Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/UXThAmQ2guKQOspyYPYl-2Z2SRg.roa
File: UXThAmQ2guKQOspyYPYl-2Z2SRg.roa (raw, json)
Hash identifier: HN5oWl+g1HVz6a3zwb49PhcWvz4z9BT8twSFDKjU0BA=
Subject key identifier: 51:74:E1:02:64:36:82:E2:90:3A:CA:72:60:F6:25:FB:66:76:49:18
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D8DEEE7604115AD284826AEDE879
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/UXThAmQ2guKQOspyYPYl-2Z2SRg.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42285
IP address blocks: 188.241.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d8:de:ee:76:04:11:5a:d2:84:82:6a:ed:e8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5174e102643682e2903aca7260f625fb66764918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:96:64:6e:48:34:6f:98:a3:96:1f:53:55:29:
d9:42:c4:fe:8e:08:ef:26:65:d8:3e:54:e2:ee:a4:
7a:0c:47:40:ab:8e:36:b0:02:03:e3:65:50:14:cf:
44:7a:07:d8:aa:b3:88:02:60:26:0b:8b:b7:d5:82:
7b:68:b1:31:c5:3b:28:ab:f7:41:9b:0e:88:ec:90:
ef:6b:ac:64:9b:db:b1:3d:18:62:50:cd:83:68:32:
bb:8c:51:04:ed:2f:04:27:5e:04:9f:45:eb:db:ab:
e3:69:ad:ff:1b:f4:85:31:ca:56:b1:61:63:37:08:
9d:6b:9d:d0:16:1f:a8:ac:7e:3c:d1:75:8f:f1:4a:
d7:4f:1e:7a:85:ec:f3:d3:71:a8:22:c7:e8:e6:37:
1b:79:b6:42:a1:58:77:c9:8e:c1:be:02:5b:4c:2d:
40:f9:37:f6:68:f8:3b:63:3f:be:d1:4e:63:47:1b:
80:77:e7:82:e7:90:f3:f6:4c:c1:36:05:11:65:f3:
6a:f6:b0:03:e0:9a:9c:30:d6:08:8f:32:d1:85:c0:
c1:b9:c6:90:a1:49:96:b1:24:b3:01:d3:e7:62:bf:
84:f6:51:e1:fd:17:28:3c:66:6a:f7:06:40:7d:48:
b2:b3:0d:2a:91:48:35:c9:48:0c:f4:76:9c:48:a3:
9b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:74:E1:02:64:36:82:E2:90:3A:CA:72:60:F6:25:FB:66:76:49:18
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/UXThAmQ2guKQOspyYPYl-2Z2SRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.71.0/24
Signature Algorithm: sha256WithRSAEncryption
20:6f:d0:c7:60:97:f4:29:10:24:0e:e2:ec:a6:ad:be:20:4f:
80:5b:b6:06:81:0a:5d:06:9f:dd:ee:46:dc:fe:1f:11:48:a3:
df:26:e1:7e:23:66:36:4f:65:89:78:dc:50:46:5c:46:e4:f6:
62:1a:8f:79:06:94:62:af:39:82:c5:4c:be:e4:b8:34:d6:e2:
07:55:8e:46:a2:0a:5f:1b:04:08:a1:dc:8f:cb:9c:d4:9a:b8:
de:26:ba:78:cc:c2:70:20:a8:2c:1a:a5:4c:2d:86:c0:02:da:
dd:3e:11:4c:6a:29:0f:9c:b9:73:e0:8f:68:c9:8e:75:15:14:
b3:5c:a2:33:c8:10:f1:3d:d2:f0:4c:54:8f:81:da:c4:21:ef:
53:11:90:7a:c8:4c:e6:3f:80:b2:a2:2b:d3:0e:29:65:9e:74:
3e:ac:57:44:86:05:c6:1a:eb:3d:7e:b8:28:66:71:55:a2:98:
84:18:36:03:36:37:63:3a:27:e0:4d:31:c8:e6:04:fe:0d:fa:
31:70:8e:05:59:1c:a4:d6:a7:e0:a1:e7:29:e6:31:b1:10:c0:
f3:08:bb:db:d3:54:c9:4b:30:46:89:38:1f:e2:a1:5b:2f:cb:
3e:4b:fc:e3:71:a9:90:54:c2:8f:f0:1c:76:d4:62:89:13:c5:
35:87:2f:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQdje7nYEEVrShIJq7eh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc0ZTEwMjY0MzY4MmUyOTAzYWNhNzI2MGY2MjVmYjY2NzY0OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5Zkbkg0b5ijlh9TVSnZQsT+jgjv
JmXYPlTi7qR6DEdAq442sAID42VQFM9EegfYqrOIAmAmC4u31YJ7aLExxTsoq/dB
mw6I7JDva6xkm9uxPRhiUM2DaDK7jFEE7S8EJ14En0Xr26vjaa3/G/SFMcpWsWFj
Nwida53QFh+orH480XWP8UrXTx56hezz03GoIsfo5jcbebZCoVh3yY7BvgJbTC1A
+Tf2aPg7Yz++0U5jRxuAd+eC55Dz9kzBNgURZfNq9rAD4JqcMNYIjzLRhcDBucaQ
oUmWsSSzAdPnYr+E9lHh/RcoPGZq9wZAfUiysw0qkUg1yUgM9HacSKObkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFF04QJkNoLikDrKcmD2JftmdkkYMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvVVhUaEFtUTJndUtRT3NweVlQWWwtMloyU1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPFHMA0G
CSqGSIb3DQEBCwUAA4IBAQAgb9DHYJf0KRAkDuLspq2+IE+AW7YGgQpdBp/d7kbc
/h8RSKPfJuF+I2Y2T2WJeNxQRlxG5PZiGo95BpRirzmCxUy+5Lg01uIHVY5Gogpf
GwQIodyPy5zUmrjeJrp4zMJwIKgsGqVMLYbAAtrdPhFMaikPnLlz4I9oyY51FRSz
XKIzyBDxPdLwTFSPgdrEIe9TEZB6yEzmP4CyoivTDillnnQ+rFdEhgXGGus9frgo
ZnFVopiEGDYDNjdjOifgTTHI5gT+DfoxcI4FWRyk1qfgoecp5jGxEMDzCLvb01TJ
SzBGiTgf4qFbL8s+S/zjcamQVMKP8Bx21GKJE8U1hy+F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:30 2025 by rpki-client