Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/UEfrdhKAcaU0Exwz8PzhKCcN64M.roa
File: UEfrdhKAcaU0Exwz8PzhKCcN64M.roa (raw, json)
Hash identifier: gqAsshZwPJE04NFYjBU0wQ9iUcrmDkJNa/dtxPnLhVY=
Subject key identifier: 50:47:EB:76:12:80:71:A5:34:13:1C:33:F0:FC:E1:28:27:0D:EB:83
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 02B323BF
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/UEfrdhKAcaU0Exwz8PzhKCcN64M.roa
Signing time: Tue 26 Apr 2022 10:40:33 +0000
ROA not before: Tue 26 Apr 2022 10:40:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29172
IP address blocks: 176.223.167.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45294527 (0x2b323bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Apr 26 10:40:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5047eb76128071a534131c33f0fce128270deb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:52:8d:cf:a4:b8:1a:04:eb:f1:cb:45:74:26:
90:4a:34:41:34:47:f4:77:77:ce:dd:b4:2a:5e:fa:
1e:6a:0e:d6:78:a7:4e:c4:38:25:5a:30:4c:62:26:
7a:80:ae:00:0c:55:6d:b4:a9:6a:28:e1:96:40:9b:
21:b6:e3:d3:ed:24:33:d5:50:2c:80:a1:66:28:27:
fe:e2:1e:6f:bc:06:4b:26:77:b8:7f:13:fd:7a:8e:
a3:4d:ab:41:4a:9d:8e:a5:29:e9:8d:cf:e6:37:66:
46:2b:34:b6:f8:06:68:7b:14:7e:e3:7e:df:3d:05:
bb:6e:9c:69:29:52:b0:6b:99:dd:81:6b:57:f1:67:
d2:c4:cc:ae:38:2f:2d:1a:5f:0e:4c:33:aa:97:71:
c0:87:db:05:96:f6:bc:a9:a2:1b:59:35:56:d3:a6:
65:d0:d9:20:c9:66:e4:89:d4:30:f3:42:38:42:56:
9b:bc:d7:d3:c9:6e:91:c3:0a:87:67:1d:e8:54:6f:
6d:28:82:c8:60:d7:21:27:f3:31:82:d4:c1:78:b1:
d5:04:d7:5e:2f:bb:e7:b5:f6:a6:14:82:57:90:a5:
51:08:2c:3d:07:4b:40:de:4f:c3:c5:ba:a4:8c:56:
af:d9:95:b5:1d:18:2b:31:87:23:a5:56:5e:e7:38:
4c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:47:EB:76:12:80:71:A5:34:13:1C:33:F0:FC:E1:28:27:0D:EB:83
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/UEfrdhKAcaU0Exwz8PzhKCcN64M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.167.0/24
Signature Algorithm: sha256WithRSAEncryption
29:50:a5:e0:c2:8e:61:76:b3:bd:e5:4c:bb:2b:ae:39:4d:3f:
bd:7c:a3:58:a4:7f:1e:15:71:eb:90:cd:09:0f:3f:f2:16:0e:
25:c4:4e:90:54:ee:53:4f:0a:b9:d3:14:a4:11:89:15:8e:66:
9d:45:c8:01:fd:50:ba:41:cc:c0:c2:de:b1:92:1c:16:17:06:
0c:19:7b:e8:4b:c5:26:72:bb:16:3f:1a:b2:7c:8b:c6:7a:f9:
c3:89:0d:db:81:83:da:9c:b2:cc:c6:39:68:45:9a:be:f5:e2:
c9:d9:e4:71:e0:74:50:91:cb:ff:a4:17:28:ce:27:ec:99:8a:
a2:22:ef:92:0a:11:22:7a:ed:f9:3c:a2:db:47:73:da:ed:6c:
0d:52:15:95:25:e4:bb:28:6b:e6:51:03:19:ef:ad:50:60:a7:
60:de:07:5d:8f:67:c9:e5:2d:38:49:8a:03:17:39:3e:46:ac:
e2:5e:28:04:18:6c:ae:2e:5a:ec:db:26:12:c7:56:f2:57:f0:
86:22:92:1f:cc:b3:d3:62:d8:18:b1:9a:16:d9:00:15:60:75:
4e:27:50:9e:9e:22:b5:38:ac:bb:83:b3:80:7d:6d:96:0b:9b:
65:38:66:91:f1:cc:d4:3d:b3:38:ad:2f:9c:b6:ef:bd:ae:74:
52:95:b8:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArMjvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDRkYjc2MjMyNDFkN2U2Njc4ZmMyNTc1MWZhNGUwYjY2NjUxODZiMB4XDTIyMDQy
NjEwNDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA0N2ViNzYxMjgw
NzFhNTM0MTMxYzMzZjBmY2UxMjgyNzBkZWI4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVSjc+kuBoE6/HLRXQmkEo0QTRH9Hd3zt20Kl76HmoO1nin
TsQ4JVowTGImeoCuAAxVbbSpaijhlkCbIbbj0+0kM9VQLIChZign/uIeb7wGSyZ3
uH8T/XqOo02rQUqdjqUp6Y3P5jdmRis0tvgGaHsUfuN+3z0Fu26caSlSsGuZ3YFr
V/Fn0sTMrjgvLRpfDkwzqpdxwIfbBZb2vKmiG1k1VtOmZdDZIMlm5InUMPNCOEJW
m7zX08lukcMKh2cd6FRvbSiCyGDXISfzMYLUwXix1QTXXi+757X2phSCV5ClUQgs
PQdLQN5Pw8W6pIxWr9mVtR0YKzGHI6VWXuc4TLkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQR+t2EoBxpTQTHDPw/OEoJw3rgzAfBgNVHSMEGDAWgBTATbdiMkHX5meP
wldR+k4LZmUYazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dFMjNZakpCMS1abmo4SlhVZnBPQzJabEdHcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvNmU4NzRlLTczZmUtNGRiYi1iNzRjLTA0MjNmMjYzZjJjYi8x
L1VFZnJkaEtBY2FVMEV4d3o4UHpoS0NjTjY0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
NmU4NzRlLTczZmUtNGRiYi1iNzRjLTA0MjNmMjYzZjJjYi8xL3dFMjNZakpCMS1a
bmo4SlhVZnBPQzJabEdHcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALDfpzANBgkqhkiG9w0BAQsFAAOC
AQEAKVCl4MKOYXazveVMuyuuOU0/vXyjWKR/HhVx65DNCQ8/8hYOJcROkFTuU08K
udMUpBGJFY5mnUXIAf1QukHMwMLesZIcFhcGDBl76EvFJnK7Fj8asnyLxnr5w4kN
24GD2pyyzMY5aEWavvXiydnkceB0UJHL/6QXKM4n7JmKoiLvkgoRInrt+Tyi20dz
2u1sDVIVlSXkuyhr5lEDGe+tUGCnYN4HXY9nyeUtOEmKAxc5Pkas4l4oBBhsri5a
7NsmEsdW8lfwhiKSH8yz02LYGLGaFtkAFWB1TidQnp4itTisu4OzgH1tlgubZThm
kfHM1D2zOK0vnLbvva50UpW4RA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org