Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/U5hlrMIdSNXt_gwqQhaC6EAQKcw.roa
File: U5hlrMIdSNXt_gwqQhaC6EAQKcw.roa (raw, json)
Hash identifier: DQa0XuctYBXnlqAVYzQTrSLVzhB1RaowJBg996V1mcQ=
Subject key identifier: 53:98:65:AC:C2:1D:48:D5:ED:FE:0C:2A:42:16:82:E8:40:10:29:CC
Certificate issuer: /CN=6c7228dbb17f64e62de1dc4698815a35bb47202d
Certificate serial: 0997F62F
Authority key identifier: 6C:72:28:DB:B1:7F:64:E6:2D:E1:DC:46:98:81:5A:35:BB:47:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHIo27F_ZOYt4dxGmIFaNbtHIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/U5hlrMIdSNXt_gwqQhaC6EAQKcw.roa
Signing time: Fri 11 Feb 2022 15:41:57 +0000
ROA not before: Fri 11 Feb 2022 15:41:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204335
IP address blocks: 185.253.61.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160953903 (0x997f62f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c7228dbb17f64e62de1dc4698815a35bb47202d
Validity
Not Before: Feb 11 15:41:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=539865acc21d48d5edfe0c2a421682e8401029cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:74:24:e1:83:41:11:ec:e4:ff:74:91:6b:2c:
e8:7f:83:ec:3d:ea:fc:c2:7b:d9:bc:05:88:c6:60:
3c:ac:8f:c5:be:9e:68:a5:50:27:ce:91:af:f3:6d:
e6:cc:e7:ce:22:1c:e3:82:c3:31:27:55:cc:46:0a:
d7:8a:85:24:f7:5d:a5:df:1a:7e:ae:e5:ad:24:7e:
ff:57:30:a2:a7:42:bc:cf:aa:9a:0f:48:73:98:ac:
4b:5e:0e:a0:9f:1f:80:e6:2f:00:bd:f5:ee:be:e0:
46:06:c8:ab:dd:ab:c8:87:4a:ae:e6:92:8f:8b:b0:
cf:36:05:bb:ac:93:2e:15:19:f9:d1:22:25:1f:eb:
21:ff:cd:dd:70:12:5c:c2:a8:f7:75:3f:93:da:fa:
3c:13:77:50:29:95:a7:a5:c8:2b:b6:14:64:ad:24:
51:03:f2:d0:3b:92:b6:6e:c6:68:76:e1:76:ad:f3:
88:75:c0:c7:2c:33:e1:c2:da:29:23:e2:49:0f:ca:
58:36:d5:b7:4c:a3:ed:26:1c:19:64:7c:a4:a0:69:
d9:2e:a2:d0:2a:62:c6:bb:bc:22:0b:01:78:c9:d3:
22:bd:72:52:cd:12:14:39:b5:9b:f2:9d:d4:59:b4:
a9:72:4f:ef:28:40:7f:0d:8b:bb:c1:ed:6a:2f:a3:
c7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:98:65:AC:C2:1D:48:D5:ED:FE:0C:2A:42:16:82:E8:40:10:29:CC
X509v3 Authority Key Identifier:
keyid:6C:72:28:DB:B1:7F:64:E6:2D:E1:DC:46:98:81:5A:35:BB:47:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHIo27F_ZOYt4dxGmIFaNbtHIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/U5hlrMIdSNXt_gwqQhaC6EAQKcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29e960-eff5-44f2-bc40-ade60728ec37/1/bHIo27F_ZOYt4dxGmIFaNbtHIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.61.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:69:53:d2:42:19:7d:61:99:10:76:8c:d7:e6:bc:d6:0f:e8:
