Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/U0fFi7j7_fa8oZhTLF2EJ10xHHs.roa
File: U0fFi7j7_fa8oZhTLF2EJ10xHHs.roa (raw, json)
Hash identifier: LuOGkQlpmCCBkzGvRoWntNGsPlZR46dCJ4co9U7r1KQ=
Subject key identifier: 53:47:C5:8B:B8:FB:FD:F6:BC:A1:98:53:2C:5D:84:27:5D:31:1C:7B
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01898D4C2EADE46D093DD3B9D297FD97125A
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/U0fFi7j7_fa8oZhTLF2EJ10xHHs.roa
Signing time: Tue 25 Jul 2023 13:45:27 +0000
ROA not before: Tue 25 Jul 2023 13:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:4c:2e:ad:e4:6d:09:3d:d3:b9:d2:97:fd:97:12:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jul 25 13:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5347c58bb8fbfdf6bca198532c5d84275d311c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c9:c0:2e:92:c3:05:52:c4:d0:aa:19:e2:d0:
20:6c:b8:f7:ce:dc:c6:aa:73:4a:01:89:1d:6d:25:
1f:16:2c:40:3e:a9:2c:89:ad:ee:4f:66:70:32:a8:
f6:52:dc:5e:71:2a:d3:e5:c2:67:b3:4d:db:9a:72:
d4:b7:66:4a:1c:4a:91:26:26:67:94:8f:e9:46:ca:
a5:cd:dd:f4:46:d7:b2:f7:e2:7e:48:b0:4b:56:54:
64:1d:fd:92:a5:4c:a9:5f:90:72:2a:e4:1e:ff:b1:
ca:e1:c9:3f:2e:03:8e:1f:35:69:c0:fb:a9:b0:77:
35:bf:54:23:b4:d2:18:e9:e5:ad:90:87:ca:2e:1a:
0d:a6:67:3f:2d:31:82:03:64:10:3a:37:3e:ff:4b:
c9:59:53:6e:b0:c3:69:e4:f6:3d:d4:71:83:07:09:
7c:03:82:6f:48:ee:eb:e0:e7:ac:15:64:1c:eb:2d:
9f:0e:7f:3d:16:cd:c2:96:c3:c8:5f:1c:ea:df:25:
47:59:38:f7:3a:71:0a:df:be:15:9c:3c:ec:34:87:
d6:0e:73:10:9d:e3:c3:e3:24:f2:e7:16:14:be:1b:
ca:bf:36:42:0b:83:8e:98:c0:57:18:23:29:ca:9e:
75:bf:ca:69:52:de:60:3d:50:64:40:59:32:84:5d:
c0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:47:C5:8B:B8:FB:FD:F6:BC:A1:98:53:2C:5D:84:27:5D:31:1C:7B
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/U0fFi7j7_fa8oZhTLF2EJ10xHHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.213.174.0/24
91.213.186.0/24
91.213.200.0/24
194.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
05:56:fd:2b:bf:3c:36:37:03:18:5a:df:04:ca:1f:b7:11:50:
12:7d:b9:f8:ba:75:7f:7b:78:a3:23:7f:6a:e6:42:b0:ec:c0:
73:ec:44:2e:11:d8:be:31:30:ae:3e:9c:fb:7c:04:49:e9:df:
99:1e:2e:b4:62:82:db:0f:b3:73:76:06:40:97:80:12:0c:eb:
48:26:ff:2a:d4:40:04:ea:1c:3b:14:37:b4:10:37:85:26:d4:
2b:cb:85:43:dc:1a:85:ce:ae:66:bb:87:5c:bc:49:01:37:6d:
f1:15:fe:22:43:a3:c3:04:de:ef:2b:76:a7:7d:90:2d:e0:3c:
d6:a7:3a:85:e1:9e:70:c1:32:c8:c6:fe:5b:f7:e0:4d:53:9c:
27:5e:25:01:c0:36:7f:a3:db:4d:1c:38:f1:0e:32:43:a9:b1:
fe:0d:9c:e8:50:ac:ed:5b:58:12:7e:69:39:2d:ed:fc:9d:ba:
f9:ca:a5:71:4f:bd:89:3d:10:cf:6f:38:11:f5:16:7d:94:0a:
8a:c1:4d:e5:f6:90:9e:fa:26:6b:dd:8b:7d:b5:05:fc:d4:38:
bd:ff:fa:e5:ab:f6:41:70:6c:dd:7b:86:d0:ed:83:2a:fc:1d:
39:d0:77:f3:55:61:25:ca:4e:39:80:13:49:ed:d3:1c:54:b5:
5d:b5:d0:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmNTC6t5G0JPdO50pf9lxJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNzI1MTM0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ3YzU4YmI4ZmJmZGY2YmNhMTk4NTMyYzVkODQyNzVkMzExYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsnALpLDBVLE0KoZ4tAgbLj3ztzG
qnNKAYkdbSUfFixAPqksia3uT2ZwMqj2UtxecSrT5cJns03bmnLUt2ZKHEqRJiZn
lI/pRsqlzd30Rtey9+J+SLBLVlRkHf2SpUypX5ByKuQe/7HK4ck/LgOOHzVpwPup
sHc1v1QjtNIY6eWtkIfKLhoNpmc/LTGCA2QQOjc+/0vJWVNusMNp5PY91HGDBwl8
A4JvSO7r4OesFWQc6y2fDn89Fs3ClsPIXxzq3yVHWTj3OnEK374VnDzsNIfWDnMQ
nePD4yTy5xYUvhvKvzZCC4OOmMBXGCMpyp51v8ppUt5gPVBkQFkyhF3APwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFNHxYu4+/32vKGYUyxdhCddMRx7MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvVTBmRmk3ajdfZmE4b1poVExGMkVKMTB4SEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZbFAwQA
W9WuAwQAW9W6AwQAW9XIAwQAwpyXMA0GCSqGSIb3DQEBCwUAA4IBAQAFVv0rvzw2
NwMYWt8Eyh+3EVASfbn4unV/e3ijI39q5kKw7MBz7EQuEdi+MTCuPpz7fARJ6d+Z
Hi60YoLbD7NzdgZAl4ASDOtIJv8q1EAE6hw7FDe0EDeFJtQry4VD3BqFzq5mu4dc
vEkBN23xFf4iQ6PDBN7vK3anfZAt4DzWpzqF4Z5wwTLIxv5b9+BNU5wnXiUBwDZ/
o9tNHDjxDjJDqbH+DZzoUKztW1gSfmk5Le38nbr5yqVxT72JPRDPbzgR9RZ9lAqK
wU3l9pCe+iZr3Yt9tQX81Di9//rlq/ZBcGzde4bQ7YMq/B050HfzVWElyk45gBNJ
7dMcVLVdtdBQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org