Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/uBiT8BHIyVsgocvB-lkhv_3Ja14.roa
File: uBiT8BHIyVsgocvB-lkhv_3Ja14.roa (raw, json)
Hash identifier: wGXUqkGbpZGBvRzvPW2dachen7i0OhH0uf/D6d1CLxE=
Subject key identifier: B8:18:93:F0:11:C8:C9:5B:20:A1:CB:C1:FA:59:21:BF:FD:C9:6B:5E
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 01857195694D65EC3659478DA017253BBD3E
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/uBiT8BHIyVsgocvB-lkhv_3Ja14.roa
Signing time: Mon 02 Jan 2023 08:24:55 +0000
ROA not before: Mon 02 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13127
IP address blocks: 145.83.1.0/24 maxlen: 24
145.83.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:69:4d:65:ec:36:59:47:8d:a0:17:25:3b:bd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b81893f011c8c95b20a1cbc1fa5921bffdc96b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:df:de:62:b2:3f:54:2d:e4:7f:1c:5a:73:
da:cb:fb:8f:a6:3b:55:6f:08:2e:ad:3c:13:69:2b:
3e:82:0a:e6:45:05:59:20:6c:5f:2d:da:1b:78:66:
08:05:9d:3c:66:5a:31:10:1c:8c:46:21:e9:13:a6:
cd:25:51:7f:c8:c5:fd:ea:71:1f:12:7f:c0:d4:97:
f8:dd:4f:30:69:88:c6:6e:94:91:85:f8:c3:f1:c4:
4a:3d:60:53:79:5f:36:ef:6b:25:50:bf:5b:27:2e:
d0:90:0f:49:ab:de:4f:95:53:24:a0:9c:15:b2:29:
22:77:db:82:97:9d:aa:60:2e:8c:09:23:63:06:3e:
f7:80:3a:8a:31:2d:66:30:10:22:6c:86:58:6d:d5:
5d:5f:e0:11:b4:d1:c2:96:bd:39:50:7b:09:08:99:
03:41:8c:c4:a3:1b:02:35:f8:14:4d:ab:8f:91:a6:
83:96:57:59:da:a7:7e:15:b2:96:b5:97:36:0b:6f:
9f:67:94:95:93:9a:78:f7:99:8f:87:d6:3e:56:17:
33:df:4f:86:de:01:6e:64:89:a4:27:d5:ca:ea:d3:
00:a6:fa:33:6e:b4:c8:b6:3b:91:90:df:91:3e:9b:
68:52:7e:7a:7d:5b:62:ac:10:c5:53:8d:71:52:66:
18:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:18:93:F0:11:C8:C9:5B:20:A1:CB:C1:FA:59:21:BF:FD:C9:6B:5E
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/uBiT8BHIyVsgocvB-lkhv_3Ja14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.83.1.0-145.83.2.255
Signature Algorithm: sha256WithRSAEncryption
4a:24:fe:b4:d3:c6:32:2a:04:ae:32:31:13:ed:13:32:31:f0:
8d:1e:01:b7:48:bd:f2:8c:74:e2:fa:dd:38:41:b3:8b:39:b9:
82:29:7c:eb:24:e6:6f:e3:9c:1e:69:f1:49:81:69:f5:c9:a0:
86:77:63:25:ac:5e:9b:76:42:74:79:65:7b:c1:ef:13:f6:25:
a7:33:33:e7:ea:ee:b0:3c:e1:03:c4:da:9a:aa:f6:21:53:d3:
7a:d2:60:40:e6:a5:96:e3:cc:b2:22:04:5b:90:75:e9:a2:71:
55:30:8c:28:c3:c6:b9:a0:5c:cb:e4:4f:29:32:63:93:e3:1e:
8f:a1:5b:7d:05:20:62:65:f3:21:74:ce:e5:95:d6:ee:3c:b2:
88:ce:87:37:65:f1:00:e4:2c:e6:e7:6b:fd:20:4a:ff:68:3b:
db:7f:fd:73:eb:1c:b2:0a:10:d3:3f:d6:90:4c:a2:89:fa:32:
58:bc:9b:d6:9d:fe:5e:40:c7:83:e8:ab:1c:85:1f:5c:a7:fb:
26:62:8c:ed:a5:c1:53:6f:e1:41:3c:ef:53:a4:db:a3:f9:6f:
39:26:18:9d:23:d1:9c:f8:aa:ae:e5:60:cc:f1:74:e4:00:66:
4a:1f:63:da:d5:c5:11:6a:13:ce:6e:6c:c4:14:1a:d5:01:c2:
82:7a:19:3d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxlWlNZew2WUeNoBclO70+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE4OTNmMDExYzhjOTViMjBhMWNiYzFmYTU5MjFiZmZkYzk2YjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3/f3mKyP1Qt5H8cWnPay/uPpjtV
bwgurTwTaSs+ggrmRQVZIGxfLdobeGYIBZ08ZloxEByMRiHpE6bNJVF/yMX96nEf
En/A1Jf43U8waYjGbpSRhfjD8cRKPWBTeV8272slUL9bJy7QkA9Jq95PlVMkoJwV
sikid9uCl52qYC6MCSNjBj73gDqKMS1mMBAibIZYbdVdX+ARtNHClr05UHsJCJkD
QYzEoxsCNfgUTauPkaaDlldZ2qd+FbKWtZc2C2+fZ5SVk5p495mPh9Y+Vhcz30+G
3gFuZImkJ9XK6tMApvozbrTItjuRkN+RPptoUn56fVtirBDFU41xUmYYwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLgYk/ARyMlbIKHLwfpZIb/9yWteMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvdUJpVDhCSEl5VnNnb2N2Qi1sa2h2XzNKYTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACRUwED
BACRUwIwDQYJKoZIhvcNAQELBQADggEBAEok/rTTxjIqBK4yMRPtEzIx8I0eAbdI
vfKMdOL63ThBs4s5uYIpfOsk5m/jnB5p8UmBafXJoIZ3YyWsXpt2QnR5ZXvB7xP2
JaczM+fq7rA84QPE2pqq9iFT03rSYEDmpZbjzLIiBFuQdemicVUwjCjDxrmgXMvk
TykyY5PjHo+hW30FIGJl8yF0zuWV1u48sojOhzdl8QDkLObna/0gSv9oO9t//XPr
HLIKENM/1pBMoon6Mli8m9ad/l5Ax4PoqxyFH1yn+yZijO2lwVNv4UE871Ok26P5
bzkmGJ0j0Zz4qq7lYMzxdOQAZkofY9rVxRFqE85ubMQUGtUBwoJ6GT0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org