8e:c6:f9:bf:d3:81:0b:9d:0b:fb:8d:0f:42:f3:a5:8a:71:aa:
0d:0c:84:67:60:74:2a:b8:7b:db:81:d2:50:40:17:83:8a:37:
4c:f8:7c:bd:ae:d4:45:e3:97:a6:69:d5:8f:41:b4:07:02:b3:
b9:6c:b3:04:b4:4f:79:89:b1:fe:a8:6d:99:b3:61:42:4d:e0:
8b:c9:dd:24:e8:2b:dc:31:88:b2:89:ea:90:f0:33:f9:6c:ff:
f1:97:43:f7:56:0d:e5:b9:13:2b:d0:12:09:d5:3f:f0:31:30:
7a:3a:b9:67:58:8a:78:35:fc:e0:eb:a1:65:84:e0:9c:af:5f:
a4:14:01:b5:eb:3e:93:e4:14:b6:4d:58:f6:0b:f5:a4:b0:0b:
50:1e:f7:2f:be:67:5f:92:8f:e5:25:55:d1:5c:26:33:dd:65:
31:38:e3:50:98:2b:af:af:46:57:9d:ba:32:f4:47:0a:ee:4d:
bc:4d:7d:ba:6f:7a:67:de:03:2c:cd:e9:5b:ce:29:53:9c:8b:
85:dd:e1:86:a1:64:fa:56:e3:57:6e:51:e8:c7:1f:bb:21:4d:
4b:16:f2:fe:62:e6:82:e9:68:98:45:3f:99:cc:da:df:81:7b:
f6:7d:99:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECZf2LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzcyMjhkYmIxN2Y2NGU2MmRlMWRjNDY5ODgxNWEzNWJiNDcyMDJkMB4XDTIyMDIx
MTE1NDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM5ODY1YWNjMjFk
NDhkNWVkZmUwYzJhNDIxNjgyZTg0MDEwMjljYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMx0JOGDQRHs5P90kWss6H+D7D3q/MJ72bwFiMZgPKyPxb6e
aKVQJ86Rr/Nt5sznziIc44LDMSdVzEYK14qFJPddpd8afq7lrSR+/1cwoqdCvM+q
mg9Ic5isS14OoJ8fgOYvAL317r7gRgbIq92ryIdKruaSj4uwzzYFu6yTLhUZ+dEi
JR/rIf/N3XASXMKo93U/k9r6PBN3UCmVp6XIK7YUZK0kUQPy0DuStm7GaHbhdq3z
iHXAxywz4cLaKSPiSQ/KWDbVt0yj7SYcGWR8pKBp2S6i0Cpixru8IgsBeMnTIr1y
Us0SFDm1m/Kd1Fm0qXJP7yhAfw2Lu8Htai+jxw8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTmGWswh1I1e3+DCpCFoLoQBApzDAfBgNVHSMEGDAWgBRscijbsX9k5i3h
3EaYgVo1u0cgLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JISW8yN0ZfWk9ZdDRkeEdtSUZhTmJ0SElDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvMjllOTYwLWVmZjUtNDRmMi1iYzQwLWFkZTYwNzI4ZWMzNy8x
L1U1aGxyTUlkU05YdF9nd3FRaGFDNkVBUUtjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
MjllOTYwLWVmZjUtNDRmMi1iYzQwLWFkZTYwNzI4ZWMzNy8xL2JISW8yN0ZfWk9Z
dDRkeEdtSUZhTmJ0SElDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn9PTANBgkqhkiG9w0BAQsFAAOC
AQEA2WlT0kIZfWGZEHaM1+a81g/ojsb5v9OBC50L+40PQvOlinGqDQyEZ2B0Krh7
24HSUEAXg4o3TPh8va7UReOXpmnVj0G0BwKzuWyzBLRPeYmx/qhtmbNhQk3gi8nd
JOgr3DGIsonqkPAz+Wz/8ZdD91YN5bkTK9ASCdU/8DEwejq5Z1iKeDX84OuhZYTg
nK9fpBQBtes+k+QUtk1Y9gv1pLALUB73L75nX5KP5SVV0VwmM91lMTjjUJgrr69G
V526MvRHCu5NvE19um96Z94DLM3pW84pU5yLhd3hhqFk+lbjV25R6McfuyFNSxby
/mLmgulomEU/mcza34F79n2ZSw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:18 2023 by rpki-client on console.sobornost.net