Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/uMlnynd23NOVM-TYCXPHC5LEbL8.roa
File: uMlnynd23NOVM-TYCXPHC5LEbL8.roa (raw, json)
Hash identifier: iGOVmWx9Rh4mFiRpwr8f7LHRoObBe8FbCdA5S1Cz81E=
Subject key identifier: B8:C9:67:CA:77:76:DC:D3:95:33:E4:D8:09:73:C7:0B:92:C4:6C:BF
Certificate issuer: /CN=d481a627017d1a06cedd0b48e4fc6fcff586dd94
Certificate serial: 01857169A789299370C97C58BC388A256CBD
Authority key identifier: D4:81:A6:27:01:7D:1A:06:CE:DD:0B:48:E4:FC:6F:CF:F5:86:DD:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/uMlnynd23NOVM-TYCXPHC5LEbL8.roa
Signing time: Mon 02 Jan 2023 07:37:07 +0000
ROA not before: Mon 02 Jan 2023 07:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211327
IP address blocks: 93.180.134.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a7:89:29:93:70:c9:7c:58:bc:38:8a:25:6c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d481a627017d1a06cedd0b48e4fc6fcff586dd94
Validity
Not Before: Jan 2 07:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8c967ca7776dcd39533e4d80973c70b92c46cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ff:44:56:dc:1d:24:98:d2:d9:f7:8a:6a:35:
58:58:aa:d8:0f:11:be:77:49:30:92:26:4e:03:95:
00:c1:3d:a6:16:91:1c:b2:7a:92:0b:e2:06:0a:69:
20:bd:4b:ab:00:6f:c3:0b:fc:4e:bd:94:71:c8:0a:
0b:d5:54:4e:f3:35:de:fb:22:6f:cf:57:b9:5c:c5:
fa:89:95:8f:78:da:7c:f9:80:5f:27:0c:fd:4e:f6:
cb:b3:e3:96:9f:32:08:27:23:23:d9:af:fc:33:b3:
49:7e:6e:15:ed:f6:15:12:9f:b0:25:50:1b:02:f9:
10:3a:28:70:36:b1:aa:95:a5:e4:b7:d1:57:24:4a:
d6:99:e4:c5:a3:23:72:e2:ae:d2:9a:a7:43:bf:de:
a1:8c:f2:37:3c:d8:e0:b6:de:e9:ca:31:80:e8:67:
c8:8d:5f:b9:3f:8e:e1:22:16:db:46:81:3d:44:59:
b1:30:4c:65:e6:31:99:69:5a:dd:08:7a:04:72:60:
6e:75:52:48:b0:c0:9a:7d:92:7f:05:07:07:b6:cd:
97:28:ad:0b:92:e9:0b:35:5d:73:20:d6:03:29:36:
e3:c4:31:41:63:55:fa:ee:cc:45:e5:07:70:d5:7a:
73:23:f3:13:af:3b:09:d0:98:a5:f5:25:d6:a3:44:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C9:67:CA:77:76:DC:D3:95:33:E4:D8:09:73:C7:0B:92:C4:6C:BF
X509v3 Authority Key Identifier:
keyid:D4:81:A6:27:01:7D:1A:06:CE:DD:0B:48:E4:FC:6F:CF:F5:86:DD:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/uMlnynd23NOVM-TYCXPHC5LEbL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ff63d8-feca-43cd-904d-72b32d951953/1/1IGmJwF9GgbO3QtI5Pxvz_WG3ZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.134.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d4:11:13:c9:2f:ab:22:fd:4e:f2:15:b1:db:c9:d4:96:a1:
