Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/RsXSa8MGpwHkPJa7KijQYpz6Q2I.roa
File: RsXSa8MGpwHkPJa7KijQYpz6Q2I.roa (raw, json)
Hash identifier: NVpCEFwk/aJGRtUCuAIBaufAkyKuGZXBljLljLnpGBU=
Subject key identifier: 46:C5:D2:6B:C3:06:A7:01:E4:3C:96:BB:2A:28:D0:62:9C:FA:43:62
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018E3243C5067109B7A9C7053C23BDD94A8B
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/RsXSa8MGpwHkPJa7KijQYpz6Q2I.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c5:06:71:09:b7:a9:c7:05:3c:23:bd:d9:4a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c5d26bc306a701e43c96bb2a28d0629cfa4362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:29:dd:42:a6:3e:ed:e8:1b:fa:e7:c5:38:18:
37:da:39:53:85:ca:cc:a4:d7:2d:ba:e9:89:a7:0d:
51:cc:76:84:23:05:4a:ff:52:1c:09:45:da:da:c8:
bc:3d:63:41:81:ec:26:b7:2f:32:14:ce:6f:33:74:
4a:42:c5:20:95:71:e4:cb:ef:a3:6b:bb:6d:7f:3a:
06:97:9b:95:d4:b5:d4:77:19:53:58:4c:3b:52:c4:
b0:60:5c:bb:5a:aa:6b:c6:3c:46:d8:a5:64:ac:70:
01:44:ed:9f:a3:f6:c3:c7:73:d5:1f:b2:98:b0:db:
b8:bd:1b:ba:34:a9:71:29:74:be:2b:02:19:02:29:
f1:19:e9:00:d2:56:90:71:67:3c:33:d7:0f:a2:c2:
54:f0:fa:95:ef:4a:8c:46:41:88:dd:ff:34:31:bd:
74:ce:ea:d8:07:5b:22:24:ea:83:ef:09:e3:3a:4a:
0f:35:e4:5f:b6:58:6c:96:91:12:63:70:04:b0:f0:
1d:a8:9c:59:3c:bc:a3:0d:3c:f2:48:e2:94:6a:a8:
4c:dd:fc:c4:aa:c8:09:5e:c9:19:7f:f9:d6:8b:8d:
27:62:f5:78:82:7c:a4:31:29:9b:7d:59:93:c5:81:
58:69:65:41:15:5b:3d:af:95:42:ea:17:8b:3a:71:
8a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C5:D2:6B:C3:06:A7:01:E4:3C:96:BB:2A:28:D0:62:9C:FA:43:62
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/RsXSa8MGpwHkPJa7KijQYpz6Q2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1d:32:43:53:66:ef:4e:b7:96:8c:31:18:99:a7:f2:25:a4:
d8:99:0e:8c:9b:7d:82:cd:2d:8b:14:2a:98:84:02:1b:92:a1:
50:43:1f:eb:dc:89:3c:d3:ac:75:69:16:cf:9e:b0:ff:0b:e3:
71:fd:71:db:4f:a3:46:56:e8:6c:6a:6b:6d:b9:65:ea:18:55:
52:25:6b:71:8b:68:33:cf:b6:4c:92:4f:25:e4:4d:79:a3:9f:
14:37:74:40:74:fe:db:0a:84:6e:b2:56:82:fd:ff:fd:65:82:
d3:ee:1b:f1:ec:4a:66:52:6f:a9:d2:d0:4d:fa:89:fc:06:42:
6e:76:00:13:48:45:b3:11:99:ca:cc:7f:bb:04:a7:76:42:e7:
86:fb:d1:74:a8:40:57:ef:ef:f5:16:bc:4e:c7:c1:b9:46:0f:
68:91:92:f4:32:3e:e5:50:48:d6:40:2a:48:58:e0:96:17:78:
83:d8:9c:82:c2:17:ea:e7:2f:87:1d:1d:c1:4d:c7:0e:82:78:
ab:73:fc:02:11:d3:3a:b6:2b:5b:f6:b0:f0:94:35:f6:43:fd:
09:9b:15:82:7c:41:a1:df:40:a5:85:c4:b5:dc:5b:b5:a2:86:
f7:75:97:fd:c5:05:ae:25:95:ed:fd:4c:12:76:10:b7:8a:ea:
9d:b3:3d:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8UGcQm3qccFPCO92UqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM1ZDI2YmMzMDZhNzAxZTQzYzk2YmIyYTI4ZDA2MjljZmE0MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSndQqY+7egb+ufFOBg32jlThcrM
pNctuumJpw1RzHaEIwVK/1IcCUXa2si8PWNBgewmty8yFM5vM3RKQsUglXHky++j
a7ttfzoGl5uV1LXUdxlTWEw7UsSwYFy7WqprxjxG2KVkrHABRO2fo/bDx3PVH7KY
sNu4vRu6NKlxKXS+KwIZAinxGekA0laQcWc8M9cPosJU8PqV70qMRkGI3f80Mb10
zurYB1siJOqD7wnjOkoPNeRftlhslpESY3AEsPAdqJxZPLyjDTzySOKUaqhM3fzE
qsgJXskZf/nWi40nYvV4gnykMSmbfVmTxYFYaWVBFVs9r5VC6heLOnGKnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbF0mvDBqcB5DyWuyoo0GKc+kNiMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvUnNYU2E4TUdwd0hrUEphN0tpalFZcHo2UTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn7MA0G
CSqGSIb3DQEBCwUAA4IBAQAkHTJDU2bvTreWjDEYmafyJaTYmQ6Mm32CzS2LFCqY
hAIbkqFQQx/r3Ik806x1aRbPnrD/C+Nx/XHbT6NGVuhsamttuWXqGFVSJWtxi2gz
z7ZMkk8l5E15o58UN3RAdP7bCoRuslaC/f/9ZYLT7hvx7EpmUm+p0tBN+on8BkJu
dgATSEWzEZnKzH+7BKd2QueG+9F0qEBX7+/1FrxOx8G5Rg9okZL0Mj7lUEjWQCpI
WOCWF3iD2JyCwhfq5y+HHR3BTccOgnirc/wCEdM6titb9rDwlDX2Q/0JmxWCfEGh
30ClhcS13Fu1oob3dZf9xQWuJZXt/UwSdhC3iuqdsz0W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:17 2024 by rpki-client on console-ams.rpki-client.org