Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5954db-9cd5-4357-a211-7993972840b6/1/uuH8MO9FKEd5lZcS4laWT91tCyg.roa
File: uuH8MO9FKEd5lZcS4laWT91tCyg.roa (raw, json)
Hash identifier: DyQhDa/bcUTM3DHhn1bFGliRaZh9Y5h98wLT/UbXZFI=
Subject key identifier: BA:E1:FC:30:EF:45:28:47:79:95:97:12:E2:56:96:4F:DD:6D:0B:28
Certificate issuer: /CN=eca2e95c397944c3ce6d3f4371488b739e42e42e
Certificate serial: FEE50D
Authority key identifier: EC:A2:E9:5C:39:79:44:C3:CE:6D:3F:43:71:48:8B:73:9E:42:E4:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7KLpXDl5RMPObT9DcUiLc55C5C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5954db-9cd5-4357-a211-7993972840b6/1/uuH8MO9FKEd5lZcS4laWT91tCyg.roa
Signing time: Sat 01 Jan 2022 11:00:00 +0000
ROA not before: Sat 01 Jan 2022 11:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210760
IP address blocks: 188.95.68.0/24 maxlen: 24
2a11:14c0::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16704781 (0xfee50d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eca2e95c397944c3ce6d3f4371488b739e42e42e
Validity
Not Before: Jan 1 11:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bae1fc30ef45284779959712e256964fdd6d0b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:8c:6c:71:a3:46:1c:c1:2a:41:e3:e0:9b:
09:f5:fb:41:88:fe:7f:e6:3c:23:28:1d:6e:89:28:
5b:c4:7c:88:cd:3a:85:b4:a5:3b:ad:15:33:7b:ca:
8b:8b:55:4d:36:da:d5:d2:57:f6:24:bd:91:07:f8:
89:fe:21:df:55:45:ce:e7:38:af:71:11:ad:51:1b:
71:8c:19:db:86:ab:20:b7:22:8d:b1:85:6c:5e:72:
a9:37:f5:f8:65:d7:a7:f4:13:a2:98:a3:fd:7f:42:
a4:16:9e:8c:7f:0f:34:d8:2e:36:14:73:4a:29:74:
d6:91:d6:10:31:48:a9:e9:f3:9e:49:1f:ea:37:9e:
15:55:2a:95:10:29:f5:2a:13:f2:4f:d8:19:75:f9:
41:88:09:12:5a:ac:5f:c3:64:80:ea:a0:c5:9f:93:
cc:72:8c:e8:55:22:db:75:66:ea:77:96:c0:02:b1:
c4:cb:0e:97:13:f3:ac:a6:33:92:a0:e5:31:77:8e:
07:7a:bb:a3:2a:c5:ff:57:77:b2:1e:6f:44:6d:90:
74:76:85:f7:ec:3d:17:c4:36:79:1e:ab:71:56:24:
e2:b4:da:88:fe:29:09:6a:10:7f:c6:0e:98:17:bb:
c7:df:28:43:39:d5:1d:4d:32:00:fc:2c:f5:57:9c:
c0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E1:FC:30:EF:45:28:47:79:95:97:12:E2:56:96:4F:DD:6D:0B:28
X509v3 Authority Key Identifier:
keyid:EC:A2:E9:5C:39:79:44:C3:CE:6D:3F:43:71:48:8B:73:9E:42:E4:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7KLpXDl5RMPObT9DcUiLc55C5C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5954db-9cd5-4357-a211-7993972840b6/1/uuH8MO9FKEd5lZcS4laWT91tCyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5954db-9cd5-4357-a211-7993972840b6/1/7KLpXDl5RMPObT9DcUiLc55C5C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.68.0/24
IPv6:
