Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/UCB1tHhFE1HAvkNRJ2Sw4iF2p9M.roa
File: UCB1tHhFE1HAvkNRJ2Sw4iF2p9M.roa (raw, json)
Hash identifier: SGL1V1fGcSZ9T9iqikUBx7yYyX0P7TCRjZDFsjWG3+E=
Subject key identifier: 50:20:75:B4:78:45:13:51:C0:BE:43:51:27:64:B0:E2:21:76:A7:D3
Certificate issuer: /CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Certificate serial: 018CC94D66EBD68F78C2E6AAC4F317B3E274
Authority key identifier: DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/UCB1tHhFE1HAvkNRJ2Sw4iF2p9M.roa
Signing time: Tue 02 Jan 2024 08:32:22 +0000
ROA not before: Tue 02 Jan 2024 08:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 95.142.44.0/24 maxlen: 24
185.154.53.0/24 maxlen: 24
185.154.52.0/24 maxlen: 24
185.154.55.0/24 maxlen: 24
185.154.54.0/24 maxlen: 24
2a06:78c0:db::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:66:eb:d6:8f:78:c2:e6:aa:c4:f3:17:b3:e2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Validity
Not Before: Jan 2 08:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=502075b478451351c0be43512764b0e22176a7d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8d:11:63:03:c7:cb:87:e2:13:f5:fd:31:45:
39:a0:36:b4:ad:86:5b:fb:86:9c:3c:d9:46:41:ab:
62:40:30:3c:e3:dc:c3:c7:21:cd:c5:7f:9c:68:b8:
cd:65:4a:3f:87:c9:07:c6:dc:b0:c4:bc:8b:68:ad:
de:2d:d0:48:ca:27:d3:72:c8:4a:e2:fc:f3:c3:d2:
01:10:07:84:27:1f:48:83:d5:10:7c:4a:ec:a8:da:
98:93:fc:b6:61:c6:9f:c8:c3:f7:97:bd:db:b7:77:
4d:9e:b2:74:38:83:a4:37:0e:7d:d3:55:56:af:44:
ff:f8:2d:38:fd:2b:e6:75:2e:1d:b5:9c:a4:32:90:
2d:01:75:db:2c:c6:68:6c:47:71:d5:72:c7:0e:ac:
ab:b5:f6:cd:5e:fe:64:97:ed:43:bf:03:03:51:25:
69:b8:64:02:72:f0:6f:2b:5b:f2:d3:57:0a:e0:b8:
ae:c1:bb:c3:c2:b6:c6:5b:85:ae:dc:35:25:ec:6f:
cd:1c:c7:87:28:dc:24:c7:b4:b5:90:51:55:9e:f8:
da:2d:00:5f:b8:2e:e9:0e:de:70:87:27:fd:e1:65:
15:6b:59:7e:eb:f1:f7:c2:ba:64:e3:42:eb:37:8f:
68:1d:6c:e1:cd:f9:27:c7:ca:71:a2:ad:23:6c:30:
b7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:20:75:B4:78:45:13:51:C0:BE:43:51:27:64:B0:E2:21:76:A7:D3
X509v3 Authority Key Identifier:
keyid:DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/UCB1tHhFE1HAvkNRJ2Sw4iF2p9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/28jy_5j2EP6Dgw0YkY9MkDcnJBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.44.0/24
185.154.52.0/22
IPv6:
2a06:78c0:db::/48
Signature Algorithm: sha256WithRSAEncryption
