Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/1UIOM-RIxFZBFeOx041o_ISmt7A.roa
File: 1UIOM-RIxFZBFeOx041o_ISmt7A.roa (raw, json)
Hash identifier: A19Ttrny31Mn2qYblBHR9NyxZkUzjqsfAuYbWCohRUY=
Subject key identifier: D5:42:0E:33:E4:48:C4:56:41:15:E3:B1:D3:8D:68:FC:84:A6:B7:B0
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 01878E1AEA632EAAF4CB7B26ADE2718E0897
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/1UIOM-RIxFZBFeOx041o_ISmt7A.roa
Signing time: Mon 17 Apr 2023 07:25:41 +0000
ROA not before: Mon 17 Apr 2023 07:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 185.77.3.0/24 maxlen: 24
45.10.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:1a:ea:63:2e:aa:f4:cb:7b:26:ad:e2:71:8e:08:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Apr 17 07:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5420e33e448c4564115e3b1d38d68fc84a6b7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:44:82:4d:6a:84:e3:7a:fd:ff:09:eb:ff:f5:
e9:4f:cc:de:4d:45:9e:68:bf:ba:b7:5a:df:1d:bd:
da:92:6a:85:50:da:12:73:23:4c:74:94:6e:ed:b0:
73:58:21:5c:0e:d8:56:86:8f:b6:eb:a9:8d:c8:57:
09:0e:e7:1d:78:b4:65:71:1e:ec:14:49:08:e2:9f:
b2:22:45:77:e2:9f:e5:ed:b0:2a:fc:8b:e4:92:fd:
cf:6b:5c:55:ab:cb:47:eb:cb:2c:2b:10:93:67:74:
96:34:a8:8a:eb:23:dc:7c:c8:73:25:7b:0e:3a:77:
71:fa:fc:ab:41:2b:0f:b5:03:60:08:54:d8:0a:fa:
5d:53:e4:c7:bb:54:25:0c:af:a5:33:fd:69:ed:de:
3a:bb:f8:01:12:ed:da:be:fb:9d:36:3c:08:a2:bf:
70:00:f5:b4:8d:0e:c0:4e:00:4d:92:41:a2:7d:e7:
cb:75:f9:b0:ff:6c:bf:76:50:95:ae:e1:25:fa:f7:
04:ef:db:4e:87:81:13:16:3b:76:f8:cc:3f:ea:53:
9e:eb:22:c3:06:f8:aa:e7:86:61:60:be:26:ec:58:
58:f4:36:1c:1e:ab:2c:d4:eb:1b:3d:89:13:d4:ff:
55:ef:c9:af:ec:67:60:bd:72:07:c6:9f:6d:d5:ed:
6c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:42:0E:33:E4:48:C4:56:41:15:E3:B1:D3:8D:68:FC:84:A6:B7:B0
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/1UIOM-RIxFZBFeOx041o_ISmt7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
185.77.3.0/24
Signature Algorithm: sha256WithRSAEncryption
67:97:82:ce:24:1b:34:71:f6:c1:11:df:0c:2e:06:bb:51:74:
2b:43:9a:1e:b3:90:2d:ee:76:53:cd:ce:07:2b:74:0d:36:10:
5d:de:a3:a4:24:ee:ae:1b:82:1c:6e:8e:74:10:8a:5f:d0:42:
2a:8d:50:96:b9:8b:35:ac:00:f5:f5:4b:12:a8:b7:1e:4c:64:
34:12:80:60:39:dd:0c:c5:f9:97:39:28:bf:9d:d0:29:7f:21:
bc:ac:dc:b0:5f:85:e3:78:aa:13:bf:52:3f:45:2b:63:2c:3d:
5f:83:e3:92:4a:6f:81:27:e8:cc:e8:31:90:30:21:e7:97:94:
7d:df:ae:3d:ca:54:7c:d0:01:17:ce:2d:0d:4e:26:45:94:f0:
fc:38:28:46:e9:e7:fc:83:4b:45:4c:ed:87:1c:e9:55:22:0b:
bb:21:53:35:3b:2b:45:7a:8b:6b:e9:71:78:e5:40:d6:7b:70:
06:59:56:26:67:ee:28:35:85:bd:02:d3:35:c7:8a:3f:02:63:
11:69:12:c6:f0:40:5d:f3:1c:23:7c:36:11:20:e4:98:8f:44:
00:eb:9c:66:81:88:f0:42:3e:f9:b7:20:a2:68:53:b4:39:d1:
9b:4c:05:7a:bc:68:f0:0d:9a:38:99:66:03:0b:dc:a7:8b:a8:
e2:af:1f:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeOGupjLqr0y3smreJxjgiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjMwNDE3MDcyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQyMGUzM2U0NDhjNDU2NDExNWUzYjFkMzhkNjhmYzg0YTZiN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0SCTWqE43r9/wnr//XpT8zeTUWe
aL+6t1rfHb3akmqFUNoScyNMdJRu7bBzWCFcDthWho+266mNyFcJDucdeLRlcR7s
FEkI4p+yIkV34p/l7bAq/Ivkkv3Pa1xVq8tH68ssKxCTZ3SWNKiK6yPcfMhzJXsO
Ondx+vyrQSsPtQNgCFTYCvpdU+THu1QlDK+lM/1p7d46u/gBEu3avvudNjwIor9w
APW0jQ7ATgBNkkGifefLdfmw/2y/dlCVruEl+vcE79tOh4ETFjt2+Mw/6lOe6yLD
Bviq54ZhYL4m7FhY9DYcHqss1OsbPYkT1P9V78mv7GdgvXIHxp9t1e1s9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVCDjPkSMRWQRXjsdONaPyEprewMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvMVVJT00tUkl4RlpCRmVPeDA0MW9fSVNtdDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQo4AwQA
uU0DMA0GCSqGSIb3DQEBCwUAA4IBAQBnl4LOJBs0cfbBEd8MLga7UXQrQ5oes5At
7nZTzc4HK3QNNhBd3qOkJO6uG4Icbo50EIpf0EIqjVCWuYs1rAD19UsSqLceTGQ0
EoBgOd0MxfmXOSi/ndApfyG8rNywX4XjeKoTv1I/RStjLD1fg+OSSm+BJ+jM6DGQ
MCHnl5R93649ylR80AEXzi0NTiZFlPD8OChG6ef8g0tFTO2HHOlVIgu7IVM1OytF
eotr6XF45UDWe3AGWVYmZ+4oNYW9AtM1x4o/AmMRaRLG8EBd8xwjfDYRIOSYj0QA
65xmgYjwQj75tyCiaFO0OdGbTAV6vGjwDZo4mWYDC9yni6jirx86
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:24 2024 by rpki-client on console-ams.rpki-client.org