Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gRHoEAjLOt8bB1AUYqdedb6V-Dg.roa
File: gRHoEAjLOt8bB1AUYqdedb6V-Dg.roa (raw, json)
Hash identifier: jdAjOc97asckbAal0+Wn0Z3K3N8SVKkrIjrK335Lpvs=
Subject key identifier: 81:11:E8:10:08:CB:3A:DF:1B:07:50:14:62:A7:5E:75:BE:95:F8:38
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018E3243C63AE14938A20207348B60BC8BBD
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gRHoEAjLOt8bB1AUYqdedb6V-Dg.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.253.0/24 maxlen: 24
62.3.1.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
80.91.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c6:3a:e1:49:38:a2:02:07:34:8b:60:bc:8b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8111e81008cb3adf1b07501462a75e75be95f838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:17:ea:ce:6e:cc:3c:fd:1b:2a:4d:f5:c4:f2:
39:9e:52:53:3f:ad:c6:81:28:85:02:a3:d6:29:63:
ac:b6:4a:fe:06:e9:e2:2e:a1:79:c5:ae:23:b8:97:
7d:fd:3d:86:7b:83:f7:47:1c:ce:04:f4:3b:56:39:
f5:e2:eb:52:85:f9:cc:b7:c6:af:da:8d:de:b1:a3:
73:a9:06:8d:74:51:24:9f:52:fd:1a:c0:20:16:8b:
47:d4:35:fe:1a:47:11:ec:3f:e7:02:4b:3b:64:3f:
47:e2:ed:d9:62:69:53:9f:fe:46:bb:e7:c4:ba:9b:
ce:fe:95:2b:b0:fc:3f:eb:f7:bf:fa:b6:88:93:a2:
01:b4:a9:46:1f:88:4a:96:65:80:ad:d1:d6:66:05:
84:72:70:98:3f:a3:b0:6a:b7:31:7d:f2:4d:f9:bb:
46:a4:c3:3b:37:eb:7b:f6:ff:a2:e2:0a:9a:f6:c5:
6c:22:c3:5a:e9:88:03:62:a8:82:3a:ea:cd:2b:8d:
bd:94:a4:54:79:51:0f:2b:50:8c:89:37:f4:df:b4:
de:2b:62:2f:a4:b4:1a:11:27:88:9c:33:9c:47:7e:
03:63:25:01:4d:55:9d:14:c8:fc:ee:c5:80:9d:79:
bc:e1:9e:c8:e5:33:48:32:31:79:4e:7b:a4:ef:33:
67:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:11:E8:10:08:CB:3A:DF:1B:07:50:14:62:A7:5E:75:BE:95:F8:38
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gRHoEAjLOt8bB1AUYqdedb6V-Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
62.3.1.0/24
77.72.84.0/24
80.91.211.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:cc:d7:bd:48:25:1c:77:c4:a2:93:ad:34:b8:4f:ab:ac:07:
77:fd:9f:57:f5:53:32:e6:6e:14:32:1b:e6:f5:56:02:7d:b8:
d5:d1:85:40:46:5a:ca:1c:63:90:30:8c:c1:07:98:85:90:45:
da:1f:b2:a3:f2:08:3e:c1:1c:66:c5:00:dc:6b:bb:2f:00:6f:
ab:03:64:c4:6c:85:30:97:2d:f4:09:35:10:11:de:0a:97:73:
bc:19:3a:4f:61:c2:92:ac:cc:90:01:08:b2:52:73:ad:77:4b:
f5:94:dd:a1:e8:d5:ba:e7:50:86:8a:ae:23:b4:e7:a6:44:35:
a5:cc:c1:ef:be:81:c3:7c:b0:db:2d:c5:c9:9e:0b:51:72:0b:
a4:c2:54:8a:64:9b:83:88:70:9a:ae:15:6a:23:bc:61:30:40:
76:06:78:f2:4c:ec:57:2f:54:4f:2d:71:81:fb:2b:ed:91:1a:
67:fe:84:be:78:e5:82:80:db:8b:4e:f4:aa:33:0c:42:3e:f5:
2e:ca:30:2f:a3:a9:ae:90:91:b7:7e:f6:2f:af:00:55:fe:4d:
62:c7:d4:e4:fe:48:1d:4e:d7:ad:96:90:a3:07:33:39:7f:4e:
dc:97:2c:68:b6:8c:2d:ae:f9:e9:de:0f:6d:81:1c:bd:2b:aa:
ac:c6:25:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4yQ8Y64Uk4ogIHNItgvIu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTExZTgxMDA4Y2IzYWRmMWIwNzUwMTQ2MmE3NWU3NWJlOTVmODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhfqzm7MPP0bKk31xPI5nlJTP63G
gSiFAqPWKWOstkr+BuniLqF5xa4juJd9/T2Ge4P3RxzOBPQ7Vjn14utShfnMt8av
2o3esaNzqQaNdFEkn1L9GsAgFotH1DX+GkcR7D/nAks7ZD9H4u3ZYmlTn/5Gu+fE
upvO/pUrsPw/6/e/+raIk6IBtKlGH4hKlmWArdHWZgWEcnCYP6OwarcxffJN+btG
pMM7N+t79v+i4gqa9sVsIsNa6YgDYqiCOurNK429lKRUeVEPK1CMiTf037TeK2Iv
pLQaESeInDOcR34DYyUBTVWdFMj87sWAnXm84Z7I5TNIMjF5Tnuk7zNnDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIER6BAIyzrfGwdQFGKnXnW+lfg4MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvZ1JIb0VBakxPdDhiQjFBVVlxZGVkYjZWLURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHyn9AwQA
PgMBAwQATUhUAwQAUFvTMA0GCSqGSIb3DQEBCwUAA4IBAQBdzNe9SCUcd8Sik600
uE+rrAd3/Z9X9VMy5m4UMhvm9VYCfbjV0YVARlrKHGOQMIzBB5iFkEXaH7Kj8gg+
wRxmxQDca7svAG+rA2TEbIUwly30CTUQEd4Kl3O8GTpPYcKSrMyQAQiyUnOtd0v1
lN2h6NW651CGiq4jtOemRDWlzMHvvoHDfLDbLcXJngtRcgukwlSKZJuDiHCarhVq
I7xhMEB2BnjyTOxXL1RPLXGB+yvtkRpn/oS+eOWCgNuLTvSqMwxCPvUuyjAvo6mu
kJG3fvYvrwBV/k1ix9Tk/kgdTtetlpCjBzM5f07clyxotowtrvnp3g9tgRy9K6qs
xiWF
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:02 2024 by rpki-client on console-fra.rpki-client.org