Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/UgDXY6Io6s0mlFotwAZH1JTFlAY.roa
File: UgDXY6Io6s0mlFotwAZH1JTFlAY.roa (raw, json)
Hash identifier: CyS0mzuXy/Pd0/ZvBIAwuPjkzVKhf3lw9vyJxLLLd20=
Subject key identifier: 52:00:D7:63:A2:28:EA:CD:26:94:5A:2D:C0:06:47:D4:94:C5:94:06
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0187223DA008E272EF0924C4223A80A10F5F
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/UgDXY6Io6s0mlFotwAZH1JTFlAY.roa
Signing time: Mon 27 Mar 2023 08:44:36 +0000
ROA not before: Mon 27 Mar 2023 08:44:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 217.144.55.0/24 maxlen: 24
217.144.52.0/24 maxlen: 24
217.144.57.0/24 maxlen: 24
217.144.58.0/24 maxlen: 24
185.63.17.0/24 maxlen: 24
185.63.18.0/24 maxlen: 24
185.63.19.0/24 maxlen: 24
84.21.4.0/24 maxlen: 24
84.21.12.0/24 maxlen: 24
84.21.13.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:3d:a0:08:e2:72:ef:09:24:c4:22:3a:80:a1:0f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 27 08:44:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5200d763a228eacd26945a2dc00647d494c59406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:08:7e:ae:72:c0:df:fc:c2:41:71:2b:d8:
88:5c:61:7b:b8:a5:f7:c3:55:a3:12:10:f6:58:55:
32:5e:e2:a8:7b:5e:45:2e:17:d5:20:a5:6b:3a:38:
ad:36:13:36:fa:61:6f:d7:56:9c:09:18:a5:02:ff:
9a:9c:79:64:61:8d:4a:2a:c4:b0:19:17:2d:f5:01:
20:35:e6:6f:a8:59:72:49:62:2d:77:30:db:96:02:
29:79:8d:a3:df:5d:b7:6e:f0:82:12:42:e5:55:de:
23:54:39:c1:7e:8c:d9:12:b3:e6:65:35:1c:e9:ad:
00:e4:af:aa:07:88:9e:e6:70:bc:73:f3:2e:12:98:
85:c4:c7:6b:ce:ef:57:17:b2:84:e2:3d:47:70:f6:
72:b1:ad:7b:87:bb:f2:b2:de:16:5e:c5:dd:c8:65:
7d:f2:04:1f:ba:9b:52:44:e3:bf:77:20:ef:c6:b5:
20:ef:2f:a8:f0:af:37:b6:3d:5a:9b:af:98:c7:f2:
03:24:0d:7d:ce:6e:25:5d:e1:ee:52:39:4d:dd:c0:
17:3d:de:fc:2f:30:f7:ab:fc:88:59:85:be:66:cb:
17:31:8d:23:05:81:e7:07:fc:90:f3:29:70:11:44:
67:1f:62:21:da:31:06:3c:ec:9a:73:8b:3f:51:1d:
17:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:00:D7:63:A2:28:EA:CD:26:94:5A:2D:C0:06:47:D4:94:C5:94:06
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/UgDXY6Io6s0mlFotwAZH1JTFlAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.4.0/24
84.21.12.0/23
185.63.17.0-185.63.19.255
217.144.52.0/24
217.144.55.0/24
217.144.57.0-217.144.58.255
Signature Algorithm: sha256WithRSAEncryption
3b:d6:cf:38:71:38:f8:89:11:96:3f:ed:e3:3c:df:a5:7a:4c:
e6:88:8f:bf:e6:44:50:50:39:ad:a3:e4:e4:a1:57:db:dd:19:
e1:17:47:0d:64:a0:87:47:5c:fa:b2:83:a3:b0:b0:5c:60:03:
0d:74:64:fd:51:ac:75:7b:23:db:f1:89:21:b3:ed:fa:c1:22:
61:74:39:3b:f9:ad:fa:46:13:cb:39:48:27:99:76:1d:12:6c:
77:46:7f:98:b7:cc:7a:87:af:3f:ab:28:6c:df:4f:74:34:0e:
47:0a:15:1e:02:4b:13:ee:b7:3e:1a:8c:92:ad:f8:2f:15:25:
87:fb:1c:95:ec:cb:1c:ed:66:6e:fa:ab:c6:92:79:47:55:09:
1d:36:fc:b0:b3:f2:64:a6:f4:0a:d0:49:27:cf:4a:68:2f:a9:
20:54:32:00:c4:5f:27:48:8f:df:c5:b9:21:ce:de:46:e1:8d:
47:b8:4f:e4:c6:c2:f0:f6:3b:a8:81:34:6e:9f:67:40:4b:93:
96:da:cb:06:37:ba:47:64:36:d2:39:1a:e4:37:e6:62:4a:5f:
9c:91:84:a0:b8:3f:3a:ec:de:29:57:ef:77:f6:5c:9b:6b:55:
12:dd:e6:6c:7c:c3:b5:58:7f:5a:e8:48:9a:66:6a:fe:3b:28:
ec:4e:79:c4
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYciPaAI4nLvCSTEIjqAoQ9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMwMzI3MDg0NDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAwZDc2M2EyMjhlYWNkMjY5NDVhMmRjMDA2NDdkNDk0YzU5NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNgIfq5ywN/8wkFxK9iIXGF7uKX3
w1WjEhD2WFUyXuKoe15FLhfVIKVrOjitNhM2+mFv11acCRilAv+anHlkYY1KKsSw
GRct9QEgNeZvqFlySWItdzDblgIpeY2j3123bvCCEkLlVd4jVDnBfozZErPmZTUc
6a0A5K+qB4ie5nC8c/MuEpiFxMdrzu9XF7KE4j1HcPZysa17h7vyst4WXsXdyGV9
8gQfuptSROO/dyDvxrUg7y+o8K83tj1am6+Yx/IDJA19zm4lXeHuUjlN3cAXPd78
LzD3q/yIWYW+ZssXMY0jBYHnB/yQ8ylwEURnH2Ih2jEGPOyac4s/UR0XgwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFIA12OiKOrNJpRaLcAGR9SUxZQGMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvVWdEWFk2SW82czBtbEZvdHdBWkgxSlRGbEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAVBUEAwQB
VBUMMAwDBAC5PxEDBAK5PxADBADZkDQDBADZkDcwDAMEANmQOQMEANmQOjANBgkq
hkiG9w0BAQsFAAOCAQEAO9bPOHE4+IkRlj/t4zzfpXpM5oiPv+ZEUFA5raPk5KFX
290Z4RdHDWSgh0dc+rKDo7CwXGADDXRk/VGsdXsj2/GJIbPt+sEiYXQ5O/mt+kYT
yzlIJ5l2HRJsd0Z/mLfMeoevP6sobN9PdDQORwoVHgJLE+63PhqMkq34LxUlh/sc
lezLHO1mbvqrxpJ5R1UJHTb8sLPyZKb0CtBJJ89KaC+pIFQyAMRfJ0iP38W5Ic7e
RuGNR7hP5MbC8PY7qIE0bp9nQEuTltrLBje6R2Q20jka5DfmYkpfnJGEoLg/Ouze
KVfvd/Zcm2tVEt3mbHzDtVh/WuhImmZq/jso7E55xA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:30:22 2025 by rpki-client