Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UYts-OmtTUlczUPEmhZgDVuWt9g.roa
File: UYts-OmtTUlczUPEmhZgDVuWt9g.roa (raw, json)
Hash identifier: qrXWnEhPYi8uUgwY4FOKLSQ74gbkEr6oPIqKCFhXIVg=
Subject key identifier: 51:8B:6C:F8:E9:AD:4D:49:5C:CD:43:C4:9A:16:60:0D:5B:96:B7:D8
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DCA909727A7688F336A96F38ED50C
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UYts-OmtTUlczUPEmhZgDVuWt9g.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62146
IP address blocks: 213.226.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ca:90:97:27:a7:68:8f:33:6a:96:f3:8e:d5:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=518b6cf8e9ad4d495ccd43c49a16600d5b96b7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:46:b3:cd:19:32:16:1d:ac:89:ad:e4:ff:
3a:50:ac:24:1d:69:fb:d7:fa:1d:97:9d:be:c9:ef:
f5:7c:a8:88:d3:02:48:b7:a2:60:36:c7:d9:82:58:
ec:c9:b6:e1:9c:a1:f5:c3:d1:f3:5a:96:5d:5f:a0:
b4:b6:f0:dc:75:17:43:fa:f9:cc:b7:69:27:a7:76:
78:3a:7d:72:09:1c:c9:88:66:4f:23:7e:39:51:62:
b4:41:65:fc:43:73:99:f0:68:a7:59:fb:be:d7:71:
0b:2d:09:09:b7:e1:24:54:fd:65:a7:5a:76:aa:f3:
b1:7c:cd:98:06:66:a5:8e:2f:ce:43:07:97:3e:de:
5a:54:35:70:d2:ed:f0:5f:2b:44:31:7f:59:1b:4c:
fc:37:f9:0b:60:08:8d:a7:ae:a8:41:9d:ba:2f:c2:
d3:07:ea:dd:06:59:7f:09:c2:e6:a3:83:1a:d1:2a:
53:8f:08:c4:2c:32:bb:9b:ca:dd:d2:54:1b:68:ae:
c9:81:a7:10:27:ac:e3:01:34:80:0c:57:9c:a7:54:
3c:88:c3:31:c8:49:bf:9c:3f:6a:f2:07:0e:6d:11:
ed:eb:fc:dd:9b:18:78:90:e9:6e:89:fc:c2:9a:80:
c6:09:ad:84:c8:09:67:19:c1:37:1c:81:59:75:a7:
6d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8B:6C:F8:E9:AD:4D:49:5C:CD:43:C4:9A:16:60:0D:5B:96:B7:D8
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UYts-OmtTUlczUPEmhZgDVuWt9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.121.0/24
Signature Algorithm: sha256WithRSAEncryption
73:cd:5e:94:8b:84:02:b9:f8:f1:06:c1:2e:f4:db:3e:c4:8b:
a9:61:22:89:14:97:6f:f9:15:4e:6d:a3:33:56:a9:44:7d:b2:
98:50:37:5e:8c:fc:98:65:28:9b:69:25:97:01:9f:40:56:a5:
0f:20:d5:13:ca:7b:6d:8f:59:41:88:3b:e1:24:44:8a:6d:96:
ea:9b:bf:a4:f5:85:93:7e:af:3f:92:f8:99:65:5f:11:af:aa:
04:5f:df:03:ad:89:9f:50:94:3b:21:72:95:84:8c:81:0f:c5:
e7:48:76:31:b2:a5:55:d4:45:29:96:31:ba:b4:e9:07:de:6e:
5f:c2:b8:09:b3:98:fc:dd:df:ec:9e:88:08:51:60:10:d2:80:
e4:49:a4:61:a7:1b:90:4d:4a:f9:7f:ea:1f:cf:88:7c:65:05:
25:af:53:66:c9:16:3b:c6:43:b7:d5:ae:ab:16:54:76:36:10:
ff:6a:34:68:db:5c:f2:e6:95:45:13:2e:b6:43:6b:e5:5d:05:
5b:ed:34:6e:e3:c8:d8:80:c2:19:7a:0c:57:c1:5e:d3:f0:4f:
49:1f:20:94:88:a9:3b:5f:b4:a2:ca:01:e6:df:37:f6:b3:13:
f5:30:5b:03:c3:af:00:69:0a:91:28:db:b1:b4:59:66:12:10:
f4:5b:63:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcqQlyenaI8zapbzjtUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThiNmNmOGU5YWQ0ZDQ5NWNjZDQzYzQ5YTE2NjAwZDViOTZiN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKJGs80ZMhYdrImt5P86UKwkHWn7
1/odl52+ye/1fKiI0wJIt6JgNsfZgljsybbhnKH1w9HzWpZdX6C0tvDcdRdD+vnM
t2knp3Z4On1yCRzJiGZPI345UWK0QWX8Q3OZ8GinWfu+13ELLQkJt+EkVP1lp1p2
qvOxfM2YBmalji/OQweXPt5aVDVw0u3wXytEMX9ZG0z8N/kLYAiNp66oQZ26L8LT
B+rdBll/CcLmo4Ma0SpTjwjELDK7m8rd0lQbaK7JgacQJ6zjATSADFecp1Q8iMMx
yEm/nD9q8gcObRHt6/zdmxh4kOluifzCmoDGCa2EyAlnGcE3HIFZdadtmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGLbPjprU1JXM1DxJoWYA1blrfYMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvVVl0cy1PbXRUVWxjelVQRW1oWmdEVnVXdDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1eJ5MA0G
CSqGSIb3DQEBCwUAA4IBAQBzzV6Ui4QCufjxBsEu9Ns+xIupYSKJFJdv+RVObaMz
VqlEfbKYUDdejPyYZSibaSWXAZ9AVqUPINUTynttj1lBiDvhJESKbZbqm7+k9YWT
fq8/kviZZV8Rr6oEX98DrYmfUJQ7IXKVhIyBD8XnSHYxsqVV1EUpljG6tOkH3m5f
wrgJs5j83d/snogIUWAQ0oDkSaRhpxuQTUr5f+ofz4h8ZQUlr1NmyRY7xkO31a6r
FlR2NhD/ajRo21zy5pVFEy62Q2vlXQVb7TRu48jYgMIZegxXwV7T8E9JHyCUiKk7
X7SiygHm3zf2sxP1MFsDw68AaQqRKNuxtFlmEhD0W2No
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org