Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/U_-YK5HoWv_-FWLI2r72Gu9jJFE.roa
File: U_-YK5HoWv_-FWLI2r72Gu9jJFE.roa (raw, json)
Hash identifier: 0Ca6efuJsGJ1wHP3ffHatCoGwCdtsUHuAoqTJDqLrGI=
Subject key identifier: 53:FF:98:2B:91:E8:5A:FF:FE:15:62:C8:DA:BE:F6:1A:EF:63:24:51
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 0187FA55E93CF07001465F5404F31982498E
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/U_-YK5HoWv_-FWLI2r72Gu9jJFE.roa
Signing time: Mon 08 May 2023 07:49:06 +0000
ROA not before: Mon 08 May 2023 07:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58024
IP address blocks: 77.105.145.0/24 maxlen: 24
84.54.46.0/24 maxlen: 24
77.105.165.0/24 maxlen: 24
176.113.112.0/24 maxlen: 24
176.113.112.0/23 maxlen: 23
176.113.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:55:e9:3c:f0:70:01:46:5f:54:04:f3:19:82:49:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: May 8 07:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ff982b91e85afffe1562c8dabef61aef632451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:bb:24:32:c0:b7:c3:a6:f1:20:69:81:b3:
75:06:a7:09:fe:3d:5f:a5:14:f7:47:17:16:4f:58:
01:73:c0:2f:3a:16:b7:61:fd:ef:77:c3:95:d1:c8:
22:ca:1a:67:c4:a3:7b:ce:44:0f:4a:a0:01:c7:32:
cd:c8:dc:2e:85:e6:0c:ad:e1:62:53:4a:b9:07:4e:
de:8f:1b:95:b3:00:66:bf:73:cc:8e:c2:e1:32:f8:
fb:70:c3:bb:ed:19:23:65:d5:ad:14:0d:72:3c:63:
5f:b9:e4:04:a4:a3:8c:3e:5e:86:9c:95:72:cd:e9:
85:2f:48:3c:6c:cc:52:3c:a9:4e:e0:46:b2:84:cf:
0f:24:40:50:65:6f:9e:0d:af:13:ee:01:6a:89:f8:
34:59:0c:8e:ba:1d:e3:76:9b:d8:cc:e0:33:63:db:
b2:fb:90:f9:c2:68:6f:7c:0b:d9:a3:fb:31:8a:7d:
33:76:a5:9c:bd:f5:ac:3d:80:22:23:51:0e:ed:5e:
3d:28:40:07:a8:e5:78:11:c6:4f:b3:d6:af:36:51:
d2:84:56:d0:d2:ef:dd:7e:20:73:59:0f:9e:8a:40:
49:10:58:69:36:aa:50:3d:f5:b4:11:35:e0:30:9f:
59:e9:44:99:e4:08:b4:c5:9c:cd:a4:9c:d3:be:97:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FF:98:2B:91:E8:5A:FF:FE:15:62:C8:DA:BE:F6:1A:EF:63:24:51
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/U_-YK5HoWv_-FWLI2r72Gu9jJFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.145.0/24
77.105.165.0/24
84.54.46.0/24
176.113.112.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:cc:70:3c:2d:20:81:61:f6:bc:de:78:bf:42:db:71:5a:62:
f8:f0:20:88:d0:be:b1:34:ab:ef:17:b2:7f:e8:f3:e7:dc:96:
5a:0c:7c:75:9f:a9:0a:35:1b:fc:3e:8c:db:4a:53:ff:c6:ce:
ec:f2:20:2e:f2:cb:01:17:69:9e:0f:bc:9a:2a:27:f6:2a:8d:
48:6c:2f:c5:2c:99:55:d1:db:16:92:c0:1f:1d:f6:33:96:68:
fc:a8:96:5b:9d:80:d4:ca:b8:08:c6:57:80:39:b3:49:74:75:
4d:6f:18:df:bf:3f:45:3c:45:a5:3e:cb:64:3c:34:59:3f:1b:
d4:cd:34:05:41:9c:c1:9a:45:e0:45:03:dc:f8:d8:1e:1b:65:
f6:70:4a:96:fa:94:9d:64:c2:9b:4a:27:8d:94:55:7c:e5:ac:
a0:83:d5:3d:66:dc:27:99:58:26:e8:33:10:d3:5e:0b:58:88:
df:d8:ce:2b:06:13:93:51:3e:6a:a6:6b:f7:d9:6f:0c:04:d9:
cf:c5:5b:d2:15:a8:db:eb:f4:6f:0f:4c:42:82:56:d6:c6:08:
a5:8b:1f:61:6b:f4:30:2b:e8:82:a3:b7:98:b2:41:e9:7f:8b:
13:0c:ae:d9:ad:64:52:65:92:3b:ec:38:5f:b1:fa:07:c1:97:
a3:2c:3a:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf6Vek88HABRl9UBPMZgkmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMwNTA4MDc0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZmOTgyYjkxZTg1YWZmZmUxNTYyYzhkYWJlZjYxYWVmNjMyNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbW7JDLAt8Om8SBpgbN1BqcJ/j1f
pRT3RxcWT1gBc8AvOha3Yf3vd8OV0cgiyhpnxKN7zkQPSqABxzLNyNwuheYMreFi
U0q5B07ejxuVswBmv3PMjsLhMvj7cMO77RkjZdWtFA1yPGNfueQEpKOMPl6GnJVy
zemFL0g8bMxSPKlO4EayhM8PJEBQZW+eDa8T7gFqifg0WQyOuh3jdpvYzOAzY9uy
+5D5wmhvfAvZo/sxin0zdqWcvfWsPYAiI1EO7V49KEAHqOV4EcZPs9avNlHShFbQ
0u/dfiBzWQ+eikBJEFhpNqpQPfW0ETXgMJ9Z6USZ5Ai0xZzNpJzTvpdq2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFP/mCuR6Fr//hViyNq+9hrvYyRRMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvVV8tWUs1SG9Xdl8tRldMSTJyNzJHdTlqSkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWmRAwQA
TWmlAwQAVDYuAwQBsHFwMA0GCSqGSIb3DQEBCwUAA4IBAQANzHA8LSCBYfa83ni/
QttxWmL48CCI0L6xNKvvF7J/6PPn3JZaDHx1n6kKNRv8PozbSlP/xs7s8iAu8ssB
F2meD7yaKif2Ko1IbC/FLJlV0dsWksAfHfYzlmj8qJZbnYDUyrgIxleAObNJdHVN
bxjfvz9FPEWlPstkPDRZPxvUzTQFQZzBmkXgRQPc+NgeG2X2cEqW+pSdZMKbSieN
lFV85aygg9U9ZtwnmVgm6DMQ014LWIjf2M4rBhOTUT5qpmv32W8MBNnPxVvSFajb
6/RvD0xCglbWxgilix9ha/QwK+iCo7eYskHpf4sTDK7ZrWRSZZI77DhfsfoHwZej
LDqW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:28 2024 by rpki-client on console-fra.rpki-client.org