Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ufewro46JtA7zPttIXEjs3xp6qA.roa
File: Ufewro46JtA7zPttIXEjs3xp6qA.roa (raw, json)
Hash identifier: F7brvkRpJGdLu22/l9QMRgVBVjZ9wekUr1V4aSILwRs=
Subject key identifier: 51:F7:B0:AE:8E:3A:26:D0:3B:CC:FB:6D:21:71:23:B3:7C:69:EA:A0
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 018CB4E5F473C7C74A065EC977C5D418A724
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ufewro46JtA7zPttIXEjs3xp6qA.roa
Signing time: Fri 29 Dec 2023 09:26:58 +0000
ROA not before: Fri 29 Dec 2023 09:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 79.110.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:e5:f4:73:c7:c7:4a:06:5e:c9:77:c5:d4:18:a7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Dec 29 09:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51f7b0ae8e3a26d03bccfb6d217123b37c69eaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ed:24:67:cc:e1:de:7a:75:bb:19:44:01:16:
cc:81:6e:30:04:5f:0e:fc:04:32:d9:c2:ba:a6:43:
19:41:29:3f:f0:c2:75:67:b5:9a:11:3e:37:4d:8c:
6f:8a:8d:ca:22:a5:f3:4e:de:a7:36:09:67:d0:96:
b4:59:5c:81:d7:96:4a:62:fd:17:9f:59:04:51:43:
d2:af:83:14:13:b9:c5:c4:7a:3e:2d:5c:fd:14:19:
89:40:ad:9a:eb:2d:97:5e:e2:b1:70:e2:5c:f5:21:
aa:f4:d8:7d:0b:8a:da:e0:96:55:1e:e5:e5:2f:53:
f1:3b:8e:5d:4e:07:64:22:5f:e7:36:22:46:e0:fe:
c7:24:8c:5b:c1:31:0b:56:bb:63:32:f7:1d:83:17:
1e:de:72:82:e2:5a:50:30:86:29:7f:47:cd:44:15:
04:9d:36:4c:27:35:1a:26:6a:c5:85:d7:ae:da:d9:
05:e9:65:4a:68:b5:bf:56:1d:ec:10:02:00:dc:e8:
5b:4d:40:46:19:f4:94:e7:71:31:c3:62:00:35:22:
f8:20:c3:41:4b:07:2d:75:5e:e0:49:b7:18:65:c9:
84:e8:21:b5:ab:37:73:4a:88:64:7d:bd:c8:52:17:
ab:bd:9d:7b:47:62:5b:66:8d:06:77:9e:9b:0e:b7:
a0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F7:B0:AE:8E:3A:26:D0:3B:CC:FB:6D:21:71:23:B3:7C:69:EA:A0
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Ufewro46JtA7zPttIXEjs3xp6qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6b:49:36:8a:2a:5a:67:98:45:8b:aa:db:43:6d:76:80:ef:
e1:b2:74:97:63:2e:1a:b0:19:0f:b1:e4:42:4a:37:36:5b:c5:
3f:92:a7:ac:82:91:1c:f2:54:e3:c0:d3:38:37:94:68:25:30:
e4:ac:07:81:77:db:d0:12:a7:0a:57:69:a7:33:5a:f5:42:a9:
c7:30:e9:5e:9f:95:a6:0c:e7:19:53:70:79:0d:00:8a:61:de:
30:33:7a:fa:cb:02:39:b1:1a:10:d3:b2:b2:74:ce:ed:5a:90:
d3:ff:85:25:5c:4c:03:65:f3:c6:b6:b9:d4:a6:d0:34:1c:07:
b0:9e:a4:fc:2e:8a:ed:7a:29:90:54:e7:05:c4:49:e4:52:2b:
b0:52:0a:fe:8b:90:5b:3d:92:85:5b:c8:88:8b:f5:8b:b8:5b:
54:60:9d:81:81:52:ec:29:38:73:fa:a3:73:0c:01:af:61:42:
69:0b:be:82:00:4e:ea:6c:7a:a6:c2:80:f8:8e:ad:c0:37:23:
ae:e6:e7:87:e2:f9:7c:6b:f1:27:14:32:b4:07:bd:4a:b1:9f:
a3:3b:ff:a6:93:9b:ab:a5:b8:4f:15:22:86:ee:74:32:1d:f5:
9a:3f:1c:e1:ff:b0:77:fb:33:21:1d:ad:ca:69:0d:5e:57:32:
1e:cc:df:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy05fRzx8dKBl7Jd8XUGKckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjMxMjI5MDkyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY3YjBhZThlM2EyNmQwM2JjY2ZiNmQyMTcxMjNiMzdjNjllYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO0kZ8zh3np1uxlEARbMgW4wBF8O
/AQy2cK6pkMZQSk/8MJ1Z7WaET43TYxvio3KIqXzTt6nNgln0Ja0WVyB15ZKYv0X
n1kEUUPSr4MUE7nFxHo+LVz9FBmJQK2a6y2XXuKxcOJc9SGq9Nh9C4ra4JZVHuXl
L1PxO45dTgdkIl/nNiJG4P7HJIxbwTELVrtjMvcdgxce3nKC4lpQMIYpf0fNRBUE
nTZMJzUaJmrFhdeu2tkF6WVKaLW/Vh3sEAIA3OhbTUBGGfSU53Exw2IANSL4IMNB
SwctdV7gSbcYZcmE6CG1qzdzSohkfb3IUhervZ17R2JbZo0Gd56bDregHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFH3sK6OOibQO8z7bSFxI7N8aeqgMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvVWZld3JvNDZKdEE3elB0dElYRWpzM3hwNnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT27qMA0G
CSqGSIb3DQEBCwUAA4IBAQALa0k2iipaZ5hFi6rbQ212gO/hsnSXYy4asBkPseRC
Sjc2W8U/kqesgpEc8lTjwNM4N5RoJTDkrAeBd9vQEqcKV2mnM1r1QqnHMOlen5Wm
DOcZU3B5DQCKYd4wM3r6ywI5sRoQ07KydM7tWpDT/4UlXEwDZfPGtrnUptA0HAew
nqT8LorteimQVOcFxEnkUiuwUgr+i5BbPZKFW8iIi/WLuFtUYJ2BgVLsKThz+qNz
DAGvYUJpC76CAE7qbHqmwoD4jq3ANyOu5ueH4vl8a/EnFDK0B71KsZ+jO/+mk5ur
pbhPFSKG7nQyHfWaPxzh/7B3+zMhHa3KaQ1eVzIezN9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:30 2024 by rpki-client on console-ams.rpki-client.org