Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/yOqHfaM7NMzREiepxyy0TmCH2zU.roa
File: yOqHfaM7NMzREiepxyy0TmCH2zU.roa (raw, json)
Hash identifier: mn4ted/mHFYo+jBkWC6Qad630TYt20ByO8EFo8B1KtM=
Subject key identifier: C8:EA:87:7D:A3:3B:34:CC:D1:12:27:A9:C7:2C:B4:4E:60:87:DB:35
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018E3243C604D3DD9B5C2196671F13626639
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/yOqHfaM7NMzREiepxyy0TmCH2zU.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 31.41.253.0/24 maxlen: 24
194.50.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c6:04:d3:dd:9b:5c:21:96:67:1f:13:62:66:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8ea877da33b34ccd11227a9c72cb44e6087db35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:01:a9:73:d2:7d:81:d0:4a:87:f2:68:16:01:
e3:9d:d5:12:95:08:8d:89:62:94:f8:4d:64:70:a2:
01:25:a8:ac:a4:b2:08:b4:2e:ed:ab:2d:0e:05:fb:
27:67:98:2f:62:94:21:40:a0:b9:32:36:3c:2b:37:
56:7a:30:1d:5a:4b:dd:2c:fb:b5:90:d2:e3:33:5d:
e2:af:9f:e3:3b:1b:ac:27:50:0b:74:50:80:6a:a8:
09:70:24:f1:78:2b:34:9a:f9:4d:54:95:ee:2f:e9:
d3:1a:37:01:a1:0a:5c:e7:6c:0d:45:a4:05:4f:f1:
4a:2d:07:b2:59:cc:d4:79:c4:bc:6d:d4:b9:55:1a:
45:fc:2e:ff:a7:a9:b1:1e:99:0d:97:01:3b:36:71:
13:66:ec:a3:0d:46:1b:60:74:97:20:cf:58:a6:7e:
35:93:51:ec:87:ae:5a:2f:8e:d2:a8:8f:9b:1f:b6:
ff:01:12:eb:0b:19:d2:8d:c9:39:d6:93:6d:3d:08:
9b:0b:cd:da:27:66:a9:34:92:a4:49:38:c6:84:84:
e0:91:78:74:7a:99:50:d3:b7:54:69:d6:25:67:d5:
62:ee:62:f0:f8:f0:f7:d8:6b:b0:09:39:45:f5:8e:
1d:7c:e1:d6:2b:22:e4:bb:27:9c:94:43:e9:77:c0:
cd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EA:87:7D:A3:3B:34:CC:D1:12:27:A9:C7:2C:B4:4E:60:87:DB:35
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/yOqHfaM7NMzREiepxyy0TmCH2zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
194.50.73.0/24
Signature Algorithm: sha256WithRSAEncryption
11:2d:6e:d0:e9:02:2a:76:c4:b7:d6:a1:ae:df:87:eb:21:7f:
fa:69:33:0b:bb:81:62:f6:62:b6:36:b6:15:2e:40:6f:10:7b:
76:f8:e8:76:b1:e1:4e:39:b7:74:4c:32:15:28:01:cf:bd:ef:
07:2d:23:55:e1:5a:d5:2d:f3:f0:d0:8b:81:83:62:e1:12:f8:
12:bd:b9:8b:f3:8d:90:e9:e0:9e:6e:97:29:0b:72:8b:80:1a:
7b:00:9f:68:4c:bb:09:fd:1c:3d:7a:09:34:a0:89:f2:be:84:
9d:12:d8:ac:55:06:07:ca:b1:4d:ad:4d:b6:b1:19:0f:43:5e:
30:d2:e4:bc:68:82:89:a3:47:a9:1d:26:ed:4c:b0:84:69:3f:
4e:6c:36:f0:d5:fd:d0:66:0f:12:c3:ae:54:ed:77:28:9c:60:
04:e9:02:b5:6e:dc:4f:be:b8:49:2a:ea:d4:50:2f:f4:9c:b3:
ac:bb:86:be:24:fa:de:14:b6:b7:8c:c7:cd:51:19:7f:1c:f7:
48:86:31:2f:8d:f4:7e:58:50:07:2c:9f:da:66:41:12:21:68:
5d:66:37:3c:bf:6f:48:d3:16:13:e0:82:2b:93:3c:89:4b:e8:
cf:f9:db:f6:9a:e3:d6:e7:39:a2:ba:2c:02:9f:19:d6:df:8c:
49:fc:0c:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4yQ8YE092bXCGWZx8TYmY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVhODc3ZGEzM2IzNGNjZDExMjI3YTljNzJjYjQ0ZTYwODdkYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QGpc9J9gdBKh/JoFgHjndUSlQiN
iWKU+E1kcKIBJaispLIItC7tqy0OBfsnZ5gvYpQhQKC5MjY8KzdWejAdWkvdLPu1
kNLjM13ir5/jOxusJ1ALdFCAaqgJcCTxeCs0mvlNVJXuL+nTGjcBoQpc52wNRaQF
T/FKLQeyWczUecS8bdS5VRpF/C7/p6mxHpkNlwE7NnETZuyjDUYbYHSXIM9Ypn41
k1Hsh65aL47SqI+bH7b/ARLrCxnSjck51pNtPQibC83aJ2apNJKkSTjGhITgkXh0
eplQ07dUadYlZ9Vi7mLw+PD32GuwCTlF9Y4dfOHWKyLkuyeclEPpd8DNWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMjqh32jOzTM0RInqccstE5gh9s1MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEveU9xSGZhTTdOTXpSRWllcHh5eTBUbUNIMnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyn9AwQA
wjJJMA0GCSqGSIb3DQEBCwUAA4IBAQARLW7Q6QIqdsS31qGu34frIX/6aTMLu4Fi
9mK2NrYVLkBvEHt2+Oh2seFOObd0TDIVKAHPve8HLSNV4VrVLfPw0IuBg2LhEvgS
vbmL842Q6eCebpcpC3KLgBp7AJ9oTLsJ/Rw9egk0oInyvoSdEtisVQYHyrFNrU22
sRkPQ14w0uS8aIKJo0epHSbtTLCEaT9ObDbw1f3QZg8Sw65U7XconGAE6QK1btxP
vrhJKurUUC/0nLOsu4a+JPreFLa3jMfNURl/HPdIhjEvjfR+WFAHLJ/aZkESIWhd
Zjc8v29I0xYT4IIrkzyJS+jP+dv2muPW5zmiuiwCnxnW34xJ/AwS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org