2a11:14c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:94:b4:94:59:ed:04:13:7c:83:d7:ba:6a:42:43:a6:4c:07:
61:ca:d6:27:36:c8:57:fb:18:05:88:c0:52:f3:8b:41:52:5c:
e5:1c:99:0a:c2:26:9a:a1:d1:16:5a:8b:ca:86:ae:53:9d:49:
d7:70:7f:d2:70:4d:7a:82:9e:22:36:ed:5d:ad:68:fb:c0:99:
d0:ef:a9:9b:b3:98:fc:e6:2f:06:5d:17:dd:b6:d9:d0:46:8a:
52:29:dc:3a:09:44:fc:27:a2:f7:fd:fe:9d:f4:44:72:df:d4:
ab:b7:77:63:d6:24:2d:24:a6:04:65:83:8d:3b:07:88:82:6b:
b2:a5:fd:cc:6c:e3:5b:8f:2e:d2:f0:dd:3b:51:2e:96:56:4d:
6c:17:75:9f:db:c3:88:42:2a:e8:69:88:35:c5:14:c6:83:38:
39:43:29:54:7b:fa:02:15:56:77:b9:26:4d:82:6d:18:c0:2a:
44:3b:22:65:1d:72:1e:55:22:9d:bc:5f:09:ac:cd:c4:bf:12:
97:79:05:b6:68:eb:32:e4:8d:52:06:21:18:d2:93:f6:2b:21:
c7:a6:6e:69:97:ef:6c:f5:48:93:f0:1e:5f:d7:59:b8:03:18:
2f:28:e2:ae:da:14:33:05:aa:d4:b1:82:ae:71:9b:35:96:a8:
b5:f4:2b:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAP7lDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2EyZTk1YzM5Nzk0NGMzY2U2ZDNmNDM3MTQ4OGI3MzllNDJlNDJlMB4XDTIyMDEw
MTExMDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFlMWZjMzBlZjQ1
Mjg0Nzc5OTU5NzEyZTI1Njk2NGZkZDZkMGIyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQijGxxo0YcwSpB4+CbCfX7QYj+f+Y8IygdbokoW8R8iM06
hbSlO60VM3vKi4tVTTba1dJX9iS9kQf4if4h31VFzuc4r3ERrVEbcYwZ24arILci
jbGFbF5yqTf1+GXXp/QTopij/X9CpBaejH8PNNguNhRzSil01pHWEDFIqenznkkf
6jeeFVUqlRAp9SoT8k/YGXX5QYgJElqsX8NkgOqgxZ+TzHKM6FUi23Vm6neWwAKx
xMsOlxPzrKYzkqDlMXeOB3q7oyrF/1d3sh5vRG2QdHaF9+w9F8Q2eR6rcVYk4rTa
iP4pCWoQf8YOmBe7x98oQznVHU0yAPws9VecwAsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS64fww70UoR3mVlxLiVpZP3W0LKDAfBgNVHSMEGDAWgBTsoulcOXlEw85t
P0NxSItznkLkLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdLTHBYRGw1Uk1QT2JUOURjVWlMYzU1QzVDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNTk1NGRiLTljZDUtNDM1Ny1hMjExLTc5OTM5NzI4NDBiNi8x
L3V1SDhNTzlGS0VkNWxaY1M0bGFXVDkxdEN5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NTk1NGRiLTljZDUtNDM1Ny1hMjExLTc5OTM5NzI4NDBiNi8xLzdLTHBYRGw1Uk1Q
T2JUOURjVWlMYzU1QzVDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALxfRDANBAIAAjAHAwUDKhEUwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUJS0lFntBBN8g9e6akJDpkwHYcrWJzbIV/sYBYjA
UvOLQVJc5RyZCsImmqHRFlqLyoauU51J13B/0nBNeoKeIjbtXa1o+8CZ0O+pm7OY
/OYvBl0X3bbZ0EaKUincOglE/Cei9/3+nfREct/Uq7d3Y9YkLSSmBGWDjTsHiIJr
sqX9zGzjW48u0vDdO1EullZNbBd1n9vDiEIq6GmINcUUxoM4OUMpVHv6AhVWd7km
TYJtGMAqRDsiZR1yHlUinbxfCazNxL8Sl3kFtmjrMuSNUgYhGNKT9ishx6ZuaZfv
bPVIk/AeX9dZuAMYLyjirtoUMwWq1LGCrnGbNZaotfQrHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:05 2024 by rpki-client on console-ams.rpki-client.org