Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YB1E8Oyg_AYBb08TJKyyP8N-Ex4.roa
File: YB1E8Oyg_AYBb08TJKyyP8N-Ex4.roa (raw, json)
Hash identifier: BuYDGsy97/A7ToTlNlb320hGIxoy+equNVZHESTFZGw=
Subject key identifier: 60:1D:44:F0:EC:A0:FC:06:01:6F:4F:13:24:AC:B2:3F:C3:7E:13:1E
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018A08064A94E42E886AAF8861E5C927B6DF
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YB1E8Oyg_AYBb08TJKyyP8N-Ex4.roa
Signing time: Fri 18 Aug 2023 09:42:24 +0000
ROA not before: Fri 18 Aug 2023 09:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 82.206.64.0/19 maxlen: 24
82.206.96.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:06:4a:94:e4:2e:88:6a:af:88:61:e5:c9:27:b6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Aug 18 09:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601d44f0eca0fc06016f4f1324acb23fc37e131e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:8a:13:81:0c:d9:8f:2e:68:f8:05:e5:d3:
89:2b:00:2e:e5:c2:b1:5a:14:9c:ea:8a:fc:78:2e:
1f:29:ec:7e:10:63:4b:68:66:85:90:38:02:57:27:
22:0a:e8:b2:86:91:d2:5c:86:1a:4e:24:97:18:07:
61:87:f9:42:2c:5e:ba:28:47:55:de:7d:8d:65:a7:
13:75:c5:52:61:ed:c6:22:4d:65:10:f1:47:95:7e:
54:4b:db:23:88:74:90:7d:d8:52:e9:c0:68:5e:91:
ed:0c:49:0c:91:5a:e7:7f:f1:00:d4:f4:0c:a4:b4:
ba:3b:50:2f:e2:fb:4b:d3:98:9b:59:18:88:68:c5:
e7:96:d5:44:7e:7e:c6:cf:eb:28:bb:c6:51:95:52:
f2:86:c3:fb:50:20:65:6a:62:74:46:5c:5c:99:b3:
be:51:d0:fd:79:40:dc:84:bd:53:94:f3:07:d4:b6:
18:9c:84:57:b7:05:5e:90:16:7a:10:b3:67:74:d4:
77:88:ef:07:d2:c6:dd:40:50:90:0c:e5:42:b4:f8:
f7:30:16:15:59:5b:8f:c4:54:90:ed:00:f9:57:dc:
e9:e3:5e:79:92:e5:a5:dd:bf:16:ac:2b:92:66:44:
ef:85:33:16:17:57:65:37:6a:cb:55:81:dd:56:bf:
df:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1D:44:F0:EC:A0:FC:06:01:6F:4F:13:24:AC:B2:3F:C3:7E:13:1E
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YB1E8Oyg_AYBb08TJKyyP8N-Ex4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.64.0/18
Signature Algorithm: sha256WithRSAEncryption
10:1a:e7:7b:a2:2a:15:29:e6:f8:94:8e:6c:08:48:31:f7:ee:
c2:ff:0f:4e:3c:40:cc:4b:b9:b4:25:51:93:9a:42:c7:17:ce:
1d:a7:70:30:cb:c8:d2:da:01:71:f0:72:42:a6:04:50:70:ad:
07:bf:ef:dd:18:a2:57:ed:8c:76:ed:fc:9a:69:5b:ca:54:b7:
55:03:d7:48:64:10:dc:3a:ae:13:be:22:a5:c8:ca:41:9d:ed:
a3:89:d1:65:9c:59:b9:e4:9f:83:77:ba:c1:84:f2:98:66:3a:
d7:47:e7:40:15:b8:e0:e6:d8:8e:a7:d7:60:7d:15:a9:22:cf:
25:2a:7a:5d:43:61:66:83:28:3f:6b:f8:b7:4f:79:a0:dc:20:
be:10:9e:11:7a:9e:87:f9:75:2d:7a:bc:d2:3e:96:97:33:b7:
97:cc:43:44:5a:cb:bc:0f:46:b4:c0:d2:00:d4:97:d7:d9:8f:
a2:d1:3d:e5:7d:d2:78:57:9b:34:e7:c7:9f:8a:bf:17:c5:df:
ef:92:ea:e3:92:a3:4e:a8:87:b4:8a:97:9f:e7:65:27:26:b5:
db:7c:a0:29:f3:15:02:f9:e2:d1:7b:70:53:7c:e8:16:b7:2e:
c3:28:7a:f8:32:06:9b:cd:02:02:30:2f:bc:13:36:5a:f0:8e:
d6:a3:1e:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoIBkqU5C6Iaq+IYeXJJ7bfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwODE4MDk0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFkNDRmMGVjYTBmYzA2MDE2ZjRmMTMyNGFjYjIzZmMzN2UxMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv6KE4EM2Y8uaPgF5dOJKwAu5cKx
WhSc6or8eC4fKex+EGNLaGaFkDgCVyciCuiyhpHSXIYaTiSXGAdhh/lCLF66KEdV
3n2NZacTdcVSYe3GIk1lEPFHlX5US9sjiHSQfdhS6cBoXpHtDEkMkVrnf/EA1PQM
pLS6O1Av4vtL05ibWRiIaMXnltVEfn7Gz+sou8ZRlVLyhsP7UCBlamJ0RlxcmbO+
UdD9eUDchL1TlPMH1LYYnIRXtwVekBZ6ELNndNR3iO8H0sbdQFCQDOVCtPj3MBYV
WVuPxFSQ7QD5V9zp4155kuWl3b8WrCuSZkTvhTMWF1dlN2rLVYHdVr/fDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAdRPDsoPwGAW9PEySssj/DfhMeMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvWUIxRThPeWdfQVlCYjA4VEpLeXlQOE4tRXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGUs5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAQGud7oioVKeb4lI5sCEgx9+7C/w9OPEDMS7m0JVGT
mkLHF84dp3Awy8jS2gFx8HJCpgRQcK0Hv+/dGKJX7Yx27fyaaVvKVLdVA9dIZBDc
Oq4TviKlyMpBne2jidFlnFm55J+Dd7rBhPKYZjrXR+dAFbjg5tiOp9dgfRWpIs8l
KnpdQ2Fmgyg/a/i3T3mg3CC+EJ4Rep6H+XUterzSPpaXM7eXzENEWsu8D0a0wNIA
1JfX2Y+i0T3lfdJ4V5s058efir8Xxd/vkurjkqNOqIe0ipef52UnJrXbfKAp8xUC
+eLRe3BTfOgWty7DKHr4MgabzQICMC+8EzZa8I7Wox6W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org