:38:ad:21:6a:d1:e6:ac:b3:c1:1f:
55:a2:92:a7:1c:16:f2:4c:63:1b:88:e8:88:4a:24:b2:c9:c5:
49:0b:95:90:cc:33:bb:26:a9:dd:72:57:2d:77:77:5a:9e:58:
42:a0:b8:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1VmQnFrJvV0CQ0JuNTCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA3NWNlYjc4MmU5NDA4YmExY2E4NDY3NWY0OTMxODJkNTljZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI8D92u2vuuFdbPTo3GN6mCcVTEj
qnvRURL9/LTRb81MoD2kYJXWiTW/nsv3BvlFk3F+hyXsxtaogg9jQKG/zgmHl1oB
Uobl/y9G6p1DCUGDtsQlaJspTWANT5ehEpXcgb5L9TN9/RcrMHiKg207Yw8Olqt7
6T8zlgltKgFjtDRUPI4oNmZiiU8mIzf8j4P/uAdx0FxoT7RGuXM99+SGQKTN9/wi
vyl+qDSt4G7uLJ06vh+Tx5+F/yVef9oyBGpnUx3HXDOSVTvrFzl3A+qdeuSpHd6l
GZQrZKg4IClTlNApsZrV9b+BToyVWY97HcxJdrv/E+6Z1s6Bal7wa0SEjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMHXOt4LpQIuhyoRnX0kxgtWc4xMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVXdkYzYzZ3VsQWk2SEtoR2RmU1RHQzFaempFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhH7MA0G
CSqGSIb3DQEBCwUAA4IBAQBt32TcfQOMNhpI/pHPiLu9Dmv1sKhX9Bi03J3S1ev6
b6Y2JH4C4Ksd756JNkKAzJSIpUv6rsmuhpACl6orTx9bOipO5dQ1AerVWlwtARfh
Froci0pszgbeK//hw0lYYJydonAu+6D3Nez9gwmAfuaA23jQ/svm894S1czGNgGG
8/Wv1JqfEaNPeS9FscroqlrFLOJ529HnhXHxU9eHCf6+a+QiBxHAzXEjU3cs/519
Cp4HmdAnP9F5k/p4uj0hsVMNhh8o/nyfzKNabxmz+TitIWrR5qyzwR9VopKnHBby
TGMbiOiISiSyycVJC5WQzDO7Jqndclctd3danlhCoLiF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org