Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/a3wO8tNNg9TnAY2norPp_8jBiPg.roa
File: a3wO8tNNg9TnAY2norPp_8jBiPg.roa (raw, json)
Hash identifier: nosdVbCglgamkcjuMXNxiYsK/ChWka2E0sSe845mi4E=
Subject key identifier: 6B:7C:0E:F2:D3:4D:83:D4:E7:01:8D:A7:A2:B3:E9:FF:C8:C1:88:F8
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018D13D7EE3DFF592C4F01E974D1B6FA0305
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/a3wO8tNNg9TnAY2norPp_8jBiPg.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 31.222.230.0/24 maxlen: 24
37.72.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ee:3d:ff:59:2c:4f:01:e9:74:d1:b6:fa:03:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b7c0ef2d34d83d4e7018da7a2b3e9ffc8c188f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:75:a5:14:38:a8:21:16:09:66:7f:fb:b9:f1:
92:ad:55:0a:93:a0:e1:fe:1d:26:07:84:7e:8e:6b:
37:ec:d8:3a:0b:39:05:88:dc:dd:04:50:41:de:94:
04:c2:c7:fe:33:28:78:77:40:64:18:94:ff:4a:e4:
01:e3:f4:30:1a:b3:45:7f:f6:c4:54:fa:e1:92:48:
b7:f4:44:bd:96:8b:b5:d4:f8:c1:6b:a8:c9:45:fd:
27:6e:4e:95:0b:b0:67:27:5a:4d:35:94:71:89:ab:
f8:57:e1:9e:46:96:1b:d8:18:fa:77:29:6b:d8:74:
3e:ce:6a:07:c3:0c:cc:e8:0a:c3:20:03:29:65:8b:
08:45:17:4c:1c:d8:1d:60:5b:c1:2d:58:5f:0f:a3:
0f:61:21:4a:bd:70:52:c2:69:9f:c8:43:c7:b8:15:
80:e7:c7:48:e4:86:96:4f:c1:9f:0c:f8:cf:b9:17:
23:4d:0f:85:55:8c:f1:c4:8a:48:a7:c6:a0:df:85:
de:c5:74:e2:a3:6e:e1:90:c4:a9:cb:65:e5:59:87:
27:5c:97:c1:79:14:2a:10:de:18:87:a2:88:3a:e8:
05:24:b6:1c:ed:6e:1a:2d:37:48:0f:73:bb:c4:a1:
ca:e4:48:60:da:f7:e1:43:5b:d9:42:74:fc:d0:23:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7C:0E:F2:D3:4D:83:D4:E7:01:8D:A7:A2:B3:E9:FF:C8:C1:88:F8
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/a3wO8tNNg9TnAY2norPp_8jBiPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.230.0/24
37.72.128.0/24
Signature Algorithm: sha256WithRSAEncryption
86:9a:19:b2:99:52:3a:9f:f1:32:68:8a:f8:df:11:a9:1c:12:
66:d7:1c:05:73:b8:ea:4f:04:fe:83:d7:94:01:01:6b:4e:50:
ac:cd:9c:9e:4d:8c:30:b1:72:c0:f2:32:cb:0b:26:14:89:ba:
22:d7:9c:b6:2e:2c:74:95:3a:f7:06:c5:6d:4d:92:d1:b8:b3:
07:b1:5a:2a:2f:dc:2d:fb:57:22:a8:7b:73:ff:18:41:d6:60:
23:a3:65:4e:2b:9a:ed:ad:f6:6f:c5:c3:62:11:29:57:cc:68:
31:27:fc:8a:53:cc:dd:10:1f:68:ca:dd:a5:b2:7c:08:d5:38:
22:1b:02:dc:f9:a0:dd:0d:da:c9:50:b0:a6:5c:db:24:92:ff:
29:a2:d9:0d:5f:45:93:8c:ec:1d:9b:50:a7:c7:86:14:45:06:
0d:50:53:15:5d:28:2b:41:80:b4:5c:4e:ff:90:64:f9:c7:09:
97:08:22:c1:fa:e4:e9:7c:a9:92:58:ed:94:9e:20:3a:b3:d6:
a3:5d:98:c5:29:a9:38:80:57:09:9c:02:cd:09:e7:24:e4:42:
6d:16:2e:c5:2c:e0:2c:95:3c:bb:b9:77:54:b9:9a:fd:6f:ed:
d7:62:33:33:e0:8b:28:36:a7:e6:9a:ea:fc:ff:83:7d:e0:b7:
63:45:79:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1+49/1ksTwHpdNG2+gMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdjMGVmMmQzNGQ4M2Q0ZTcwMThkYTdhMmIzZTlmZmM4YzE4OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23WlFDioIRYJZn/7ufGSrVUKk6Dh
/h0mB4R+jms37Ng6CzkFiNzdBFBB3pQEwsf+Myh4d0BkGJT/SuQB4/QwGrNFf/bE
VPrhkki39ES9lou11PjBa6jJRf0nbk6VC7BnJ1pNNZRxiav4V+GeRpYb2Bj6dylr
2HQ+zmoHwwzM6ArDIAMpZYsIRRdMHNgdYFvBLVhfD6MPYSFKvXBSwmmfyEPHuBWA
58dI5IaWT8GfDPjPuRcjTQ+FVYzxxIpIp8ag34XexXTio27hkMSpy2XlWYcnXJfB
eRQqEN4Yh6KIOugFJLYc7W4aLTdID3O7xKHK5Ehg2vfhQ1vZQnT80CP/KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGt8DvLTTYPU5wGNp6Kz6f/IwYj4MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvYTN3Tzh0Tk5nOVRuQVkybm9yUHBfOGpCaVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH97mAwQA
JUiAMA0GCSqGSIb3DQEBCwUAA4IBAQCGmhmymVI6n/EyaIr43xGpHBJm1xwFc7jq
TwT+g9eUAQFrTlCszZyeTYwwsXLA8jLLCyYUiboi15y2Lix0lTr3BsVtTZLRuLMH
sVoqL9wt+1ciqHtz/xhB1mAjo2VOK5rtrfZvxcNiESlXzGgxJ/yKU8zdEB9oyt2l
snwI1TgiGwLc+aDdDdrJULCmXNskkv8potkNX0WTjOwdm1Cnx4YURQYNUFMVXSgr
QYC0XE7/kGT5xwmXCCLB+uTpfKmSWO2UniA6s9ajXZjFKak4gFcJnALNCeck5EJt
Fi7FLOAslTy7uXdUuZr9b+3XYjMz4IsoNqfmmur8/4N94LdjRXmP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:35 2024 by rpki-client on console-ams.rpki-client.org