Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/U2oByLGn2La7oinwya2Yvewtqp4.roa
File: U2oByLGn2La7oinwya2Yvewtqp4.roa (raw, json)
Hash identifier: qN1jfpN1jQuS0cd5m4V39ah6UEoOMb5UIo8zE/7lx1I=
Subject key identifier: 53:6A:01:C8:B1:A7:D8:B6:BB:A2:29:F0:C9:AD:98:BD:EC:2D:AA:9E
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 01910317EA5E7ED986630DE05904EC58C2C5
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/U2oByLGn2La7oinwya2Yvewtqp4.roa
Signing time: Tue 30 Jul 2024 10:03:04 +0000
ROA not before: Tue 30 Jul 2024 10:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209273
IP address blocks: 212.15.80.0/24 maxlen: 24
217.145.228.0/23 maxlen: 23
217.145.228.0/24 maxlen: 24
217.145.229.0/24 maxlen: 24
217.145.230.0/24 maxlen: 24
217.145.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:17:ea:5e:7e:d9:86:63:0d:e0:59:04:ec:58:c2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Jul 30 10:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536a01c8b1a7d8b6bba229f0c9ad98bdec2daa9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:10:3d:b9:0d:08:14:65:28:0b:0b:7d:82:3d:
74:ba:25:d5:cb:3c:c4:b9:68:31:29:15:d6:10:9d:
6c:1b:72:dd:7f:54:5c:d0:8c:ba:ef:09:2d:b7:18:
42:2c:ab:f3:7a:50:08:ba:b3:3e:5c:96:1d:43:d9:
38:24:53:15:e5:df:05:cd:f8:4e:48:1f:3f:ea:15:
b3:e1:72:56:95:c3:c0:77:f7:5b:2e:57:22:a9:65:
92:c4:35:87:ae:2a:7b:97:4f:7d:d5:f6:7a:79:fa:
12:2b:f3:17:35:90:9d:b7:0b:0b:94:c5:12:f8:cb:
cf:ba:7f:b6:f3:10:ab:d3:5a:1f:4e:c7:27:e1:9f:
10:c6:d1:c3:35:1d:4b:c5:03:63:d5:99:96:dd:eb:
a3:ab:96:dc:78:67:72:c3:b4:20:66:77:f2:9c:9c:
92:b2:67:15:a7:ba:07:df:79:c0:ea:5e:0a:f9:51:
20:0d:ad:6b:a0:2e:6e:61:94:46:a4:c6:5c:bb:0b:
ad:49:8a:06:ae:de:09:43:e4:83:a0:c0:cf:47:12:
84:74:e7:72:c2:0c:b1:b2:ef:c9:72:be:96:f3:c7:
78:80:f1:07:cc:ca:0b:13:fa:70:fe:74:62:81:26:
58:e8:10:6c:26:3d:fc:ca:fe:cd:90:d0:79:f7:f5:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6A:01:C8:B1:A7:D8:B6:BB:A2:29:F0:C9:AD:98:BD:EC:2D:AA:9E
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/U2oByLGn2La7oinwya2Yvewtqp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.80.0/24
217.145.228.0/22
Signature Algorithm: sha256WithRSAEncryption
79:bc:20:d2:ee:34:cb:73:d7:f9:56:b5:19:f6:42:d4:86:c4:
9a:bb:83:3a:4e:04:ed:9a:bb:bd:9a:04:e7:bc:93:61:0d:9e:
cb:fd:1e:35:c4:21:64:33:d5:90:35:49:c5:96:ec:54:e8:45:
3c:8f:81:b0:09:1d:20:ea:a3:6c:74:49:16:e4:58:c3:eb:34:
dc:b5:24:d9:5f:77:58:52:e3:17:5f:cc:6c:56:2a:6a:09:24:
b3:3a:d4:26:0d:b5:2d:c9:37:a5:a5:e3:ac:f8:07:95:6a:c0:
7b:c2:46:aa:c7:ed:e3:b4:6f:a1:34:c4:07:89:24:d3:3e:ae:
a9:af:c3:e5:c0:ce:1d:51:20:76:e9:2f:6d:6b:68:21:bc:5a:
0d:1e:f4:c0:ab:c2:a3:f5:17:b4:3f:e2:3c:94:59:0d:43:88:
aa:f1:39:03:4b:92:0a:b4:91:48:32:b3:f1:52:ee:d6:bd:0a:
75:02:44:a5:7b:a2:73:3e:71:34:13:65:5a:5c:0b:db:6e:ea:
50:48:45:6a:0d:3b:8c:be:ef:32:4d:02:e7:79:d1:c5:87:69:
d1:bd:1c:1f:0c:b3:8c:7b:98:d6:f4:19:67:5f:f3:f7:61:87:
f2:e5:4e:69:09:f1:ec:7b:f3:db:9a:8d:bc:06:b1:c2:0d:7a:
e1:f9:18:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEDF+peftmGYw3gWQTsWMLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjQwNzMwMTAwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZhMDFjOGIxYTdkOGI2YmJhMjI5ZjBjOWFkOThiZGVjMmRhYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRA9uQ0IFGUoCwt9gj10uiXVyzzE
uWgxKRXWEJ1sG3Ldf1Rc0Iy67wkttxhCLKvzelAIurM+XJYdQ9k4JFMV5d8FzfhO
SB8/6hWz4XJWlcPAd/dbLlciqWWSxDWHrip7l0991fZ6efoSK/MXNZCdtwsLlMUS
+MvPun+28xCr01ofTscn4Z8QxtHDNR1LxQNj1ZmW3eujq5bceGdyw7QgZnfynJyS
smcVp7oH33nA6l4K+VEgDa1roC5uYZRGpMZcuwutSYoGrt4JQ+SDoMDPRxKEdOdy
wgyxsu/Jcr6W88d4gPEHzMoLE/pw/nRigSZY6BBsJj38yv7NkNB59/XnMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNqAcixp9i2u6Ip8MmtmL3sLaqeMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEvVTJvQnlMR24yTGE3b2lud3lhMll2ZXd0cXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1A9QAwQC
2ZHkMA0GCSqGSIb3DQEBCwUAA4IBAQB5vCDS7jTLc9f5VrUZ9kLUhsSau4M6TgTt
mru9mgTnvJNhDZ7L/R41xCFkM9WQNUnFluxU6EU8j4GwCR0g6qNsdEkW5FjD6zTc
tSTZX3dYUuMXX8xsVipqCSSzOtQmDbUtyTelpeOs+AeVasB7wkaqx+3jtG+hNMQH
iSTTPq6pr8PlwM4dUSB26S9ta2ghvFoNHvTAq8Kj9Re0P+I8lFkNQ4iq8TkDS5IK
tJFIMrPxUu7WvQp1AkSle6JzPnE0E2VaXAvbbupQSEVqDTuMvu8yTQLnedHFh2nR
vRwfDLOMe5jW9BlnX/P3YYfy5U5pCfHse/Pbmo28BrHCDXrh+Rg0
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:47:11 2025 by rpki-client