Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/UJW-eZJiKHQxv90X8-IUNHKBqI8.roa
File: UJW-eZJiKHQxv90X8-IUNHKBqI8.roa (raw, json)
Hash identifier: 6vXlUGfcKEGEh45bDHaJXncjhP2ooXhKCDtbAr3ArRY=
Subject key identifier: 50:95:BE:79:92:62:28:74:31:BF:DD:17:F3:E2:14:34:72:81:A8:8F
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 018E3243C3F82F517FEC25037CA026BEF230
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/UJW-eZJiKHQxv90X8-IUNHKBqI8.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:f8:2f:51:7f:ec:25:03:7c:a0:26:be:f2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5095be799262287431bfdd17f3e214347281a88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:07:4a:1e:4c:c9:19:bc:36:5c:49:1d:6c:
c0:10:6c:2c:ec:b2:bd:16:e3:91:61:cb:c1:72:69:
6a:1d:3d:a0:ed:a4:db:68:54:57:9a:91:1a:a1:0f:
ad:b8:5c:c1:dd:33:e7:22:fc:38:15:af:fa:71:3d:
71:88:dd:1c:d6:62:e9:f6:c7:53:92:46:1f:1a:2b:
5a:2e:db:d9:03:98:87:4e:f5:83:70:1a:89:63:09:
36:f6:8f:0a:29:e4:1f:1a:36:84:db:f3:da:92:44:
2a:85:34:07:fa:eb:c4:91:99:3a:d8:9a:64:20:42:
65:3a:cf:a8:ef:04:96:e8:93:49:16:f0:96:df:ab:
a5:01:38:5c:9e:28:37:82:9b:99:69:21:ed:2c:9e:
37:59:a0:09:48:8e:36:49:bb:99:c2:eb:e2:5b:be:
6f:d8:37:fb:fe:c5:76:d2:07:50:11:c4:5a:1d:b0:
67:b8:e1:fd:fe:22:f1:44:36:e4:14:fa:23:be:c5:
26:92:c0:13:2f:d9:ce:bb:a0:d4:6a:80:d2:a2:ee:
8a:77:e2:0e:82:42:9b:ed:51:1c:58:41:48:15:b7:
7f:8e:32:5d:a0:93:c1:62:59:3a:7f:c8:a5:e8:c9:
99:fa:c7:0e:58:e4:c0:64:fa:df:f6:8b:1f:73:4a:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:95:BE:79:92:62:28:74:31:BF:DD:17:F3:E2:14:34:72:81:A8:8F
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/UJW-eZJiKHQxv90X8-IUNHKBqI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.252.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0f:69:91:31:af:e9:63:55:52:0f:30:ff:25:28:ee:5d:6e:
25:cb:32:75:e2:d8:0d:bd:72:03:c1:41:36:b6:34:4d:b7:8a:
38:58:d2:f4:98:39:68:6b:f9:fe:3e:ee:b4:50:74:67:b8:30:
ad:6f:f2:c2:3a:c7:a0:4b:bd:30:21:b3:60:96:08:55:30:fc:
70:a8:f0:cf:6f:f9:8c:52:bc:df:62:16:48:5a:ed:d3:3a:bf:
fe:d7:85:ee:91:39:35:60:8e:92:9a:97:b7:dc:44:a8:76:4d:
97:a1:91:8b:82:70:72:72:9e:bb:24:eb:04:78:f6:ae:d2:af:
51:7d:ae:57:43:1d:f7:4f:89:b9:54:39:b8:d5:83:16:bc:0e:
e1:a4:c3:09:7c:64:28:c5:45:39:02:90:d5:f5:64:ef:f4:08:
09:9a:76:40:cf:97:9b:e2:4b:8e:bd:0c:6c:98:13:4f:60:79:
d5:7b:ec:45:19:75:60:fb:9d:5c:88:a7:af:ac:ad:78:17:9a:
2d:57:ed:c0:be:07:30:f4:f3:6b:31:2a:33:ae:fa:fc:71:2f:
91:8d:a3:6a:66:50:69:e7:55:65:9f:06:30:99:df:15:57:f6:
b0:0a:59:03:47:d8:72:a4:dc:4b:fb:38:e8:b4:ea:7d:58:4b:
1f:bf:03:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8P4L1F/7CUDfKAmvvIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk1YmU3OTkyNjIyODc0MzFiZmRkMTdmM2UyMTQzNDcyODFhODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEEHSh5MyRm8NlxJHWzAEGws7LK9
FuORYcvBcmlqHT2g7aTbaFRXmpEaoQ+tuFzB3TPnIvw4Fa/6cT1xiN0c1mLp9sdT
kkYfGitaLtvZA5iHTvWDcBqJYwk29o8KKeQfGjaE2/PakkQqhTQH+uvEkZk62Jpk
IEJlOs+o7wSW6JNJFvCW36ulAThcnig3gpuZaSHtLJ43WaAJSI42SbuZwuviW75v
2Df7/sV20gdQEcRaHbBnuOH9/iLxRDbkFPojvsUmksATL9nOu6DUaoDSou6Kd+IO
gkKb7VEcWEFIFbd/jjJdoJPBYlk6f8il6MmZ+scOWOTAZPrf9osfc0oFbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCVvnmSYih0Mb/dF/PiFDRygaiPMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvVUpXLWVaSmlLSFF4djkwWDgtSVVOSEtCcUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn8MA0G
CSqGSIb3DQEBCwUAA4IBAQBPD2mRMa/pY1VSDzD/JSjuXW4lyzJ14tgNvXIDwUE2
tjRNt4o4WNL0mDloa/n+Pu60UHRnuDCtb/LCOsegS70wIbNglghVMPxwqPDPb/mM
UrzfYhZIWu3TOr/+14XukTk1YI6Smpe33ESodk2XoZGLgnBycp67JOsEePau0q9R
fa5XQx33T4m5VDm41YMWvA7hpMMJfGQoxUU5ApDV9WTv9AgJmnZAz5eb4kuOvQxs
mBNPYHnVe+xFGXVg+51ciKevrK14F5otV+3Avgcw9PNrMSozrvr8cS+RjaNqZlBp
51VlnwYwmd8VV/awClkDR9hypNxL+zjotOp9WEsfvwOW
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:38:24 2024 by rpki-client on console-ams.rpki-client.org