Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/UvqM2iU9DROr6Q6Z_dAIwLyucY8.roa
File: UvqM2iU9DROr6Q6Z_dAIwLyucY8.roa (raw, json)
Hash identifier: o3Ay3gZG28245KGX3++61VjALxCEKlpuCOPLSG8r660=
Subject key identifier: 52:FA:8C:DA:25:3D:0D:13:AB:E9:0E:99:FD:D0:08:C0:BC:AE:71:8F
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018588629BC342670F088A7321333D8849E2
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/UvqM2iU9DROr6Q6Z_dAIwLyucY8.roa
Signing time: Fri 06 Jan 2023 18:40:41 +0000
ROA not before: Fri 06 Jan 2023 18:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 194.15.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:62:9b:c3:42:67:0f:08:8a:73:21:33:3d:88:49:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 6 18:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52fa8cda253d0d13abe90e99fdd008c0bcae718f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:20:f2:a3:be:2f:16:4f:a4:6c:79:99:00:ea:
46:a3:20:88:15:61:4a:14:ab:9f:46:a5:74:0a:77:
dd:7e:fc:37:a4:ec:b5:ca:f6:4f:58:79:26:5a:10:
48:ea:d4:1f:fd:23:17:7c:1e:c9:e9:b7:c2:29:c1:
67:2b:06:31:bb:a1:2c:36:99:56:16:4e:0f:1c:15:
b5:1b:ed:19:5a:e5:c5:99:13:1f:b8:8c:5f:cb:f6:
1c:75:a8:4a:e3:32:2c:05:c5:35:60:f4:cb:05:ec:
56:21:a9:6a:7f:48:d8:f4:50:fa:2f:8b:b7:7f:81:
21:31:10:5c:39:d6:0b:1f:c2:d6:03:d4:41:e4:3a:
a0:c5:1e:8e:38:4e:df:79:1b:24:57:80:0b:c3:fc:
07:15:b1:ff:ab:87:79:6f:49:c4:21:07:30:64:82:
ed:69:a1:ea:32:dc:b5:47:28:ca:f1:3d:aa:fe:0a:
cc:49:99:eb:7e:43:4d:0c:9e:d9:b5:d3:5c:9a:cf:
98:79:aa:ab:0c:26:91:cb:85:cc:6b:a3:ba:4a:6a:
28:44:23:4e:3f:8b:11:5f:fd:f4:fa:0b:1a:6c:84:
fc:93:a3:cc:96:fa:82:b5:09:6d:b8:69:22:90:15:
ad:d9:a7:3c:d2:0d:f3:3a:bc:36:24:e4:83:ff:c6:
4c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FA:8C:DA:25:3D:0D:13:AB:E9:0E:99:FD:D0:08:C0:BC:AE:71:8F
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/UvqM2iU9DROr6Q6Z_dAIwLyucY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.154.0/24
Signature Algorithm: sha256WithRSAEncryption
65:06:a0:0c:4f:ba:0a:4e:f0:5d:84:a3:6c:22:56:ee:69:bb:
71:8f:87:08:4e:3e:9d:1e:18:0d:ec:01:8d:ad:9e:55:a2:23:
c1:1a:67:1d:4f:c9:0b:e5:3d:bc:a5:bf:d8:83:27:a8:26:1a:
16:fc:3e:a2:1e:5c:41:cc:d2:70:90:51:33:ef:47:77:6d:15:
5a:50:b4:fd:f4:ac:b6:dc:81:f7:df:7d:74:4b:fd:6d:62:5a:
f4:d7:31:9c:ac:b3:fb:39:f4:84:36:fe:b7:f1:61:6b:28:89:
21:24:f6:55:59:69:2d:fa:78:56:b2:3b:51:04:7a:de:3b:e5:
f1:fa:0e:00:d1:87:38:a6:25:6e:e1:b9:ce:ae:10:ca:6d:cc:
41:f4:1b:41:60:c2:e7:9c:f2:50:53:3d:40:e6:e7:be:9b:3d:
b6:af:17:37:71:08:d9:e9:12:48:4c:81:3d:d4:5c:ab:d2:fd:
2d:12:a5:0b:76:26:5f:bd:fa:c8:9d:72:8b:ec:4d:02:2e:8c:
2b:58:71:3e:e6:8b:6c:4f:11:2e:c3:6b:be:22:d3:67:38:1a:
52:bf:ce:b1:39:b1:0f:e1:6f:57:ed:32:e3:75:4c:ab:b2:34:
f0:7b:ab:52:86:bd:b4:8f:ab:3b:aa:4c:38:50:45:f5:1c:0a:
e5:e9:66:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWIYpvDQmcPCIpzITM9iEniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTA2MTg0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZhOGNkYTI1M2QwZDEzYWJlOTBlOTlmZGQwMDhjMGJjYWU3MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyDyo74vFk+kbHmZAOpGoyCIFWFK
FKufRqV0Cnfdfvw3pOy1yvZPWHkmWhBI6tQf/SMXfB7J6bfCKcFnKwYxu6EsNplW
Fk4PHBW1G+0ZWuXFmRMfuIxfy/YcdahK4zIsBcU1YPTLBexWIalqf0jY9FD6L4u3
f4EhMRBcOdYLH8LWA9RB5DqgxR6OOE7feRskV4ALw/wHFbH/q4d5b0nEIQcwZILt
aaHqMty1RyjK8T2q/grMSZnrfkNNDJ7ZtdNcms+YeaqrDCaRy4XMa6O6SmooRCNO
P4sRX/30+gsabIT8k6PMlvqCtQltuGkikBWt2ac80g3zOrw2JOSD/8ZMXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFL6jNolPQ0Tq+kOmf3QCMC8rnGPMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvVXZxTTJpVTlEUk9yNlE2Wl9kQUl3THl1Y1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg+aMA0G
CSqGSIb3DQEBCwUAA4IBAQBlBqAMT7oKTvBdhKNsIlbuabtxj4cITj6dHhgN7AGN
rZ5VoiPBGmcdT8kL5T28pb/YgyeoJhoW/D6iHlxBzNJwkFEz70d3bRVaULT99Ky2
3IH33310S/1tYlr01zGcrLP7OfSENv638WFrKIkhJPZVWWkt+nhWsjtRBHreO+Xx
+g4A0Yc4piVu4bnOrhDKbcxB9BtBYMLnnPJQUz1A5ue+mz22rxc3cQjZ6RJITIE9
1Fyr0v0tEqULdiZfvfrInXKL7E0CLowrWHE+5otsTxEuw2u+ItNnOBpSv86xObEP
4W9X7TLjdUyrsjTwe6tShr20j6s7qkw4UEX1HArl6WZa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org