Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U2HDcb6o2X4bKFA4LqoF29nnMPY.roa
File: U2HDcb6o2X4bKFA4LqoF29nnMPY.roa (raw, json)
Hash identifier: DyH06nQTSSwbRerDlTUPLvRv7HFYR7nGFoVZoFmDkqA=
Subject key identifier: 53:61:C3:71:BE:A8:D9:7E:1B:28:50:38:2E:AA:05:DB:D9:E7:30:F6
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CD67B84C40B45942F1004A873ADD7AABE
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U2HDcb6o2X4bKFA4LqoF29nnMPY.roa
Signing time: Thu 04 Jan 2024 21:57:48 +0000
ROA not before: Thu 04 Jan 2024 21:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 185.77.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:7b:84:c4:0b:45:94:2f:10:04:a8:73:ad:d7:aa:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 4 21:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5361c371bea8d97e1b2850382eaa05dbd9e730f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:2e:9b:db:7a:ab:2d:38:7b:99:ff:7f:64:
73:56:6c:6a:c1:33:1b:28:72:25:6f:6d:53:a7:d3:
79:1b:d7:b7:fa:ee:16:6e:00:d8:e1:fa:e1:bc:3f:
14:98:f5:42:d9:f3:77:1d:5b:62:ad:59:61:0f:ae:
96:da:1d:02:56:01:e5:65:8a:86:6a:2d:05:27:d8:
44:1d:17:41:e2:fb:2c:88:04:bb:a9:ae:d8:0e:15:
fb:1d:ef:26:72:4f:fc:a6:f1:ca:29:dc:b2:b5:22:
31:f2:29:7f:35:59:50:01:7e:84:dd:6d:56:4a:95:
d0:35:7b:38:87:6b:d3:c8:11:7e:a0:4b:83:c2:09:
1b:8a:f1:75:b9:37:43:09:ea:c7:1d:13:d1:39:fb:
c0:29:28:d7:76:33:7c:e9:24:09:e9:53:e1:06:da:
f4:48:bd:46:42:f0:28:02:47:d7:f5:0d:26:42:06:
7b:42:49:fa:85:18:0f:ee:8d:a8:df:75:20:a6:18:
a9:25:94:f3:ae:79:2c:ea:0b:db:38:b4:2a:c8:e9:
3e:37:ee:0b:4e:83:95:41:c5:8d:65:1e:90:45:91:
1f:83:14:e8:c7:81:00:cc:54:10:cb:13:27:da:93:
af:f2:bc:f5:f8:c5:f1:8d:3f:0c:59:6e:24:b6:67:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:61:C3:71:BE:A8:D9:7E:1B:28:50:38:2E:AA:05:DB:D9:E7:30:F6
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U2HDcb6o2X4bKFA4LqoF29nnMPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.249.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c4:ee:38:fb:38:89:96:7a:50:0b:a2:4f:79:6d:85:6f:4b:
ce:62:2a:5b:c6:71:2b:a6:11:6a:88:94:e7:72:6d:f1:82:52:
66:89:49:c0:b8:8c:05:87:7e:89:9d:da:38:9f:e1:2c:ef:8b:
cc:86:f1:c3:ce:c3:e0:f2:84:12:49:32:81:4e:72:72:a3:19:
19:2c:c3:fc:5a:00:c7:64:25:3e:d4:9d:7f:c1:73:9e:8c:25:
2b:c7:3b:40:6d:fb:1b:21:c0:e8:98:28:bd:b1:cc:5b:36:39:
de:d0:07:e5:de:95:13:4b:3c:e2:0b:0c:7a:c7:7b:d8:b5:63:
7e:05:ec:48:7b:00:bf:f0:bb:32:c9:6a:7d:bc:cd:c2:2e:2b:
86:8d:61:f3:1e:47:59:23:e1:81:fd:95:c9:86:57:ef:27:b1:
ce:18:9f:da:bb:3b:3f:98:fc:75:1c:2a:fc:75:6e:e0:57:48:
1d:d4:7e:22:80:ae:05:00:74:ec:e8:55:af:82:c4:48:4f:0f:
87:f9:18:cb:f7:c8:d4:8b:a4:0e:82:50:3d:0b:bd:f5:30:10:
4f:ba:25:c3:a7:4b:00:e9:09:dc:00:5b:9d:14:33:dc:a3:93:
08:b4:5d:a3:65:df:4c:04:9e:f0:cd:13:87:7a:36:8f:84:81:
4a:2a:8b:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzWe4TEC0WULxAEqHOt16q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTA0MjE1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYxYzM3MWJlYThkOTdlMWIyODUwMzgyZWFhMDVkYmQ5ZTczMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIIum9t6qy04e5n/f2RzVmxqwTMb
KHIlb21Tp9N5G9e3+u4WbgDY4frhvD8UmPVC2fN3HVtirVlhD66W2h0CVgHlZYqG
ai0FJ9hEHRdB4vssiAS7qa7YDhX7He8mck/8pvHKKdyytSIx8il/NVlQAX6E3W1W
SpXQNXs4h2vTyBF+oEuDwgkbivF1uTdDCerHHRPROfvAKSjXdjN86SQJ6VPhBtr0
SL1GQvAoAkfX9Q0mQgZ7Qkn6hRgP7o2o33UgphipJZTzrnks6gvbOLQqyOk+N+4L
ToOVQcWNZR6QRZEfgxTox4EAzFQQyxMn2pOv8rz1+MXxjT8MWW4ktmfCwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNhw3G+qNl+GyhQOC6qBdvZ5zD2MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVTJIRGNiNm8yWDRiS0ZBNExxb0YyOW5uTVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU35MA0G
CSqGSIb3DQEBCwUAA4IBAQBsxO44+ziJlnpQC6JPeW2Fb0vOYipbxnErphFqiJTn
cm3xglJmiUnAuIwFh36Jndo4n+Es74vMhvHDzsPg8oQSSTKBTnJyoxkZLMP8WgDH
ZCU+1J1/wXOejCUrxztAbfsbIcDomCi9scxbNjne0Afl3pUTSzziCwx6x3vYtWN+
BexIewC/8LsyyWp9vM3CLiuGjWHzHkdZI+GB/ZXJhlfvJ7HOGJ/auzs/mPx1HCr8
dW7gV0gd1H4igK4FAHTs6FWvgsRITw+H+RjL98jUi6QOglA9C731MBBPuiXDp0sA
6QncAFudFDPco5MItF2jZd9MBJ7wzROHejaPhIFKKose
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org