Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/7icWTf-MnafeWa0wzuxp5KVBsoo.roa
File: 7icWTf-MnafeWa0wzuxp5KVBsoo.roa (raw, json)
Hash identifier: pdMcfuXfj+jOeaCFYsR6oK/8UWLRrPF4X5keixZ1J3o=
Subject key identifier: EE:27:16:4D:FF:8C:9D:A7:DE:59:AD:30:CE:EC:69:E4:A5:41:B2:8A
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018E3243C3DE081A5A4DFA820CD018286436
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/7icWTf-MnafeWa0wzuxp5KVBsoo.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:de:08:1a:5a:4d:fa:82:0c:d0:18:28:64:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee27164dff8c9da7de59ad30ceec69e4a541b28a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2d:4a:29:68:0a:03:d3:6b:77:c2:01:cd:c8:
05:d1:f8:f3:df:b9:07:4f:f6:12:96:64:53:45:49:
9b:e6:d3:40:ab:63:3e:e3:11:8d:4e:2a:04:a8:e8:
07:23:9e:14:fa:66:16:ac:7d:be:5c:cd:48:da:3d:
9a:a8:43:a8:b7:66:9c:a3:5b:21:56:c0:43:3b:86:
64:34:43:0a:86:31:a3:63:93:4c:0d:05:11:20:d9:
97:a4:11:9e:d5:43:e9:92:05:08:50:48:37:5e:3a:
58:b2:cb:88:08:c1:ad:c4:5c:b7:03:1a:fd:78:c7:
4f:e8:3e:be:45:69:34:29:7a:d3:3b:bb:ef:ac:45:
a7:9f:03:12:28:4a:50:69:29:9e:e4:7a:a9:ca:7d:
52:7f:6e:ae:46:f2:8a:ec:39:cd:f1:31:27:44:ef:
1c:f7:e6:03:e4:d0:12:de:44:30:3f:00:56:83:62:
75:f5:c1:79:26:98:f9:b4:3d:54:10:28:8f:d5:08:
b2:00:88:b0:03:07:44:ae:a1:a5:77:b1:86:e0:6f:
5c:fa:7a:10:13:47:8a:37:8c:bb:41:96:0a:31:fc:
7d:59:bd:20:fb:7d:2d:d7:c0:c5:85:e4:ac:4c:12:
40:cb:16:35:78:5b:e3:11:f0:a5:9c:b5:b2:e9:d6:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:27:16:4D:FF:8C:9D:A7:DE:59:AD:30:CE:EC:69:E4:A5:41:B2:8A
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/7icWTf-MnafeWa0wzuxp5KVBsoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.254.0/24
Signature Algorithm: sha256WithRSAEncryption
15:64:92:78:17:bf:fb:e6:e1:3f:38:cb:b1:c9:77:08:eb:97:
1f:bd:b5:09:4a:d6:5c:af:15:28:9f:16:2b:3c:8c:32:76:e4:
c2:ed:1c:9f:42:05:d8:ad:42:49:25:ce:fd:48:c5:e5:7f:a3:
c7:a9:da:1f:b8:35:e0:d6:a4:71:69:bd:73:42:49:51:d6:40:
ad:fb:eb:23:33:bb:e0:82:47:b3:8a:74:29:1f:d8:e4:0c:f7:
f0:9c:e6:4d:40:8e:c2:9c:47:99:0b:94:5a:09:78:d7:b4:97:
aa:69:13:f6:57:35:6e:9f:b8:8f:c2:fe:78:8a:fe:1b:31:c8:
5b:fb:c4:94:22:17:29:97:84:df:c1:0f:4a:f6:c6:ce:58:2a:
f5:4b:da:e0:a6:23:89:80:05:ec:12:f7:9e:76:e6:5f:94:e4:
07:8f:39:b8:97:15:c6:f5:6f:ac:72:e1:76:41:bc:61:14:43:
7d:c0:b0:f1:8c:33:c8:b8:97:5e:21:c5:79:b6:49:45:4d:d4:
29:cf:72:2a:0a:50:bb:76:64:c5:84:75:a4:d6:dd:41:c7:f3:
53:8c:b7:3c:1a:c5:0b:6e:2e:54:44:a5:0e:64:23:f7:06:46:
db:cb:e3:2f:59:76:4f:20:c4:c7:99:ea:75:4a:a6:ad:67:10:
ef:06:f9:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8PeCBpaTfqCDNAYKGQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTI3MTY0ZGZmOGM5ZGE3ZGU1OWFkMzBjZWVjNjllNGE1NDFiMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli1KKWgKA9Nrd8IBzcgF0fjz37kH
T/YSlmRTRUmb5tNAq2M+4xGNTioEqOgHI54U+mYWrH2+XM1I2j2aqEOot2aco1sh
VsBDO4ZkNEMKhjGjY5NMDQURINmXpBGe1UPpkgUIUEg3XjpYssuICMGtxFy3Axr9
eMdP6D6+RWk0KXrTO7vvrEWnnwMSKEpQaSme5Hqpyn1Sf26uRvKK7DnN8TEnRO8c
9+YD5NAS3kQwPwBWg2J19cF5Jpj5tD1UECiP1QiyAIiwAwdErqGld7GG4G9c+noQ
E0eKN4y7QZYKMfx9Wb0g+30t18DFheSsTBJAyxY1eFvjEfClnLWy6dZd5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4nFk3/jJ2n3lmtMM7saeSlQbKKMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvN2ljV1RmLU1uYWZlV2Ewd3p1eHA1S1ZCc29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn+MA0G
CSqGSIb3DQEBCwUAA4IBAQAVZJJ4F7/75uE/OMuxyXcI65cfvbUJStZcrxUonxYr
PIwyduTC7RyfQgXYrUJJJc79SMXlf6PHqdofuDXg1qRxab1zQklR1kCt++sjM7vg
gkezinQpH9jkDPfwnOZNQI7CnEeZC5RaCXjXtJeqaRP2VzVun7iPwv54iv4bMchb
+8SUIhcpl4TfwQ9K9sbOWCr1S9rgpiOJgAXsEveeduZflOQHjzm4lxXG9W+scuF2
QbxhFEN9wLDxjDPIuJdeIcV5tklFTdQpz3IqClC7dmTFhHWk1t1Bx/NTjLc8GsUL
bi5URKUOZCP3Bkbby+MvWXZPIMTHmep1SqatZxDvBvkL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org