Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WY_KiVepaDg9sXvxFxEMy63pmRI.roa
File: WY_KiVepaDg9sXvxFxEMy63pmRI.roa (raw, json)
Hash identifier: mAKklfbyZGwIUJ0a++loSxiMIzMCG8Qd8s6VZb5XAzE=
Subject key identifier: 59:8F:CA:89:57:A9:68:38:3D:B1:7B:F1:17:11:0C:CB:AD:E9:99:12
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 423B5DAD
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WY_KiVepaDg9sXvxFxEMy63pmRI.roa
Signing time: Tue 15 Mar 2022 06:09:45 +0000
ROA not before: Tue 15 Mar 2022 06:09:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48063
IP address blocks: 86.106.188.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1111186861 (0x423b5dad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 15 06:09:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=598fca8957a968383db17bf117110ccbade99912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:50:a7:a0:32:77:56:82:14:32:8d:78:20:
3b:2f:8b:1f:38:dc:8f:53:fc:c4:3e:89:6a:41:97:
3e:47:0b:50:bd:1b:d6:5c:92:59:4a:86:e1:f5:71:
62:c9:fa:91:08:b0:5a:a6:26:0b:4c:39:78:a8:7c:
04:b8:3e:f6:eb:e9:80:f6:91:06:cb:4b:f1:9f:b0:
e2:c6:6d:52:d0:ba:5c:83:3a:32:d6:f5:ae:95:b8:
6e:d1:e0:cd:f1:d1:61:83:0d:d8:f3:86:4e:af:2b:
42:8c:aa:6e:5b:72:4a:a6:e9:b5:aa:ca:76:02:e8:
f1:03:3b:8d:cf:ab:fc:40:4a:8a:02:c1:64:38:8f:
90:a9:8e:29:56:b9:31:05:41:9d:11:e2:c6:7a:84:
f9:3c:da:47:ae:5d:e6:28:c2:36:14:64:bd:73:21:
46:a8:d2:e5:2b:7a:11:a1:96:c3:6e:9c:3e:50:a5:
70:91:95:0b:1b:0d:10:bf:88:0e:f3:a9:bf:8f:6d:
ec:ac:08:e4:59:66:c5:dd:f3:85:cf:f1:c0:2a:02:
8f:94:d9:9c:1d:63:e4:a2:ec:a6:06:11:c2:53:e8:
3b:8c:4d:ad:74:54:b0:66:6b:dd:0d:f0:0d:35:75:
89:8b:80:72:3a:62:74:7b:cf:09:19:88:8a:8b:cd:
4c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8F:CA:89:57:A9:68:38:3D:B1:7B:F1:17:11:0C:CB:AD:E9:99:12
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WY_KiVepaDg9sXvxFxEMy63pmRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.188.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:7a:c5:1f:fb:fe:2b:75:5c:3f:68:13:17:26:9e:05:39:22:
c1:82:b0:a7:48:44:01:4f:b2:1c:d9:86:a0:a2:37:2a:c3:9c:
06:e1:5e:80:3f:53:5e:a2:67:a1:bf:ce:18:98:d8:af:dc:e6:
6a:c5:68:95:1a:54:89:9f:2d:10:f0:4d:37:a5:ed:d3:d4:e2:
41:ed:ea:18:5e:c0:ad:52:62:e2:94:89:2f:d7:19:e8:94:57:
ee:73:42:7c:ca:32:62:15:79:71:b4:f2:98:71:cd:51:8e:41:
3f:71:0a:b3:14:d5:11:e0:18:99:31:44:40:b4:24:76:2a:b9:
7d:42:d7:6c:8d:7a:d1:2c:84:38:77:cb:6e:a8:24:fd:a4:ed:
23:89:23:33:dd:3f:b2:7c:67:e8:0c:85:da:f0:2e:90:6c:fb:
7f:7e:dc:aa:ea:50:f2:aa:70:3d:a3:3a:bb:82:9a:33:e5:a2:
f4:0d:e9:16:00:e8:ac:5d:e6:0f:74:c9:58:0d:92:de:cd:d7:
32:23:6a:c2:fc:6f:60:24:7d:10:46:57:53:5b:75:50:de:7c:
c5:66:f2:01:65:15:e2:e9:f1:cc:1d:dc:b9:bc:1c:35:b7:fd:
51:ef:a9:51:0b:1c:3d:eb:61:6e:b9:3b:b0:c9:12:4b:ac:53:
7e:59:74:23
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQjtdrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDMx
NTA2MDk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTk4ZmNhODk1N2E5
NjgzODNkYjE3YmYxMTcxMTBjY2JhZGU5OTkxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALofUKegMndWghQyjXggOy+LHzjcj1P8xD6JakGXPkcLUL0b
1lySWUqG4fVxYsn6kQiwWqYmC0w5eKh8BLg+9uvpgPaRBstL8Z+w4sZtUtC6XIM6
Mtb1rpW4btHgzfHRYYMN2POGTq8rQoyqbltySqbptarKdgLo8QM7jc+r/EBKigLB
ZDiPkKmOKVa5MQVBnRHixnqE+TzaR65d5ijCNhRkvXMhRqjS5St6EaGWw26cPlCl
cJGVCxsNEL+IDvOpv49t7KwI5Flmxd3zhc/xwCoCj5TZnB1j5KLspgYRwlPoO4xN
rXRUsGZr3Q3wDTV1iYuAcjpidHvPCRmIiovNTDMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRZj8qJV6loOD2xe/EXEQzLremZEjAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9XWV9LaVZlcGFEZzlzWHZ4RnhFTXk2M3BtUkkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVmq8MA0GCSqGSIb3DQEBCwUA
A4IBAQDFesUf+/4rdVw/aBMXJp4FOSLBgrCnSEQBT7Ic2Yagojcqw5wG4V6AP1Ne
omehv84YmNiv3OZqxWiVGlSJny0Q8E03pe3T1OJB7eoYXsCtUmLilIkv1xnolFfu
c0J8yjJiFXlxtPKYcc1RjkE/cQqzFNUR4BiZMURAtCR2Krl9QtdsjXrRLIQ4d8tu
qCT9pO0jiSMz3T+yfGfoDIXa8C6QbPt/ftyq6lDyqnA9ozq7gpoz5aL0DekWAOis
XeYPdMlYDZLezdcyI2rC/G9gJH0QRldTW3VQ3nzFZvIBZRXi6fHMHdy5vBw1t/1R
76lRCxw962FuuTuwyRJLrFN+WXQj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org