Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m5YAGFTeoJJOMmBCHH8n4rsCmto.roa
File: m5YAGFTeoJJOMmBCHH8n4rsCmto.roa (raw, json)
Hash identifier: u7Onav73BJZjf2Q2OA5sG9+E+aR9ZWbhopob002eHM4=
Subject key identifier: 9B:96:00:18:54:DE:A0:92:4E:32:60:42:1C:7F:27:E2:BB:02:9A:DA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018408F01F7E9FB7F7E2987B5F9E825E3BF6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m5YAGFTeoJJOMmBCHH8n4rsCmto.roa
Signing time: Mon 24 Oct 2022 07:41:05 +0000
ROA not before: Mon 24 Oct 2022 07:41:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 31.13.252.0/24 maxlen: 24
31.13.253.0/24 maxlen: 24
31.13.254.0/24 maxlen: 24
31.13.255.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:f0:1f:7e:9f:b7:f7:e2:98:7b:5f:9e:82:5e:3b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 24 07:41:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b96001854dea0924e3260421c7f27e2bb029ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f1:00:57:e1:fa:6b:09:e6:9c:5d:d7:e7:ac:
0d:42:a1:1b:d4:84:e6:14:8a:5b:88:c2:d9:70:84:
c6:6d:2d:b9:98:0b:86:73:c2:5b:b9:b2:b7:78:53:
42:2e:75:29:34:7c:92:9c:00:65:31:cc:f6:75:03:
86:c3:63:dd:13:b5:68:83:54:8d:bc:33:6a:ed:0f:
60:96:7e:73:0c:7c:54:87:59:f1:3d:1e:f8:df:8f:
5f:13:1b:d6:96:6e:67:e9:55:1f:f6:c8:98:43:a3:
4c:2d:90:43:ae:af:f1:c4:9c:1d:8a:af:d4:cc:bb:
ca:bd:9a:c8:05:3d:3d:33:79:1d:c2:77:bb:fc:70:
6d:cb:4a:c8:12:3c:5b:b3:ab:5a:c2:d9:21:53:52:
82:a7:71:63:46:5e:f2:e8:f7:98:be:34:8b:7e:9a:
b6:bb:57:8e:e5:03:2f:c1:a0:43:8b:d3:c7:c7:6e:
65:96:77:33:49:43:17:e6:e9:96:80:83:f9:51:02:
7f:26:aa:fc:2f:82:78:7d:87:68:69:29:a1:e0:e7:
3e:7f:95:cd:44:e0:0c:92:a7:a2:65:bc:53:9d:a9:
7b:a3:ae:75:23:ab:63:bf:4a:30:31:31:82:14:5e:
d1:3c:84:72:df:f3:38:03:25:cc:55:67:f7:8b:15:
02:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:96:00:18:54:DE:A0:92:4E:32:60:42:1C:7F:27:E2:BB:02:9A:DA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m5YAGFTeoJJOMmBCHH8n4rsCmto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.121.104.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:7c:71:6c:97:63:2d:1f:7a:3e:d7:cd:e9:10:b4:a7:70:24:
f1:29:ea:d4:6d:33:ec:14:98:00:2a:a6:15:f5:7c:79:ac:da:
ec:a4:0d:48:65:96:c4:f6:44:fd:83:79:54:09:bf:7f:ff:18:
41:00:26:af:99:b4:dd:06:57:00:f4:97:09:50:09:12:50:1e:
0b:e4:d5:94:b4:a6:db:e4:9b:b2:df:d1:a6:70:f8:35:a4:00:
13:7c:82:e2:6a:be:4f:35:b6:c2:e0:e4:e4:85:fe:73:f7:69:
c6:80:43:9a:86:40:61:39:fb:d6:86:bb:29:38:72:bd:de:f8:
87:01:cf:00:fa:af:aa:ad:71:f4:29:6e:c6:75:05:0e:eb:58:
80:79:55:0a:42:42:5d:aa:83:9b:fe:5f:76:fd:f2:71:14:cd:
ac:41:36:e7:fc:74:2e:f9:a6:19:96:88:52:d9:11:fc:36:c6:
e1:45:af:05:b3:8e:26:31:9a:c0:89:a4:1b:32:8f:62:b1:ec:
e4:97:8d:f4:39:1b:22:4f:8a:0e:75:5a:15:d4:5c:a3:44:3d:
05:95:b9:a0:24:58:67:30:82:01:93:08:e3:79:c0:1c:5c:69:
97:92:25:27:1d:e6:c7:99:73:d1:1c:b1:f9:02:51:4a:4c:76:
63:bb:ea:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQI8B9+n7f34ph7X56CXjv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDI0MDc0MTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk2MDAxODU0ZGVhMDkyNGUzMjYwNDIxYzdmMjdlMmJiMDI5YWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPEAV+H6awnmnF3X56wNQqEb1ITm
FIpbiMLZcITGbS25mAuGc8JbubK3eFNCLnUpNHySnABlMcz2dQOGw2PdE7Vog1SN
vDNq7Q9gln5zDHxUh1nxPR74349fExvWlm5n6VUf9siYQ6NMLZBDrq/xxJwdiq/U
zLvKvZrIBT09M3kdwne7/HBty0rIEjxbs6tawtkhU1KCp3FjRl7y6PeYvjSLfpq2
u1eO5QMvwaBDi9PHx25llnczSUMX5umWgIP5UQJ/Jqr8L4J4fYdoaSmh4Oc+f5XN
ROAMkqeiZbxTnal7o651I6tjv0owMTGCFF7RPIRy3/M4AyXMVWf3ixUCZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJuWABhU3qCSTjJgQhx/J+K7ApraMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbTVZQUdGVGVvSkpPTW1CQ0hIOG40cnNDbXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHw38AwQB
V3loMA0GCSqGSIb3DQEBCwUAA4IBAQCOfHFsl2MtH3o+183pELSncCTxKerUbTPs
FJgAKqYV9Xx5rNrspA1IZZbE9kT9g3lUCb9//xhBACavmbTdBlcA9JcJUAkSUB4L
5NWUtKbb5Juy39GmcPg1pAATfILiar5PNbbC4OTkhf5z92nGgEOahkBhOfvWhrsp
OHK93viHAc8A+q+qrXH0KW7GdQUO61iAeVUKQkJdqoOb/l92/fJxFM2sQTbn/HQu
+aYZlohS2RH8NsbhRa8Fs44mMZrAiaQbMo9isezkl430ORsiT4oOdVoV1FyjRD0F
lbmgJFhnMIIBkwjjecAcXGmXkiUnHebHmXPRHLH5AlFKTHZju+qE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org