Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/u6AgBZDowFOX7AGbXSFjpjrMK7Y.roa
File: u6AgBZDowFOX7AGbXSFjpjrMK7Y.roa (raw, json)
Hash identifier: lIzgHDyvdGmZNUZcjeR11Wj+XWS01o5im0MbEMFtwoM=
Subject key identifier: BB:A0:20:05:90:E8:C0:53:97:EC:01:9B:5D:21:63:A6:3A:CC:2B:B6
Certificate issuer: /CN=5289a5765a9e836fd0fa811f760f0dcebe8f18ce
Certificate serial: 018CC94C1372EB938A4BC64F6E8A7B5962AC
Authority key identifier: 52:89:A5:76:5A:9E:83:6F:D0:FA:81:1F:76:0F:0D:CE:BE:8F:18:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/u6AgBZDowFOX7AGbXSFjpjrMK7Y.roa
Signing time: Tue 02 Jan 2024 08:30:55 +0000
ROA not before: Tue 02 Jan 2024 08:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25091
IP address blocks: 149.255.48.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:13:72:eb:93:8a:4b:c6:4f:6e:8a:7b:59:62:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289a5765a9e836fd0fa811f760f0dcebe8f18ce
Validity
Not Before: Jan 2 08:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bba0200590e8c05397ec019b5d2163a63acc2bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:47:02:f9:49:fb:a7:7c:ca:9a:d1:2a:ed:30:
87:4d:e9:81:6d:b5:8d:e0:78:ac:d8:0b:5a:0f:4d:
c9:06:f4:4f:a6:ac:f6:16:0d:97:cb:15:52:b6:a0:
93:37:b8:31:95:01:c7:7a:21:f1:65:de:f4:69:42:
cb:a8:7f:e0:dd:df:b0:47:ab:97:e0:e3:27:8a:90:
16:d2:67:23:ee:08:dc:2c:5e:58:16:43:13:70:ca:
31:2c:7c:96:01:73:8b:e9:f5:5c:35:45:8e:54:5b:
f7:2b:3a:f7:97:38:82:53:a1:ed:27:6d:b1:49:49:
19:dc:8c:e1:f9:cf:b1:37:02:5d:8a:ef:28:aa:15:
a8:67:05:ca:d2:61:40:c4:ec:1d:23:35:f1:92:4d:
f4:47:03:21:ac:36:8e:6a:45:56:9a:c6:fb:b7:d6:
27:84:91:f7:af:42:e4:2a:9e:cb:2b:3d:ce:d3:96:
1d:4f:15:18:da:05:9b:00:04:45:d8:cc:ef:d6:18:
57:e5:27:73:c7:91:70:cd:87:df:f9:5e:61:5e:0b:
69:52:9f:64:b3:78:c4:ef:fc:c5:97:be:9a:ed:43:
f2:f4:6c:77:3a:99:f9:41:21:70:1b:cf:7c:0a:d8:
a8:6e:1d:d0:4a:f4:1d:8b:5a:98:68:64:91:03:b2:
02:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A0:20:05:90:E8:C0:53:97:EC:01:9B:5D:21:63:A6:3A:CC:2B:B6
X509v3 Authority Key Identifier:
keyid:52:89:A5:76:5A:9E:83:6F:D0:FA:81:1F:76:0F:0D:CE:BE:8F:18:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/u6AgBZDowFOX7AGbXSFjpjrMK7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/826b7c-4754-4abd-9875-e1b20077ed93/1/Uomldlqeg2_Q-oEfdg8Nzr6PGM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.255.48.0/21
Signature Algorithm: sha256WithRSAEncryption
01:03:c9:60:9f:45:2d:54:84:ab:a8:90:e4:90:5d:e7:ee:cc:
