Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U8btn5qdPnbUsGVkQ6qILCKEyHA.roa
File: U8btn5qdPnbUsGVkQ6qILCKEyHA.roa (raw, json)
Hash identifier: WpJaqZx6O1KuhggZ2Rg4Z1olSREXuUjesEcCOpmEi6A=
Subject key identifier: 53:C6:ED:9F:9A:9D:3E:76:D4:B0:65:64:43:AA:88:2C:22:84:C8:70
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 129F630F
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U8btn5qdPnbUsGVkQ6qILCKEyHA.roa
Signing time: Fri 20 May 2022 07:59:30 +0000
ROA not before: Fri 20 May 2022 07:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.60.23.0/24 maxlen: 24
45.66.117.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312435471 (0x129f630f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 20 07:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53c6ed9f9a9d3e76d4b0656443aa882c2284c870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c9:7f:c8:ac:cb:88:e6:26:0e:30:51:e0:06:
b1:b3:31:2b:dc:dc:db:c7:23:df:2e:5a:f2:6b:6d:
80:83:1f:cd:de:51:8e:35:b1:a6:62:0e:b0:df:e8:
c6:b5:34:77:40:01:a2:fb:39:c7:a5:38:c8:96:9c:
bd:b1:94:6b:f2:54:2d:bf:93:d4:b3:03:c8:d7:91:
fe:80:7b:66:46:1d:90:cb:10:3d:83:12:a5:fb:5c:
f9:86:b4:80:0e:c1:2a:1c:5c:9c:cf:af:32:c3:24:
41:d5:52:3a:4d:23:f8:71:06:31:c1:e2:76:ba:60:
24:fd:36:bf:fc:57:3c:b5:90:52:15:18:d2:b7:f5:
ff:dc:18:12:d1:5e:3e:91:a0:dc:2d:e8:56:35:7c:
fa:22:4a:38:54:3f:0c:76:6a:8d:b3:17:fe:1e:72:
85:83:81:b8:a0:b9:a4:c7:70:17:47:58:23:da:f5:
f5:24:c8:a4:71:14:bb:d7:72:ca:10:40:e5:ec:e5:
4a:95:6f:74:86:90:54:ba:2d:90:eb:e7:7a:47:3d:
6b:fc:18:94:67:57:ae:2f:b2:e3:13:e9:d0:90:ff:
17:42:bb:a4:38:3a:7b:c2:03:4e:b5:0b:25:11:de:
70:df:0a:e5:ae:49:5c:27:6c:91:a9:02:e6:7b:f9:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C6:ED:9F:9A:9D:3E:76:D4:B0:65:64:43:AA:88:2C:22:84:C8:70
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U8btn5qdPnbUsGVkQ6qILCKEyHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.117.0/24
45.129.187.0/24
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c8:04:5c:0c:ee:c2:39:26:9b:d7:8b:9f:37:dd:33:16:ee:
bf:9e:94:a5:72:a3:8d:81:78:01:19:87:c3:6a:3c:08:32:60:
b2:7d:43:f8:91:78:3f:37:d3:ed:a8:d6:b8:b5:69:34:e9:32:
b0:e9:74:9d:e4:7c:9d:c0:83:eb:53:48:33:3a:0e:84:13:11:
fc:a7:c3:95:c7:9d:9a:87:71:fc:65:f4:04:a2:e5:96:82:b1:
92:2a:bc:43:69:13:e6:87:f2:23:c4:48:79:81:95:64:46:75:
4f:7b:e8:fb:34:b8:01:7c:05:73:41:48:d8:2a:39:ac:07:d9:
57:d3:9f:12:b8:f8:56:ac:39:ea:91:8f:76:36:2d:41:30:71:
e7:6d:b1:ad:71:19:d7:ad:1c:8a:68:3a:6a:7b:30:9c:95:a7:
66:ba:b2:0f:24:77:65:d6:fc:87:85:4e:4d:89:08:49:a0:fd:
2a:86:42:b6:14:0f:59:c7:a4:9e:c3:51:9f:80:2c:98:76:20:
3e:dc:97:a4:5f:df:79:c8:86:29:70:71:30:d3:a7:2d:fc:fd:
f2:41:98:c3:14:a5:b2:8a:25:65:35:5e:7f:e0:de:9a:b7:a4:
8e:63:c6:6d:53:fc:ec:05:dc:04:d3:cb:f4:12:c6:ad:53:f7:
26:7e:95:aa
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEp9jDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDUy
MDA3NTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNjNmVkOWY5YTlk
M2U3NmQ0YjA2NTY0NDNhYTg4MmMyMjg0Yzg3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3Jf8isy4jmJg4wUeAGsbMxK9zc28cj3y5a8mttgIMfzd5R
jjWxpmIOsN/oxrU0d0ABovs5x6U4yJacvbGUa/JULb+T1LMDyNeR/oB7ZkYdkMsQ
PYMSpftc+Ya0gA7BKhxcnM+vMsMkQdVSOk0j+HEGMcHidrpgJP02v/xXPLWQUhUY
0rf1/9wYEtFePpGg3C3oVjV8+iJKOFQ/DHZqjbMX/h5yhYOBuKC5pMdwF0dYI9r1
9STIpHEUu9dyyhBA5ezlSpVvdIaQVLotkOvnekc9a/wYlGdXri+y4xPp0JD/F0K7
pDg6e8IDTrULJRHecN8K5a5JXCdskakC5nv5QGMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRTxu2fmp0+dtSwZWRDqogsIoTIcDAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L1U4YnRuNXFkUG5iVXNHVmtRNnFJTENLRXlIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1CdQMEAC2BuwMEANQ8FzANBgkq
hkiG9w0BAQsFAAOCAQEAdsgEXAzuwjkmm9eLnzfdMxbuv56UpXKjjYF4ARmHw2o8
CDJgsn1D+JF4PzfT7ajWuLVpNOkysOl0neR8ncCD61NIMzoOhBMR/KfDlcedmodx
/GX0BKLlloKxkiq8Q2kT5ofyI8RIeYGVZEZ1T3vo+zS4AXwFc0FI2Co5rAfZV9Of
Erj4Vqw56pGPdjYtQTBx522xrXEZ160cimg6answnJWnZrqyDyR3Zdb8h4VOTYkI
SaD9KoZCthQPWceknsNRn4AsmHYgPtyXpF/feciGKXBxMNOnLfz98kGYwxSlsool
ZTVef+DemrekjmPGbVP87AXcBNPL9BLGrVP3Jn6Vqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org