Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Y0ydk8C_znUGKoWFIAdWxPSk93w.roa
File: Y0ydk8C_znUGKoWFIAdWxPSk93w.roa (raw, json)
Hash identifier: ejW/Vs9549aeBKj563talhnOOyQgbItpW8WolfJVN90=
Subject key identifier: 63:4C:9D:93:C0:BF:CE:75:06:2A:85:85:20:07:56:C4:F4:A4:F7:7C
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0183C64DFBC92CAEA43794A00979E6C697E0
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Y0ydk8C_znUGKoWFIAdWxPSk93w.roa
Signing time: Tue 11 Oct 2022 09:09:03 +0000
ROA not before: Tue 11 Oct 2022 09:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 185.77.3.0/24 maxlen: 24
45.10.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:4d:fb:c9:2c:ae:a4:37:94:a0:09:79:e6:c6:97:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Oct 11 09:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634c9d93c0bfce75062a8585200756c4f4a4f77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d0:c8:1e:31:40:89:e5:00:35:91:5c:95:95:
55:06:e0:10:5c:ec:67:38:ae:22:0d:88:9c:55:c2:
5e:99:23:46:56:8b:0b:4e:a7:e1:43:b2:79:72:04:
0d:90:fd:09:bd:80:1d:a6:5c:a4:43:47:60:02:54:
cf:c8:94:a4:d2:2f:87:2b:9b:c2:2d:d3:d5:04:26:
9b:72:b9:dc:ab:1c:ba:43:30:d2:66:f3:b2:ab:9d:
cd:5a:36:61:d8:80:e4:c7:f4:5f:7d:95:f2:a8:2e:
c6:1f:a6:28:6d:79:a9:46:60:de:3d:e8:96:9c:25:
4c:d0:7d:c4:5c:e4:a0:5c:e9:4c:ea:98:43:eb:9d:
9f:4c:92:e3:b7:e1:4a:4a:4b:03:65:db:fc:96:f7:
e7:4c:9c:00:ce:80:b2:9b:fe:ea:cf:76:90:d1:f5:
a4:71:d6:72:7a:36:da:09:e3:c1:0b:4d:76:95:78:
0a:09:85:dc:81:c5:20:78:83:52:90:c3:c9:b5:dc:
f7:30:3b:40:ef:a3:a6:37:f8:c7:94:11:ec:b8:05:
21:5f:69:2c:3d:7c:dc:3b:5c:62:81:85:9c:4d:40:
73:b7:f9:43:cc:04:1c:59:1a:21:79:ee:26:c7:83:
82:e6:d5:ed:c0:be:b2:90:a2:4a:a7:c4:97:3f:f3:
d7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4C:9D:93:C0:BF:CE:75:06:2A:85:85:20:07:56:C4:F4:A4:F7:7C
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Y0ydk8C_znUGKoWFIAdWxPSk93w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
185.77.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:71:ab:ba:44:79:dc:99:a0:95:ba:a7:39:02:d3:2e:30:db:
9b:a2:03:aa:69:a1:b8:11:80:ce:e3:65:d5:e9:ba:42:c8:fc:
55:d8:5f:f1:39:a9:33:27:e1:00:22:9c:a1:cf:97:9a:a6:11:
03:7a:f7:90:0d:3f:22:71:d6:66:94:37:cf:7e:76:7c:b5:86:
a3:25:04:c1:43:7e:3e:6c:02:01:6a:1c:ee:eb:0b:3b:00:9c:
e7:50:95:37:25:ce:93:aa:3e:65:b6:29:0d:a9:6b:e7:73:12:
4b:1b:b2:2b:73:26:ce:16:c3:43:fd:f0:e8:de:4d:86:46:50:
8a:a6:8c:cc:f0:a2:77:77:18:1d:5c:11:d2:66:e5:e2:49:a9:
30:31:2f:50:4c:86:5e:1f:41:5b:ec:3d:9a:b5:72:61:71:83:
85:a4:7c:c5:3e:d9:a8:d1:c4:ec:15:2b:61:91:35:12:e3:54:
b9:3a:8f:83:79:13:c3:47:45:d0:c6:17:d9:1e:69:7b:ed:3d:
82:33:4c:7b:8b:60:d6:53:d7:0f:aa:7e:7a:40:96:6f:a9:a9:
3a:fd:02:22:7a:05:da:2b:95:f7:32:a6:4c:15:aa:d6:55:71:
26:aa:a4:90:a1:b5:c4:b7:8f:ee:3c:bc:85:a5:58:bf:6e:8e:
a1:cd:05:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPGTfvJLK6kN5SgCXnmxpfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjIxMDExMDkwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRjOWQ5M2MwYmZjZTc1MDYyYTg1ODUyMDA3NTZjNGY0YTRmNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9DIHjFAieUANZFclZVVBuAQXOxn
OK4iDYicVcJemSNGVosLTqfhQ7J5cgQNkP0JvYAdplykQ0dgAlTPyJSk0i+HK5vC
LdPVBCabcrncqxy6QzDSZvOyq53NWjZh2IDkx/RffZXyqC7GH6YobXmpRmDePeiW
nCVM0H3EXOSgXOlM6phD652fTJLjt+FKSksDZdv8lvfnTJwAzoCym/7qz3aQ0fWk
cdZyejbaCePBC012lXgKCYXcgcUgeINSkMPJtdz3MDtA76OmN/jHlBHsuAUhX2ks
PXzcO1xigYWcTUBzt/lDzAQcWRohee4mx4OC5tXtwL6ykKJKp8SXP/PXpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNMnZPAv851BiqFhSAHVsT0pPd8MB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvWTB5ZGs4Q196blVHS29XRklBZFd4UFNrOTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQo4AwQA
uU0DMA0GCSqGSIb3DQEBCwUAA4IBAQCNcau6RHncmaCVuqc5AtMuMNubogOqaaG4
EYDO42XV6bpCyPxV2F/xOakzJ+EAIpyhz5eaphEDeveQDT8icdZmlDfPfnZ8tYaj
JQTBQ34+bAIBahzu6ws7AJznUJU3Jc6Tqj5ltikNqWvncxJLG7IrcybOFsND/fDo
3k2GRlCKpozM8KJ3dxgdXBHSZuXiSakwMS9QTIZeH0Fb7D2atXJhcYOFpHzFPtmo
0cTsFSthkTUS41S5Oo+DeRPDR0XQxhfZHml77T2CM0x7i2DWU9cPqn56QJZvqak6
/QIiegXaK5X3MqZMFarWVXEmqqSQobXEt4/uPLyFpVi/bo6hzQXs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org