Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/700cb3-4383-4cbf-bb25-88c173ed2e34/1/uN0ZaiB-SikobBH4kAL580J9H_E.roa
File: uN0ZaiB-SikobBH4kAL580J9H_E.roa (raw, json)
Hash identifier: ccN/AJjxB70hRSb+SWXrKhYxUcKbXe1ELNin4NBdCZg=
Subject key identifier: B8:DD:19:6A:20:7E:4A:29:28:6C:11:F8:90:02:F9:F3:42:7D:1F:F1
Certificate issuer: /CN=e5619fb9868c8f0fbf5e3eb9ce72b485f7a005df
Certificate serial: 0185719545393A6BAC12F060ACDC9D70ED03
Authority key identifier: E5:61:9F:B9:86:8C:8F:0F:BF:5E:3E:B9:CE:72:B4:85:F7:A0:05:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5WGfuYaMjw-_Xj65znK0hfegBd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/700cb3-4383-4cbf-bb25-88c173ed2e34/1/uN0ZaiB-SikobBH4kAL580J9H_E.roa
Signing time: Mon 02 Jan 2023 08:24:46 +0000
ROA not before: Mon 02 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48448
IP address blocks: 194.187.117.0/24 maxlen: 24
2a06:4d00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:45:39:3a:6b:ac:12:f0:60:ac:dc:9d:70:ed:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5619fb9868c8f0fbf5e3eb9ce72b485f7a005df
Validity
Not Before: Jan 2 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8dd196a207e4a29286c11f89002f9f3427d1ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:f7:5a:79:1d:4e:8b:d6:a7:14:66:dc:22:
53:e4:a5:55:4b:d9:88:ac:f6:7e:01:39:37:aa:44:
4c:8f:98:3e:b6:08:97:3b:82:99:fc:4b:ed:ba:6f:
7b:8b:7c:c0:73:da:1d:df:29:82:bb:c8:d5:e4:e2:
1b:ff:65:69:73:8a:b4:9e:23:bc:6d:27:46:7d:53:
19:17:f6:bc:1e:37:88:e6:7d:35:22:47:55:45:ed:
ca:8f:d1:2b:cb:70:a7:a0:ea:71:f7:ec:b9:e5:4f:
7e:2c:f9:ce:5a:26:21:ca:b5:af:d6:4d:60:3a:39:
83:3c:b4:2f:a7:21:44:4d:a9:f2:2e:9c:53:29:49:
36:7b:31:9d:dc:72:06:65:97:00:5d:90:12:d4:07:
18:e8:60:87:23:ae:46:5a:8b:9c:9b:39:48:97:30:
fd:cd:e2:b6:62:87:96:1e:f4:d8:bd:33:f2:76:07:
d8:2d:19:57:ba:3f:90:b0:78:f9:12:c5:ac:cf:f5:
d5:95:f0:6c:cb:fe:86:82:f8:77:29:43:e1:95:ed:
c6:9b:ed:c2:f8:6f:88:1e:50:c8:be:4a:11:1b:7b:
99:7a:a4:72:fb:74:00:31:32:9e:61:aa:ec:bc:45:
fb:8b:c6:e8:98:1f:bb:5d:3c:8e:68:16:eb:4f:16:
05:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DD:19:6A:20:7E:4A:29:28:6C:11:F8:90:02:F9:F3:42:7D:1F:F1
X509v3 Authority Key Identifier:
keyid:E5:61:9F:B9:86:8C:8F:0F:BF:5E:3E:B9:CE:72:B4:85:F7:A0:05:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WGfuYaMjw-_Xj65znK0hfegBd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/700cb3-4383-4cbf-bb25-88c173ed2e34/1/uN0ZaiB-SikobBH4kAL580J9H_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/700cb3-4383-4cbf-bb25-88c173ed2e34/1/5WGfuYaMjw-_Xj65znK0hfegBd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.117.0/24
