Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ULbwBB1pGhdzx3f9Gx_XLc2-7tA.roa
File: ULbwBB1pGhdzx3f9Gx_XLc2-7tA.roa (raw, json)
Hash identifier: 5oSCXLzGCY6afsnVSonUhCsy5IDTttnP456CmoTF/hY=
Subject key identifier: 50:B6:F0:04:1D:69:1A:17:73:C7:77:FD:1B:1F:D7:2D:CD:BE:EE:D0
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58CFD9C464EB3BECFC057BDA4C977
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ULbwBB1pGhdzx3f9Gx_XLc2-7tA.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 83.147.255.0/24 maxlen: 24
178.253.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8c:fd:9c:46:4e:b3:be:cf:c0:57:bd:a4:c9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50b6f0041d691a1773c777fd1b1fd72dcdbeeed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ac:ef:aa:f3:30:62:63:cd:cd:08:49:b2:27:
80:0b:7e:93:58:e1:41:0b:5e:b1:41:27:db:77:05:
e1:9d:10:71:f7:ef:7b:4e:ab:1f:c6:f7:b3:24:17:
f4:a1:2f:62:92:e1:7a:25:79:ff:5d:35:cf:d2:71:
84:44:a9:d2:81:eb:2f:63:a9:5a:95:a6:3a:e3:a6:
84:1a:9e:c0:06:6f:64:e5:65:73:58:d1:6c:0b:71:
43:9a:fd:33:b8:d4:6d:f6:38:40:75:07:66:26:8c:
45:6a:03:76:90:c8:44:83:4a:a4:87:34:76:17:9d:
07:e3:fd:cd:29:48:9b:ed:0e:19:3b:96:9b:e0:bb:
7a:90:bd:d0:a7:76:c5:04:ff:7b:5f:ea:cd:c0:27:
f5:be:c9:1f:e0:6d:6f:8b:fb:5f:e2:75:7f:7d:5a:
bb:d9:78:e9:47:f8:45:fa:41:ab:dc:2a:4f:6b:6d:
48:f9:50:c9:0e:1a:71:5f:dd:70:ff:66:3e:68:88:
84:da:3e:11:90:d5:7f:e4:29:93:08:2c:be:44:9f:
05:02:59:16:d0:09:9f:da:e0:6d:c1:fe:65:f2:2e:
f7:8e:9f:3c:0c:d4:64:f1:a4:7d:86:66:43:d5:19:
ad:fe:26:b5:ce:82:c7:59:ad:1c:86:9a:bd:ce:e8:
b9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B6:F0:04:1D:69:1A:17:73:C7:77:FD:1B:1F:D7:2D:CD:BE:EE:D0
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ULbwBB1pGhdzx3f9Gx_XLc2-7tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.255.0/24
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:10:1b:15:08:0c:67:dc:f3:5f:9a:b2:99:e2:8b:36:d6:13:
db:2f:fe:3a:d0:ad:d3:6b:6c:0e:bd:19:df:86:7f:6d:6f:a8:
61:e4:c3:77:10:18:82:9f:83:ee:d0:eb:0c:7d:13:bc:6d:b0:
de:b8:dd:c1:22:a5:18:4b:d1:a7:2e:4a:7e:7f:fc:2d:56:bc:
38:eb:e4:5f:a8:7c:9d:51:95:83:a7:61:99:f5:13:f9:51:bf:
be:ae:b6:d1:68:49:0e:f0:5b:ba:50:c0:3c:a8:fd:b5:2e:1d:
32:fe:97:72:f8:ce:f1:7a:20:3d:21:a8:1c:15:ba:05:39:c4:
e2:37:30:9d:56:ac:f8:65:4a:84:c3:60:f4:a7:c4:b4:a5:75:
61:89:4a:f7:37:72:b9:95:23:19:2c:3a:89:a5:3c:a5:2a:ab:
4e:07:0f:b1:9b:4d:e4:c6:c5:0c:08:76:ff:da:34:73:e6:ed:
47:bc:5a:b1:d7:ff:89:44:bd:53:b9:21:b9:86:9c:16:ad:3b:
d1:f3:b1:ed:d7:44:1e:35:88:e4:ec:9f:b2:dc:f0:29:ed:cb:
3d:d4:5b:27:f8:27:f2:2a:88:42:ce:12:81:2c:e7:ad:4e:25:
46:b0:23:77:3e:41:e4:f1:66:61:a7:be:17:f2:a6:3b:b3:8c:
b4:60:ee:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntYz9nEZOs77PwFe9pMl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGI2ZjAwNDFkNjkxYTE3NzNjNzc3ZmQxYjFmZDcyZGNkYmVlZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KzvqvMwYmPNzQhJsieAC36TWOFB
C16xQSfbdwXhnRBx9+97TqsfxvezJBf0oS9ikuF6JXn/XTXP0nGERKnSgesvY6la
laY646aEGp7ABm9k5WVzWNFsC3FDmv0zuNRt9jhAdQdmJoxFagN2kMhEg0qkhzR2
F50H4/3NKUib7Q4ZO5ab4Lt6kL3Qp3bFBP97X+rNwCf1vskf4G1vi/tf4nV/fVq7
2XjpR/hF+kGr3CpPa21I+VDJDhpxX91w/2Y+aIiE2j4RkNV/5CmTCCy+RJ8FAlkW
0Amf2uBtwf5l8i73jp88DNRk8aR9hmZD1Rmt/ia1zoLHWa0chpq9zui53QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFC28AQdaRoXc8d3/Rsf1y3Nvu7QMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVUxid0JCMXBHaGR6eDNmOUd4X1hMYzItN3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU5P/AwQA
sv03MA0GCSqGSIb3DQEBCwUAA4IBAQB9EBsVCAxn3PNfmrKZ4os21hPbL/460K3T
a2wOvRnfhn9tb6hh5MN3EBiCn4Pu0OsMfRO8bbDeuN3BIqUYS9GnLkp+f/wtVrw4
6+RfqHydUZWDp2GZ9RP5Ub++rrbRaEkO8Fu6UMA8qP21Lh0y/pdy+M7xeiA9Iagc
FboFOcTiNzCdVqz4ZUqEw2D0p8S0pXVhiUr3N3K5lSMZLDqJpTylKqtOBw+xm03k
xsUMCHb/2jRz5u1HvFqx1/+JRL1TuSG5hpwWrTvR87Ht10QeNYjk7J+y3PAp7cs9
1Fsn+CfyKohCzhKBLOetTiVGsCN3PkHk8WZhp74X8qY7s4y0YO5m
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:52:56 2025 by rpki-client