Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UbSNPj-CSnZxO1pjbOOKu5T9M3Q.roa
File: UbSNPj-CSnZxO1pjbOOKu5T9M3Q.roa (raw, json)
Hash identifier: rbY+qESfUW0A4d9gbVktZdUctVZtkKDmXWZiOncxG8w=
Subject key identifier: 51:B4:8D:3E:3F:82:4A:76:71:3B:5A:63:6C:E3:8A:BB:94:FD:33:74
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01875110E61CE23193FBE964BFABD076A5CC
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UbSNPj-CSnZxO1pjbOOKu5T9M3Q.roa
Signing time: Wed 05 Apr 2023 10:57:54 +0000
ROA not before: Wed 05 Apr 2023 10:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139660
IP address blocks: 45.148.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:10:e6:1c:e2:31:93:fb:e9:64:bf:ab:d0:76:a5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 5 10:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51b48d3e3f824a76713b5a636ce38abb94fd3374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:de:b5:7e:31:44:4c:96:40:00:47:f0:00:
e2:0c:ec:15:ed:1d:e6:77:99:1c:de:04:27:02:95:
01:fd:ba:2b:4c:d5:34:2a:80:76:ae:a7:2d:f8:0b:
05:9e:cc:11:99:44:0e:f3:79:bb:34:e2:a1:31:09:
9a:9e:ce:ac:cb:33:21:7d:c4:0a:e0:fd:46:f9:23:
17:91:db:77:03:9b:ac:70:d5:b2:cd:69:04:2a:0c:
10:55:4f:bc:0c:a2:78:93:d4:f7:1a:3e:00:57:da:
3e:77:07:08:b6:3e:9a:ea:ee:37:a6:db:73:73:1d:
ba:09:ec:c1:b5:b3:5d:02:c7:43:c5:b8:f0:ca:ed:
99:3e:cf:b3:95:00:c9:f9:6b:64:61:c4:37:77:12:
b7:d7:70:6c:8b:b7:27:f3:f6:96:c1:d4:ec:11:4a:
be:56:8a:1d:4a:e7:b0:d5:8d:56:cb:3b:3b:13:d5:
26:58:32:8b:23:e1:5f:c7:69:d0:10:82:2e:72:2c:
90:ea:ed:f2:7e:23:d2:7e:68:89:df:c8:58:61:13:
35:90:9e:47:12:fd:32:5e:f8:ab:76:b2:0b:d2:18:
75:e6:f3:02:ae:4d:cb:e5:e4:09:b7:c7:b0:9a:38:
b6:a6:82:72:4b:e2:44:91:81:c8:a0:16:06:09:69:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B4:8D:3E:3F:82:4A:76:71:3B:5A:63:6C:E3:8A:BB:94:FD:33:74
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UbSNPj-CSnZxO1pjbOOKu5T9M3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.255.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e8:33:6f:3d:1d:7d:fd:bf:b2:6c:18:94:dc:73:55:fa:35:
94:a2:3e:82:4a:09:09:2f:0f:7d:ec:26:a7:f4:f0:a7:da:9d:
d0:cf:95:dd:d2:c1:0c:95:55:c5:9e:fe:7f:65:63:2b:ca:84:
f0:c4:24:3b:dd:ac:93:e8:6f:f7:42:31:aa:65:8b:56:e4:e4:
02:78:04:47:8e:de:25:4d:c7:8f:cc:b5:23:97:50:27:30:88:
52:df:31:d5:9e:00:90:a9:31:b8:16:5b:a9:05:26:6d:ba:6b:
7a:af:84:71:09:06:0f:9a:54:a3:42:b0:16:41:69:97:06:f3:
49:04:fe:43:a9:1c:e4:8b:61:9d:ce:bb:85:ea:96:bd:73:ec:
83:dd:83:c8:b9:00:71:ea:af:02:82:30:4f:67:af:72:34:e9:
e3:41:4a:a6:eb:a8:60:53:82:4c:20:02:70:85:05:69:f9:f8:
21:08:d7:5e:83:f1:c6:e9:0c:74:e2:cc:d2:1f:f3:dd:8c:56:
86:6e:f8:f2:35:f4:7a:46:53:c6:ff:ef:59:1d:c2:a1:b8:82:
72:0a:a4:97:d4:13:32:87:0d:97:84:ce:7a:10:35:db:54:b0:
5a:8b:bf:6f:20:cc:29:f8:75:5c:57:16:79:28:d0:0b:3c:3e:
d1:d6:05:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdREOYc4jGT++lkv6vQdqXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDA1MTA1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWI0OGQzZTNmODI0YTc2NzEzYjVhNjM2Y2UzOGFiYjk0ZmQzMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWfetX4xREyWQABH8ADiDOwV7R3m
d5kc3gQnApUB/borTNU0KoB2rqct+AsFnswRmUQO83m7NOKhMQmans6syzMhfcQK
4P1G+SMXkdt3A5uscNWyzWkEKgwQVU+8DKJ4k9T3Gj4AV9o+dwcItj6a6u43pttz
cx26CezBtbNdAsdDxbjwyu2ZPs+zlQDJ+WtkYcQ3dxK313Bsi7cn8/aWwdTsEUq+
VoodSuew1Y1Wyzs7E9UmWDKLI+Ffx2nQEIIuciyQ6u3yfiPSfmiJ38hYYRM1kJ5H
Ev0yXvirdrIL0hh15vMCrk3L5eQJt8ewmji2poJyS+JEkYHIoBYGCWl7HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFG0jT4/gkp2cTtaY2zjiruU/TN0MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVWJTTlBqLUNTblp4TzFwamJPT0t1NVQ5TTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAC6DNvPR19/b+ybBiU3HNV+jWUoj6CSgkJLw997Can
9PCn2p3Qz5Xd0sEMlVXFnv5/ZWMryoTwxCQ73ayT6G/3QjGqZYtW5OQCeARHjt4l
TcePzLUjl1AnMIhS3zHVngCQqTG4FlupBSZtumt6r4RxCQYPmlSjQrAWQWmXBvNJ
BP5DqRzki2GdzruF6pa9c+yD3YPIuQBx6q8CgjBPZ69yNOnjQUqm66hgU4JMIAJw
hQVp+fghCNdeg/HG6Qx04szSH/PdjFaGbvjyNfR6RlPG/+9ZHcKhuIJyCqSX1BMy
hw2XhM56EDXbVLBai79vIMwp+HVcVxZ5KNALPD7R1gUD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org