Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/YYKUMTueVkrveQIl9lLQBCplKjo.roa
File: YYKUMTueVkrveQIl9lLQBCplKjo.roa (raw, json)
Hash identifier: IPDqc56wXJJtdAAfazT1ddnynGRKoYga4vXPkikO+r0=
Subject key identifier: 61:82:94:31:3B:9E:56:4A:EF:79:02:25:F6:52:D0:04:2A:65:2A:3A
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0D0DA20C
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/YYKUMTueVkrveQIl9lLQBCplKjo.roa
Signing time: Wed 15 Jun 2022 14:32:45 +0000
ROA not before: Wed 15 Jun 2022 14:32:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.104.150.0/24 maxlen: 24
109.104.151.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218997260 (0xd0da20c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jun 15 14:32:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=618294313b9e564aef790225f652d0042a652a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8b:90:77:f2:ff:5a:4e:94:25:b0:8f:a3:dd:
b1:3a:3c:26:14:d4:ee:44:ed:c6:0c:8b:cb:50:ea:
40:e4:d6:03:da:71:4a:fc:bf:a0:4c:7a:81:fb:f1:
34:7b:0e:c8:b9:a5:9a:7f:15:62:d2:07:e0:70:fb:
8b:86:d2:e1:06:33:34:c7:d3:9c:40:62:65:09:b9:
bb:fb:7a:a4:7b:b3:46:3e:a5:82:1b:0a:09:6e:80:
bd:bf:3a:a1:d2:ca:64:c5:15:ca:89:35:63:c5:5d:
44:be:70:5c:91:3a:d5:be:d9:68:5e:ff:12:47:2b:
8c:f6:46:70:ae:7a:f1:37:6f:db:a9:69:79:79:12:
cb:a7:ba:9c:99:5d:36:e0:a9:6b:a1:d0:4f:9e:f4:
9b:b0:d2:a8:ed:58:77:c7:25:81:2c:10:12:8a:98:
0d:50:a8:14:33:02:80:9c:5a:47:f4:7c:e3:c6:26:
14:f3:f7:10:43:19:21:77:90:a4:2f:ad:b2:8c:89:
f7:dc:59:d7:33:76:8a:e5:30:b4:f3:42:66:fc:ad:
df:fc:5d:63:6d:c4:b6:5c:70:e7:6e:b9:2c:f5:17:
b8:18:04:d9:c1:27:bf:83:f4:13:c8:ea:77:01:0e:
4d:84:24:c7:20:59:ff:38:68:e5:19:7f:17:b7:f4:
6e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:82:94:31:3B:9E:56:4A:EF:79:02:25:F6:52:D0:04:2A:65:2A:3A
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/YYKUMTueVkrveQIl9lLQBCplKjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.150.0-109.104.152.255
Signature Algorithm: sha256WithRSAEncryption
76:0c:62:d9:8b:13:b0:d5:88:9d:6e:ae:06:13:4a:9a:70:f4:
73:7a:fe:99:02:9d:be:75:94:90:e8:81:70:22:22:a6:fe:4b:
7e:19:7d:96:c4:08:f0:7f:66:ec:ba:70:f3:36:e5:e3:1c:d2:
03:4d:23:a2:b8:08:f3:82:34:44:11:95:21:12:ac:d4:02:03:
a6:76:3e:84:ef:b0:d9:70:eb:eb:3c:55:d0:36:2a:19:81:77:
53:93:35:3c:e4:47:ee:28:e8:cc:bb:8b:d5:52:d9:6a:f8:aa:
7b:e7:2d:33:1b:7b:39:69:a5:fd:b8:2b:cc:95:3e:cf:d0:a4:
d5:39:8d:92:d7:b4:8b:46:92:f1:d3:c2:96:e0:0b:48:d0:1c:
f7:85:88:9f:cf:ed:ca:c3:6f:cb:d3:bb:47:27:8b:c4:43:a0:
c1:d7:51:a2:28:be:13:83:63:d9:32:6b:22:d5:25:f6:2f:1c:
2f:d5:cd:20:6a:d4:80:bd:23:4e:36:06:26:dd:1b:8f:4e:3e:
e7:ff:05:57:01:22:9f:c0:73:e5:56:49:04:a0:ce:fa:59:9f:
d7:2d:e5:f8:8a:28:b5:51:e6:f6:e7:a4:4c:ba:19:37:cf:df:
99:fc:71:b9:10:34:90:70:f7:eb:43:ac:5f:ed:17:83:68:d5:
a3:aa:21:ed
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEDQ2iDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDYx
NTE0MzI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE4Mjk0MzEzYjll
NTY0YWVmNzkwMjI1ZjY1MmQwMDQyYTY1MmEzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+LkHfy/1pOlCWwj6PdsTo8JhTU7kTtxgyLy1DqQOTWA9px
Svy/oEx6gfvxNHsOyLmlmn8VYtIH4HD7i4bS4QYzNMfTnEBiZQm5u/t6pHuzRj6l
ghsKCW6Avb86odLKZMUVyok1Y8VdRL5wXJE61b7ZaF7/EkcrjPZGcK568Tdv26lp
eXkSy6e6nJldNuCpa6HQT570m7DSqO1Yd8clgSwQEoqYDVCoFDMCgJxaR/R848Ym
FPP3EEMZIXeQpC+tsoyJ99xZ1zN2iuUwtPNCZvyt3/xdY23Etlxw5265LPUXuBgE
2cEnv4P0E8jqdwEOTYQkxyBZ/zho5Rl/F7f0bskCAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBRhgpQxO55WSu95AiX2UtAEKmUqOjAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9ZWUtVTVR1ZVZrcnZlUUlsOWxMUUJDcGxLam8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtaJYDBABtaJgwDQYJKoZI
hvcNAQELBQADggEBAHYMYtmLE7DViJ1urgYTSppw9HN6/pkCnb51lJDogXAiIqb+
S34ZfZbECPB/Zuy6cPM25eMc0gNNI6K4CPOCNEQRlSESrNQCA6Z2PoTvsNlw6+s8
VdA2KhmBd1OTNTzkR+4o6My7i9VS2Wr4qnvnLTMbezlppf24K8yVPs/QpNU5jZLX
tItGkvHTwpbgC0jQHPeFiJ/P7crDb8vTu0cni8RDoMHXUaIovhODY9kyayLVJfYv
HC/VzSBq1IC9I042BibdG49OPuf/BVcBIp/Ac+VWSQSgzvpZn9ct5fiKKLVR5vbn
pEy6GTfP35n8cbkQNJBw9+tDrF/tF4No1aOqIe0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:31 2025 by rpki-client