Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pcx1NbSZBwGQLvTUYOH7pHCM_y8.roa
File: pcx1NbSZBwGQLvTUYOH7pHCM_y8.roa (raw, json)
Hash identifier: 7htm4sZYNFwMnqbYSpyklG0oyYayjHM0itcsKdSOKPA=
Subject key identifier: A5:CC:75:35:B4:99:07:01:90:2E:F4:D4:60:E1:FB:A4:70:8C:FF:2F
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 433C046D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pcx1NbSZBwGQLvTUYOH7pHCM_y8.roa
Signing time: Sat 28 May 2022 10:16:14 +0000
ROA not before: Sat 28 May 2022 10:16:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42731
IP address blocks: 31.14.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128006765 (0x433c046d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 28 10:16:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5cc7535b4990701902ef4d460e1fba4708cff2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a7:36:42:80:82:e4:9d:72:2e:b4:71:ee:51:
75:75:2b:b7:19:a5:dd:8d:0d:72:22:44:58:2e:9c:
7f:db:9e:c9:80:35:ed:06:7d:82:e6:8f:18:8c:11:
87:7c:25:ea:85:c3:79:4d:c6:cf:1d:fe:b7:7f:38:
7d:d2:18:bd:10:6f:a0:c9:63:ee:7f:ba:b2:dc:c6:
56:00:93:a0:1e:6a:40:e0:44:40:63:5a:0a:51:a8:
3b:cc:54:0b:71:5a:23:3b:80:7a:59:60:7b:29:60:
86:ce:85:a9:b8:09:df:db:29:7f:13:46:63:99:ac:
7b:22:aa:74:85:f2:53:3a:2e:2a:1c:4e:74:12:b0:
66:04:17:72:d9:24:1d:d0:29:e8:fe:c3:22:61:9a:
91:b6:45:61:46:f6:d9:45:d2:2a:b3:4c:26:f2:4d:
d1:ad:b4:f9:15:4c:c9:d5:0a:5e:bf:3d:4b:9d:57:
71:2a:15:5e:64:0f:68:e5:78:b3:ad:ee:44:d5:d3:
11:96:cd:fc:c4:f5:9b:02:87:a8:e8:2c:ea:4e:51:
97:96:65:62:25:ba:48:a6:34:5d:80:4e:79:0f:f2:
bc:14:86:c6:d8:67:c3:97:55:15:36:73:9a:e4:46:
80:c0:8d:cb:15:9e:76:15:89:ae:2a:cd:69:1d:50:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CC:75:35:B4:99:07:01:90:2E:F4:D4:60:E1:FB:A4:70:8C:FF:2F
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/pcx1NbSZBwGQLvTUYOH7pHCM_y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.10.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:7c:a6:13:06:da:76:5e:67:e8:95:a5:b9:43:52:b8:9f:af:
42:de:6c:7d:48:31:e9:3a:fe:d9:50:5f:52:85:0d:e2:11:92:
c6:21:17:f8:3d:2f:5f:3d:dd:6d:32:c3:f4:18:84:4d:b7:49:
a4:ba:8b:bd:7c:43:23:20:6b:2d:e3:e6:b8:d3:b1:3c:91:a3:
87:7d:16:9e:67:ef:76:11:d0:9b:f3:32:96:07:93:ff:cd:ec:
98:96:c0:fe:a4:99:2c:43:01:11:8b:23:ec:d7:76:60:24:2c:
b5:45:be:6c:9f:83:e0:5a:1b:f0:a3:df:76:5d:f7:8b:35:a9:
ac:77:a9:6f:4c:78:dc:c3:f0:8a:bf:f4:82:7c:f3:81:94:fd:
63:fb:c6:c3:fb:69:a6:55:1e:ae:e2:04:dc:fb:64:8c:6a:d6:
38:8c:46:10:ca:dc:e9:1b:c9:bb:b3:6a:06:d5:39:fd:ee:d6:
60:8b:49:7b:c3:6e:05:6d:1d:40:1a:1b:ac:c7:80:1b:f8:2f:
4c:08:14:70:05:d1:dd:04:13:99:96:a4:8d:59:41:fb:cf:f3:
fc:6c:c9:03:5e:ad:91:c5:ea:ea:19:1d:3b:4d:32:71:31:30:
3a:cf:a9:ef:b8:a2:ae:a1:c2:40:e0:31:72:b0:25:07:e0:55:
40:a1:56:ba
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQzwEbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUy
ODEwMTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVjYzc1MzViNDk5
MDcwMTkwMmVmNGQ0NjBlMWZiYTQ3MDhjZmYyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWnNkKAguSdci60ce5RdXUrtxml3Y0NciJEWC6cf9ueyYA1
7QZ9guaPGIwRh3wl6oXDeU3Gzx3+t384fdIYvRBvoMlj7n+6stzGVgCToB5qQOBE
QGNaClGoO8xUC3FaIzuAellgeylghs6FqbgJ39spfxNGY5mseyKqdIXyUzouKhxO
dBKwZgQXctkkHdAp6P7DImGakbZFYUb22UXSKrNMJvJN0a20+RVMydUKXr89S51X
cSoVXmQPaOV4s63uRNXTEZbN/MT1mwKHqOgs6k5Rl5ZlYiW6SKY0XYBOeQ/yvBSG
xthnw5dVFTZzmuRGgMCNyxWedhWJrirNaR1QfmsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSlzHU1tJkHAZAu9NRg4fukcIz/LzAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9wY3gxTmJTWkJ3R1FMdlRVWU9IN3BIQ01feTgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw4KMA0GCSqGSIb3DQEBCwUA
A4IBAQA8fKYTBtp2XmfolaW5Q1K4n69C3mx9SDHpOv7ZUF9ShQ3iEZLGIRf4PS9f
Pd1tMsP0GIRNt0mkuou9fEMjIGst4+a407E8kaOHfRaeZ+92EdCb8zKWB5P/zeyY
lsD+pJksQwERiyPs13ZgJCy1Rb5sn4PgWhvwo992XfeLNamsd6lvTHjcw/CKv/SC
fPOBlP1j+8bD+2mmVR6u4gTc+2SMatY4jEYQytzpG8m7s2oG1Tn97tZgi0l7w24F
bR1AGhusx4Ab+C9MCBRwBdHdBBOZlqSNWUH7z/P8bMkDXq2RxerqGR07TTJxMTA6
z6nvuKKuocJA4DFysCUH4FVAoVa6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org