Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/UUhRvdpzELyltbVXKj7e4MJ13Vg.roa
File: UUhRvdpzELyltbVXKj7e4MJ13Vg.roa (raw, json)
Hash identifier: OsG4puo1YNdT4tIysnpSKHZYUjQchVmsViRdkx6yILs=
Subject key identifier: 51:48:51:BD:DA:73:10:BC:A5:B5:B5:57:2A:3E:DE:E0:C2:75:DD:58
Certificate issuer: /CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Certificate serial: 018BC984AD166EB679AB24299C6609C551E4
Authority key identifier: 07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/UUhRvdpzELyltbVXKj7e4MJ13Vg.roa
Signing time: Mon 13 Nov 2023 16:29:57 +0000
ROA not before: Mon 13 Nov 2023 16:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35625
IP address blocks: 185.117.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:84:ad:16:6e:b6:79:ab:24:29:9c:66:09:c5:51:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073a6d3de5c125c1fe8b5fbe89584656e5861a2d
Validity
Not Before: Nov 13 16:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=514851bdda7310bca5b5b5572a3edee0c275dd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:6c:b0:d4:bf:14:5b:ef:96:43:ab:aa:0c:
82:ed:58:ad:fc:3b:53:1e:ce:61:1f:ba:3e:bf:1f:
57:d4:21:46:2c:8f:ca:f9:7d:fb:cc:08:20:99:df:
23:9a:f0:64:95:cf:2b:3c:1c:51:cd:89:11:cc:8b:
4a:1f:aa:d4:c7:5d:85:da:54:5f:db:1f:0d:dc:cd:
73:ed:1a:eb:4a:2a:9e:8e:22:45:2d:a6:1b:b5:39:
69:af:e9:eb:8c:07:51:71:c7:30:57:b5:49:96:1a:
75:b7:d4:e7:6d:45:c3:23:2a:1b:ef:79:d1:37:12:
cc:e5:ec:82:e2:bc:b9:d2:60:f7:2b:ab:e5:ee:9e:
99:d6:b4:73:17:db:90:0e:73:fb:1e:e7:2d:81:15:
36:6c:34:58:0b:02:40:93:22:cc:1a:3e:a5:3e:d5:
ba:ca:3d:4b:69:ff:9a:0d:02:b8:4f:c5:2d:9e:df:
95:dc:81:e6:10:c8:d3:32:17:c9:14:d9:c6:a0:8c:
99:02:bd:6d:6a:9b:c1:5b:52:85:ad:69:62:88:61:
6a:27:3c:06:52:28:45:51:53:df:65:99:72:7d:b8:
5c:80:0e:89:ab:9c:74:5b:90:e7:63:d0:11:38:ba:
6a:de:49:78:d7:6f:ab:20:bf:20:83:a8:c0:12:2b:
50:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:48:51:BD:DA:73:10:BC:A5:B5:B5:57:2A:3E:DE:E0:C2:75:DD:58
X509v3 Authority Key Identifier:
keyid:07:3A:6D:3D:E5:C1:25:C1:FE:8B:5F:BE:89:58:46:56:E5:86:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzptPeXBJcH-i1--iVhGVuWGGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/UUhRvdpzELyltbVXKj7e4MJ13Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8d7e7c-db7a-465f-8032-255100f2016a/1/BzptPeXBJcH-i1--iVhGVuWGGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:29:e3:56:66:14:2c:af:fe:8a:e0:47:90:ba:05:e5:2a:fa:
4f:77:68:a3:ce:42:0e:7f:fb:e5:de:96:6d:bd:6e:db:96:24:
61:ae:ee:87:87:60:fb:78:87:09:c0:11:53:d8:7d:b6:26:51:
e4:96:40:67:1e:1a:9b:56:f0:8b:31:2e:ac:60:9c:a7:6e:9d:
c5:3f:8a:80:cf:41:44:f0:61:bb:99:3a:61:8f:82:4a:b0:f3:
32:ff:79:d7:f1:5b:10:46:70:16:b9:9b:6d:e7:a7:15:f0:23:
fd:f0:df:d7:92:55:9b:23:3e:ba:17:0b:78:7f:59:b1:d5:56:
3c:e8:b0:a2:55:a5:f7:84:0c:85:e2:21:19:f9:d1:98:19:9d:
a2:12:d5:21:18:13:7d:b6:06:43:32:ae:85:4e:28:7c:69:94:
5c:2c:e5:52:c9:86:56:03:a9:93:62:02:b8:5c:8a:d1:e9:51:
c0:f6:87:51:4a:b0:eb:df:30:46:c0:4e:85:75:07:cc:e6:34:
dc:31:81:e6:3b:5e:2c:6f:8c:a7:60:8e:dc:82:92:90:2e:0a:
26:44:23:59:3e:fd:d8:3c:e9:20:92:97:65:71:9f:08:da:9e:
05:c7:31:fb:ba:cc:92:f5:0b:5b:27:a6:d1:95:05:3b:60:61:
2e:d3:26:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvJhK0WbrZ5qyQpnGYJxVHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2E2ZDNkZTVjMTI1YzFmZThiNWZiZTg5NTg0NjU2ZTU4
NjFhMmQwHhcNMjMxMTEzMTYyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ4NTFiZGRhNzMxMGJjYTViNWI1NTcyYTNlZGVlMGMyNzVkZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh1ssNS/FFvvlkOrqgyC7Vit/DtT
Hs5hH7o+vx9X1CFGLI/K+X37zAggmd8jmvBklc8rPBxRzYkRzItKH6rUx12F2lRf
2x8N3M1z7RrrSiqejiJFLaYbtTlpr+nrjAdRcccwV7VJlhp1t9TnbUXDIyob73nR
NxLM5eyC4ry50mD3K6vl7p6Z1rRzF9uQDnP7HuctgRU2bDRYCwJAkyLMGj6lPtW6
yj1Laf+aDQK4T8Utnt+V3IHmEMjTMhfJFNnGoIyZAr1tapvBW1KFrWliiGFqJzwG
UihFUVPfZZlyfbhcgA6Jq5x0W5DnY9AROLpq3kl412+rIL8gg6jAEitQ8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFIUb3acxC8pbW1Vyo+3uDCdd1YMB8GA1UdIwQY
MBaAFAc6bT3lwSXB/otfvolYRlblhhotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzIt
MjU1MTAwZjIwMTZhLzEvVVVoUnZkcHpFTHlsdGJWWEtqN2U0TUoxM1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84ZDdlN2MtZGI3YS00NjVmLTgwMzItMjU1MTAwZjIwMTZh
LzEvQnpwdFBlWEJKY0gtaTEtLWlWaEdWdVdHR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXUSMA0G
CSqGSIb3DQEBCwUAA4IBAQCpKeNWZhQsr/6K4EeQugXlKvpPd2ijzkIOf/vl3pZt
vW7bliRhru6Hh2D7eIcJwBFT2H22JlHklkBnHhqbVvCLMS6sYJynbp3FP4qAz0FE
8GG7mTphj4JKsPMy/3nX8VsQRnAWuZtt56cV8CP98N/XklWbIz66Fwt4f1mx1VY8
6LCiVaX3hAyF4iEZ+dGYGZ2iEtUhGBN9tgZDMq6FTih8aZRcLOVSyYZWA6mTYgK4
XIrR6VHA9odRSrDr3zBGwE6FdQfM5jTcMYHmO14sb4ynYI7cgpKQLgomRCNZPv3Y
POkgkpdlcZ8I2p4FxzH7usyS9QtbJ6bRlQU7YGEu0yYe
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:52 2023 by rpki-client on console.sobornost.net