71:b2:ef:bd:42:e5:8b:1e:8b:81:6e:62:ab:d1:c8:6f:35:04:
fc:48:44:df:eb:49:46:39:00:09:48:bf:d9:70:b9:f2:d8:f4:
87:b7:92:4d:21:0c:fc:c7:a4:d5:3e:72:b8:73:4b:38:6e:5a:
f4:62:af:16:5f:9b:41:f9:67:8e:36:85:b9:08:2a:14:2c:a0:
be:ed:f7:6d:fb:ab:90:76:fa:fe:3c:da:94:5c:bf:55:09:27:
9c:ef:2b:07:4f:d6:49:90:41:1b:9d:17:e1:10:df:fe:1e:58:
9d:62:6f:b1:e0:97:78:41:ae:e0:6f:6d:5d:bf:ee:fc:6a:89:
f6:b2:02:c0:a3:0a:e1:07:ef:1e:05:14:74:0d:b9:cb:ee:2c:
7a:a1:6c:22:fa:51:88:81:09:b8:f0:b2:97:7b:e5:4c:43:32:
35:69:20:c9:b6:2f:84:0a:63:b2:e9:ce:4a:ae:b5:2e:6f:64:
cc:7a:60:37:2a:9c:1e:f6:da:c6:25:3e:da:9c:29:bf:3c:e6:
71:75:18:b2:14:7e:b3:0b:08:0e:77:48:88:15:f1:8d:d3:f6:
67:b8:36:6d:bb:1d:fb:6f:0f:92:f8:19:13:ee:2c:33:ea:58:
17:63:36:d0:1b:f7:e3:3a:53:f2:d6:0c:05:b8:d5:41:21:ef:
be:db:d6:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTWbr1o94wuaqxPMXs+J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzhmMmZmOThmNjEwZmU4MzgzMGQxODkxOGY0YzkwMzcy
NzI0MTEwHhcNMjQwMTAyMDgzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDIwNzViNDc4NDUxMzUxYzBiZTQzNTEyNzY0YjBlMjIxNzZhN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhY0RYwPHy4fiE/X9MUU5oDa0rYZb
+4acPNlGQatiQDA849zDxyHNxX+caLjNZUo/h8kHxtywxLyLaK3eLdBIyifTcshK
4vzzw9IBEAeEJx9Ig9UQfErsqNqYk/y2YcafyMP3l73bt3dNnrJ0OIOkNw5901VW
r0T/+C04/SvmdS4dtZykMpAtAXXbLMZobEdx1XLHDqyrtfbNXv5kl+1DvwMDUSVp
uGQCcvBvK1vy01cK4LiuwbvDwrbGW4Wu3DUl7G/NHMeHKNwkx7S1kFFVnvjaLQBf
uC7pDt5whyf94WUVa1l+6/H3wrpk40LrN49oHWzhzfknx8pxoq0jbDC3JQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFAgdbR4RRNRwL5DUSdksOIhdqfTMB8GA1UdIwQY
MBaAFNvI8v+Y9hD+g4MNGJGPTJA3JyQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAt
ZWQzOGY2NDllMzlmLzEvVUNCMXRIaEZFMUhBdmtOUkoyU3c0aUYycDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAtZWQzOGY2NDllMzlm
LzEvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAX44sAwQC
uZo0MA8EAgACMAkDBwAqBnjAANswDQYJKoZIhvcNAQELBQADggEBAHGy771C5Yse
i4FuYqvRyG81BPxIRN/rSUY5AAlIv9lwufLY9Ie3kk0hDPzHpNU+crhzSzhuWvRi
rxZfm0H5Z442hbkIKhQsoL7t9237q5B2+v482pRcv1UJJ5zvKwdP1kmQQRudF+EQ
3/4eWJ1ib7Hgl3hBruBvbV2/7vxqifayAsCjCuEH7x4FFHQNucvuLHqhbCL6UYiB
Cbjwspd75UxDMjVpIMm2L4QKY7LpzkqutS5vZMx6YDcqnB722sYlPtqcKb885nF1
GLIUfrMLCA53SIgV8Y3T9me4Nm27HftvD5L4GRPuLDPqWBdjNtAb9+M6U/LWDAW4
1UEh777b1sw=
-----END CERTIFICATE-----
Generated at Tue Sep 17 12:46:10 2024 by rpki-client on console-fra.rpki-client.org