d7:da:51:55:ec:f8:91:63:53:1e:8e:c7:cc:9c:63:ef:9c:e1:
11:de:58:7e:d9:fc:02:48:d2:12:53:82:9e:74:2f:65:bc:a2:
cf:cf:ac:eb:d5:58:d6:82:07:72:8f:bf:c9:8c:bb:a4:15:69:
05:81:f8:ef:b2:b1:63:eb:0f:61:49:5d:6e:d0:49:43:4c:13:
f1:5c:f0:21:18:af:55:02:90:6e:93:09:dd:d9:2a:22:89:4b:
6a:58:9b:00:af:a8:c2:c7:55:7b:bf:dc:d0:37:04:39:de:1c:
91:3e:97:16:39:8d:47:03:31:39:2f:fa:22:37:3e:6d:33:34:
64:d2:75:a4:e3:b3:a3:4f:19:54:c7:8e:42:92:e6:73:06:5a:
53:a5:8a:79:90:c8:88:9a:5d:ad:b7:ab:3d:f7:10:ba:e0:42:
ef:ed:2b:40:87:a1:d9:ee:39:bb:d3:26:df:b0:03:24:b3:b1:
4a:f8:65:8a:c7:92:5f:7a:ef:dd:b5:64:c1:0b:41:e0:71:d8:
d8:53:d4:18:4b:e2:c0:78:ff:a5:02:a2:ca:6c:3e:34:ae:34:
a7:e1:10:6a:3c:9f:39:bf:a2:ea:3d:da:cb:9d:5c:bc:ff:ad:
5d:cf:81:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTBNy65OKS8ZPbop7WWKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODlhNTc2NWE5ZTgzNmZkMGZhODExZjc2MGYwZGNlYmU4
ZjE4Y2UwHhcNMjQwMTAyMDgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmEwMjAwNTkwZThjMDUzOTdlYzAxOWI1ZDIxNjNhNjNhY2MyYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0cC+Un7p3zKmtEq7TCHTemBbbWN
4His2AtaD03JBvRPpqz2Fg2XyxVStqCTN7gxlQHHeiHxZd70aULLqH/g3d+wR6uX
4OMnipAW0mcj7gjcLF5YFkMTcMoxLHyWAXOL6fVcNUWOVFv3Kzr3lziCU6HtJ22x
SUkZ3Izh+c+xNwJdiu8oqhWoZwXK0mFAxOwdIzXxkk30RwMhrDaOakVWmsb7t9Yn
hJH3r0LkKp7LKz3O05YdTxUY2gWbAARF2Mzv1hhX5Sdzx5FwzYff+V5hXgtpUp9k
s3jE7/zFl76a7UPy9Gx3Opn5QSFwG898Ctiobh3QSvQdi1qYaGSRA7IC4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLugIAWQ6MBTl+wBm10hY6Y6zCu2MB8GA1UdIwQY
MBaAFFKJpXZanoNv0PqBH3YPDc6+jxjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9tbGRscWVnMl9RLW9FZmRnOE56cjZQR000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84MjZiN2MtNDc1NC00YWJkLTk4NzUt
ZTFiMjAwNzdlZDkzLzEvdTZBZ0JaRG93Rk9YN0FHYlhTRmpwanJNSzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84MjZiN2MtNDc1NC00YWJkLTk4NzUtZTFiMjAwNzdlZDkz
LzEvVW9tbGRscWVnMl9RLW9FZmRnOE56cjZQR000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDlf8wMA0G
CSqGSIb3DQEBCwUAA4IBAQABA8lgn0UtVISrqJDkkF3n7szX2lFV7PiRY1MejsfM
nGPvnOER3lh+2fwCSNISU4KedC9lvKLPz6zr1VjWggdyj7/JjLukFWkFgfjvsrFj
6w9hSV1u0ElDTBPxXPAhGK9VApBukwnd2SoiiUtqWJsAr6jCx1V7v9zQNwQ53hyR
PpcWOY1HAzE5L/oiNz5tMzRk0nWk47OjTxlUx45CkuZzBlpTpYp5kMiIml2tt6s9
9xC64ELv7StAh6HZ7jm70ybfsAMks7FK+GWKx5Jfeu/dtWTBC0HgcdjYU9QYS+LA
eP+lAqLKbD40rjSn4RBqPJ85v6LqPdrLnVy8/61dz4G3
-----END CERTIFICATE-----
Generated at Tue Oct 15 12:42:17 2024 by rpki-client on console-fra.rpki-client.org