Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/u-MbFeOJul3S4AJN0bGe_tEbxIs.roa
File: u-MbFeOJul3S4AJN0bGe_tEbxIs.roa (raw, json)
Hash identifier: 0KtIwvxCgXJMo9WrZvxW5sOuz1Egg1YaQwl1o2qdZ1M=
Subject key identifier: BB:E3:1B:15:E3:89:BA:5D:D2:E0:02:4D:D1:B1:9E:FE:D1:1B:C4:8B
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29ED396C
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/u-MbFeOJul3S4AJN0bGe_tEbxIs.roa
Signing time: Sat 01 Jan 2022 13:54:23 +0000
ROA not before: Sat 01 Jan 2022 13:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60006
IP address blocks: 79.133.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703412588 (0x29ed396c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbe31b15e389ba5dd2e0024dd1b19efed11bc48b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1f:b1:e4:3a:23:2f:a0:3a:32:af:0b:34:1b:
eb:ee:ff:22:1e:6b:b8:f6:cb:06:40:85:19:78:90:
69:6c:7d:01:94:82:cb:4c:f7:aa:d4:99:93:c2:7a:
cd:f4:dd:3b:ba:d9:90:35:a4:36:6e:ec:13:9e:10:
57:c3:46:3a:50:0f:dc:33:5e:f2:ad:6b:aa:be:6c:
a3:6d:eb:92:a7:16:b8:f2:11:96:68:21:c5:e4:24:
71:ce:ae:ce:ee:0d:4d:d8:de:df:c2:01:63:2d:ab:
3b:03:be:dc:c7:58:29:57:91:bb:dd:04:d3:d4:5f:
cb:19:6d:3f:c8:2c:1b:67:dc:39:0f:9a:f6:6f:37:
3b:79:80:2d:a5:b2:5e:c5:a6:3d:fc:96:d4:a7:3d:
62:94:75:03:3d:d6:c2:5d:c0:b8:6c:04:99:cd:a5:
74:e3:d2:46:3b:5e:35:33:0a:73:a8:d7:c2:41:9a:
08:d8:11:6f:c3:5d:39:38:f8:8d:a0:25:94:3c:3c:
2a:e8:b8:f2:06:ed:88:de:0b:26:32:45:eb:f7:c1:
1a:17:dc:8a:ab:1e:af:d1:a2:45:61:09:3c:82:89:
48:76:7d:8c:bc:c3:dc:d0:3d:10:23:d7:c6:14:8e:
11:0d:ba:a2:16:40:00:9d:54:18:32:a8:30:e1:ba:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E3:1B:15:E3:89:BA:5D:D2:E0:02:4D:D1:B1:9E:FE:D1:1B:C4:8B
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/u-MbFeOJul3S4AJN0bGe_tEbxIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.105.0/24
Signature Algorithm: sha256WithRSAEncryption
11:1d:d7:c2:63:fa:10:9f:58:92:36:0e:39:b1:e0:e6:01:8e:
2a:1c:07:e7:f9:81:1d:bc:78:49:b7:37:ed:ba:e2:0c:92:68:
0e:25:0a:e5:78:e5:c8:51:78:18:1a:eb:9c:a4:77:7e:c2:de:
d8:22:d2:95:1c:56:45:9e:5f:8d:cd:c6:e2:89:b0:93:22:18:
b3:03:09:0d:97:72:75:83:b9:9b:a7:f3:a5:c9:79:af:80:5c:
9f:9a:f9:8b:57:0e:c9:ef:c3:8e:49:0c:f0:51:9c:8e:bf:59:
7a:84:db:de:0c:87:95:5a:69:58:89:46:11:f4:7d:4b:e2:34:
3f:47:bb:40:87:7b:60:36:b9:bb:fc:32:4c:e6:91:9a:0c:cd:
32:7b:79:e7:6a:23:13:ff:08:c1:e2:7a:40:0b:04:28:79:70:
5d:09:0b:d6:e3:38:59:d4:e8:ba:c9:03:f4:c4:0e:65:9f:75:
1f:c2:fd:1a:16:13:f3:d0:9f:8c:f7:b1:3e:a4:f1:76:03:e9:
a7:10:77:b7:84:f0:6a:23:19:15:cf:ed:fa:9d:a6:3b:5d:2b:
64:50:df:12:90:a3:a4:e3:b1:34:4b:38:fc:6d:e4:22:d2:82:
b2:1c:59:fe:f4:a7:ae:39:1a:05:c2:9b:ed:a3:0c:b2:36:18:
7e:a3:b1:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKe05bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJlMzFiMTVlMzg5
YmE1ZGQyZTAwMjRkZDFiMTllZmVkMTFiYzQ4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkfseQ6Iy+gOjKvCzQb6+7/Ih5ruPbLBkCFGXiQaWx9AZSC
y0z3qtSZk8J6zfTdO7rZkDWkNm7sE54QV8NGOlAP3DNe8q1rqr5so23rkqcWuPIR
lmghxeQkcc6uzu4NTdje38IBYy2rOwO+3MdYKVeRu90E09RfyxltP8gsG2fcOQ+a
9m83O3mALaWyXsWmPfyW1Kc9YpR1Az3Wwl3AuGwEmc2ldOPSRjteNTMKc6jXwkGa
CNgRb8NdOTj4jaAllDw8Kui48gbtiN4LJjJF6/fBGhfciqser9GiRWEJPIKJSHZ9
jLzD3NA9ECPXxhSOEQ26ohZAAJ1UGDKoMOG6wK0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS74xsV44m6XdLgAk3RsZ7+0RvEizAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L3UtTWJGZU9KdWwzUzRBSk4wYkdlX3RFYnhJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE+FaTANBgkqhkiG9w0BAQsFAAOC
AQEAER3XwmP6EJ9YkjYOObHg5gGOKhwH5/mBHbx4Sbc37briDJJoDiUK5XjlyFF4
GBrrnKR3fsLe2CLSlRxWRZ5fjc3G4omwkyIYswMJDZdydYO5m6fzpcl5r4Bcn5r5
i1cOye/DjkkM8FGcjr9ZeoTb3gyHlVppWIlGEfR9S+I0P0e7QId7YDa5u/wyTOaR
mgzNMnt552ojE/8IweJ6QAsEKHlwXQkL1uM4WdTouskD9MQOZZ91H8L9GhYT89Cf
jPexPqTxdgPppxB3t4TwaiMZFc/t+p2mO10rZFDfEpCjpOOxNEs4/G3kItKCshxZ
/vSnrjkaBcKb7aMMsjYYfqOx6A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org