IPv6:
2a06:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
50:c0:10:d2:34:fa:a7:71:08:6f:9f:44:4e:6f:f3:06:ba:ee:
ac:86:90:df:18:3a:b4:06:95:8a:2b:ec:cd:fc:dd:f7:c4:46:
27:21:74:29:ea:17:66:e1:48:13:39:6c:46:f6:f7:47:a5:07:
be:2c:84:83:57:d8:fb:b2:c9:a2:94:5e:8e:6a:83:ce:25:8a:
40:a0:7f:38:ea:11:a2:25:49:ec:b0:62:28:59:d9:14:29:94:
11:8d:64:d1:ec:95:7e:62:7d:cf:8c:e5:9c:8e:b9:62:df:fd:
51:81:d2:89:f4:f1:0e:07:e2:54:f7:36:c7:54:bb:23:ad:67:
d0:f6:35:0b:5b:fe:05:9b:7a:59:87:34:a3:c4:ee:61:5f:fd:
d0:09:7b:87:77:4d:25:db:8c:d5:92:dd:aa:48:11:2d:d1:b3:
0c:1c:ec:b2:52:24:20:6e:2f:6d:fe:fb:6c:dc:a3:7b:ad:a1:
94:c4:a0:49:8f:5c:93:50:b2:ff:18:57:78:fc:a9:d1:a7:75:
e9:5e:84:d9:6f:85:62:43:c1:d6:15:13:74:18:e6:c4:8b:dc:
1f:04:40:22:67:ee:d8:bb:d3:47:95:02:ed:29:03:0a:c2:3b:
ac:a9:3b:e4:16:da:f4:be:6d:9b:03:a3:50:76:16:c1:fd:89:
82:50:e8:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxlUU5OmusEvBgrNydcO0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjE5ZmI5ODY4YzhmMGZiZjVlM2ViOWNlNzJiNDg1Zjdh
MDA1ZGYwHhcNMjMwMTAyMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGRkMTk2YTIwN2U0YTI5Mjg2YzExZjg5MDAyZjlmMzQyN2QxZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbz3WnkdTovWpxRm3CJT5KVVS9mI
rPZ+ATk3qkRMj5g+tgiXO4KZ/Evtum97i3zAc9od3ymCu8jV5OIb/2Vpc4q0niO8
bSdGfVMZF/a8HjeI5n01IkdVRe3Kj9Ery3CnoOpx9+y55U9+LPnOWiYhyrWv1k1g
OjmDPLQvpyFETanyLpxTKUk2ezGd3HIGZZcAXZAS1AcY6GCHI65GWoucmzlIlzD9
zeK2YoeWHvTYvTPydgfYLRlXuj+QsHj5EsWsz/XVlfBsy/6Ggvh3KUPhle3Gm+3C
+G+IHlDIvkoRG3uZeqRy+3QAMTKeYarsvEX7i8bomB+7XTyOaBbrTxYFPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjdGWogfkopKGwR+JAC+fNCfR/xMB8GA1UdIwQY
MBaAFOVhn7mGjI8Pv14+uc5ytIX3oAXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdHZnVZYU1qdy1fWGo2NXpuSzBoZmVnQmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83MDBjYjMtNDM4My00Y2JmLWJiMjUt
ODhjMTczZWQyZTM0LzEvdU4wWmFpQi1TaWtvYkJINGtBTDU4MEo5SF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83MDBjYjMtNDM4My00Y2JmLWJiMjUtODhjMTczZWQyZTM0
LzEvNVdHZnVZYU1qdy1fWGo2NXpuSzBoZmVnQmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwrt1MA0E
AgACMAcDBQMqBk0AMA0GCSqGSIb3DQEBCwUAA4IBAQBQwBDSNPqncQhvn0ROb/MG
uu6shpDfGDq0BpWKK+zN/N33xEYnIXQp6hdm4UgTOWxG9vdHpQe+LISDV9j7ssmi
lF6OaoPOJYpAoH846hGiJUnssGIoWdkUKZQRjWTR7JV+Yn3PjOWcjrli3/1RgdKJ
9PEOB+JU9zbHVLsjrWfQ9jULW/4Fm3pZhzSjxO5hX/3QCXuHd00l24zVkt2qSBEt
0bMMHOyyUiQgbi9t/vts3KN7raGUxKBJj1yTULL/GFd4/KnRp3XpXoTZb4ViQ8HW
FRN0GObEi9wfBEAiZ+7Yu9NHlQLtKQMKwjusqTvkFtr0vm2bA6NQdhbB/YmCUOhn
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:30 2023 by rpki-client on console.sobornost.net