Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-uoFKSeIGNmm30ryg07YSg5NTkM.roa
File: 1-uoFKSeIGNmm30ryg07YSg5NTkM.roa (raw, json)
Hash identifier: vFtWmtk5hR+Ap9TUMTadVnU74uBRV/BbnHNy3dQ6JJM=
Subject key identifier: FA:EA:05:29:27:88:18:D9:A6:DF:4A:F2:83:4E:D8:4A:0E:4D:4E:43
Certificate issuer: /CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Certificate serial: 0420A1
Authority key identifier: 9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-uoFKSeIGNmm30ryg07YSg5NTkM.roa
Signing time: Thu 16 Jun 2022 12:43:46 +0000
ROA not before: Thu 16 Jun 2022 12:43:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28716
IP address blocks: 82.145.96.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 270497 (0x420a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Validity
Not Before: Jun 16 12:43:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=faea0529278818d9a6df4af2834ed84a0e4d4e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3b:91:fd:ae:a4:15:3f:d9:b3:ca:a9:ce:ab:
a2:bc:64:37:17:b0:34:cb:66:10:48:56:35:38:01:
00:af:fb:21:a8:5b:f6:9b:45:f9:f6:7a:24:12:41:
50:b2:a6:cb:67:19:96:27:39:c6:6f:9b:87:aa:e2:
1d:98:ab:8c:03:b0:cf:a0:ef:31:c3:bf:59:63:68:
8e:69:da:43:49:b9:3e:c2:38:09:71:02:33:b8:08:
cd:09:6a:e7:fb:40:75:51:ef:54:58:96:84:bc:32:
5a:e7:d5:00:1d:47:14:4e:00:71:4a:8c:3c:bf:ce:
35:cc:be:4b:ab:97:a8:10:59:2b:3f:db:a0:bd:71:
94:47:3f:70:2e:85:3b:04:2e:61:35:1b:62:c9:48:
de:69:7d:54:83:1c:bc:9c:9c:c5:d1:90:fd:43:f0:
c0:78:7d:94:3d:79:87:20:cb:c1:ef:43:06:e2:b3:
7d:45:a6:58:a4:3d:1a:21:d8:0a:18:91:7f:d0:d0:
e7:9e:00:02:7a:cb:a1:c6:55:82:b1:3f:bc:7a:a7:
7d:2a:ba:6d:c1:6b:c2:03:25:13:13:4b:3a:16:a4:
f7:cc:e2:8e:70:c3:71:66:36:38:e8:f8:05:b4:55:
b1:2f:cb:8d:3f:82:88:ca:62:c9:78:e1:bf:70:b5:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:05:29:27:88:18:D9:A6:DF:4A:F2:83:4E:D8:4A:0E:4D:4E:43
X509v3 Authority Key Identifier:
keyid:9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-uoFKSeIGNmm30ryg07YSg5NTkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.96.0/19
Signature Algorithm: sha256WithRSAEncryption
66:d2:2f:ac:5f:f9:e2:03:f5:9c:c9:28:1b:96:99:47:1a:b9:
7b:3f:c0:39:2e:cd:79:89:7e:1d:b4:58:5a:1c:88:63:ef:d9:
72:29:cb:87:92:13:59:89:f7:92:ba:99:0a:b4:60:f0:a4:ad:
20:b3:d3:02:bc:8d:fb:03:31:25:9d:33:85:68:f5:be:25:30:
79:8a:d6:52:30:97:49:cc:e6:af:3c:7c:93:b6:24:47:29:df:
f7:07:fd:aa:0c:19:22:14:0b:3e:a6:39:ef:a9:da:1e:5a:ef:
37:33:aa:ea:6b:36:21:82:a8:e3:1b:2e:17:09:f5:49:33:43:
bb:8e:51:a0:92:c4:37:b1:30:4d:7b:8a:7d:07:20:97:9c:15:
d0:04:57:ed:32:47:4e:bc:0c:e9:46:38:96:4f:a0:53:20:43:
64:a3:1d:94:de:91:77:a7:4e:f5:6a:7b:56:6d:ca:bf:be:de:
29:23:8c:c9:45:0a:b7:a4:a7:ba:44:f1:f6:b3:98:c1:f7:ae:
12:78:0e:fc:ed:11:d7:60:53:29:a7:1d:f9:7c:e8:68:ea:59:
f5:55:8d:cf:1b:b8:44:05:e9:55:07:e5:f7:1d:67:d8:6e:85:
c3:53:40:c1:2d:c4:29:14:87:eb:33:e2:ba:44:c8:d4:42:e5:
12:d5:09:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDBCChMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlj
MmNiN2Y5Y2EwZWZkNzJiZTI1OGE0YTA5MzU4ODA2Mzc0YjQ2NjIwHhcNMjIwNjE2
MTI0MzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYWVhMDUyOTI3ODgx
OGQ5YTZkZjRhZjI4MzRlZDg0YTBlNGQ0ZTQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnDuR/a6kFT/Zs8qpzquivGQ3F7A0y2YQSFY1OAEAr/shqFv2
m0X59nokEkFQsqbLZxmWJznGb5uHquIdmKuMA7DPoO8xw79ZY2iOadpDSbk+wjgJ
cQIzuAjNCWrn+0B1Ue9UWJaEvDJa59UAHUcUTgBxSow8v841zL5Lq5eoEFkrP9ug
vXGURz9wLoU7BC5hNRtiyUjeaX1Ugxy8nJzF0ZD9Q/DAeH2UPXmHIMvB70MG4rN9
RaZYpD0aIdgKGJF/0NDnngACesuhxlWCsT+8eqd9KrptwWvCAyUTE0s6FqT3zOKO
cMNxZjY46PgFtFWxL8uNP4KIymLJeOG/cLUPJwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFPrqBSkniBjZpt9K8oNO2EoOTU5DMB8GA1UdIwQYMBaAFJwst/nKDv1yviWK
Sgk1iAY3S0ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNlcjCBjgYIKwYBBQUHAQsEgYEw
fzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUtN2Y5MmMzNGViMDdjLzEv
MS11b0ZLU2VJR05tbTMwcnlnMDdZU2c1TlRrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ODZhNDI2LTU2ZWUtNDZkZC05NDI1LTdmOTJjMzRlYjA3Yy8xL25DeTMtY29PX1hL
LUpZcEtDVFdJQmpkTFJtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVKRYDANBgkqhkiG9w0BAQsFAAOC
AQEAZtIvrF/54gP1nMkoG5aZRxq5ez/AOS7NeYl+HbRYWhyIY+/ZcinLh5ITWYn3
krqZCrRg8KStILPTAryN+wMxJZ0zhWj1viUweYrWUjCXSczmrzx8k7YkRynf9wf9
qgwZIhQLPqY576naHlrvNzOq6ms2IYKo4xsuFwn1STNDu45RoJLEN7EwTXuKfQcg
l5wV0ARX7TJHTrwM6UY4lk+gUyBDZKMdlN6Rd6dO9Wp7Vm3Kv77eKSOMyUUKt6Sn
ukTx9rOYwfeuEngO/O0R12BTKacd+XzoaOpZ9VWNzxu4RAXpVQfl9x1n2G6Fw1NA
wS3EKRSH6zPiukTI1ELlEtUJGA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:12 2025 by rpki-client