a2:c6:64:be:e0:c1:04:cb:f8:0a:94:d4:6e:19:13:6a:86:7a:
9c:60:29:46:81:51:31:26:d7:a3:1b:34:d5:74:ff:77:df:66:
8f:3f:ef:17:e3:79:3b:fe:14:03:9f:c9:dc:17:4c:26:12:ce:
7e:6c:92:c7:b0:c6:69:45:a8:da:0b:6f:b1:1e:0c:c3:c1:cc:
eb:8e:4b:d6:b1:63:a0:d7:21:14:e6:10:71:af:e5:24:71:c1:
be:f7:40:61:64:30:fc:13:ed:ce:44:d9:94:f7:94:0b:28:89:
b2:fc:cb:42:0c:9c:14:68:b6:25:31:6a:cc:0d:be:85:5e:c7:
41:84:7f:2e:b8:7c:bf:a8:04:4d:b7:ee:20:89:e3:f9:38:2a:
de:a2:1b:b7:9f:78:14:77:59:cc:ed:46:01:62:d8:b3:ee:56:
6f:16:e5:54:4f:cc:8e:23:5c:43:18:6b:49:4f:cd:a1:09:56:
ab:64:d3:ce:d1:02:6e:a6:51:15:67:7b:39:ec:f3:90:8d:3a:
59:f8:34:91:24:43:58:be:0d:db:22:90:68:2d:07:21:14:86:
b1:af:ba:f1:0d:d8:aa:4f:1f:b9:54:cc:54:ca:6c:de:3d:06:
4c:50:37:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaaeJKZNwyXxYvDiKJWy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODFhNjI3MDE3ZDFhMDZjZWRkMGI0OGU0ZmM2ZmNmZjU4
NmRkOTQwHhcNMjMwMTAyMDczNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM5NjdjYTc3NzZkY2QzOTUzM2U0ZDgwOTczYzcwYjkyYzQ2Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP9EVtwdJJjS2feKajVYWKrYDxG+
d0kwkiZOA5UAwT2mFpEcsnqSC+IGCmkgvUurAG/DC/xOvZRxyAoL1VRO8zXe+yJv
z1e5XMX6iZWPeNp8+YBfJwz9TvbLs+OWnzIIJyMj2a/8M7NJfm4V7fYVEp+wJVAb
AvkQOihwNrGqlaXkt9FXJErWmeTFoyNy4q7SmqdDv96hjPI3PNjgtt7pyjGA6GfI
jV+5P47hIhbbRoE9RFmxMExl5jGZaVrdCHoEcmBudVJIsMCafZJ/BQcHts2XKK0L
kukLNV1zINYDKTbjxDFBY1X67sxF5Qdw1XpzI/MTrzsJ0Jil9SXWo0QfwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjJZ8p3dtzTlTPk2AlzxwuSxGy/MB8GA1UdIwQY
MBaAFNSBpicBfRoGzt0LSOT8b8/1ht2UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlHbUp3RjlHZ2JPM1F0STVQeHZ6X1dHM1pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mZjYzZDgtZmVjYS00M2NkLTkwNGQt
NzJiMzJkOTUxOTUzLzEvdU1sbnluZDIzTk9WTS1UWUNYUEhDNUxFYkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mZjYzZDgtZmVjYS00M2NkLTkwNGQtNzJiMzJkOTUxOTUz
LzEvMUlHbUp3RjlHZ2JPM1F0STVQeHZ6X1dHM1pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbSGMA0G
CSqGSIb3DQEBCwUAA4IBAQAt1BETyS+rIv1O8hWx28nUlqGixmS+4MEEy/gKlNRu
GRNqhnqcYClGgVExJtejGzTVdP9332aPP+8X43k7/hQDn8ncF0wmEs5+bJLHsMZp
RajaC2+xHgzDwczrjkvWsWOg1yEU5hBxr+UkccG+90BhZDD8E+3ORNmU95QLKImy
/MtCDJwUaLYlMWrMDb6FXsdBhH8uuHy/qARNt+4gieP5OCreohu3n3gUd1nM7UYB
Ytiz7lZvFuVUT8yOI1xDGGtJT82hCVarZNPO0QJuplEVZ3s57POQjTpZ+DSRJENY
vg3bIpBoLQchFIaxr7rxDdiqTx+5VMxUymzePQZMUDef
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:48 2023 by rpki-client on console-fra.rpki-client.org