Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/YeGIPg1LLCDZEU8itFK6Oi0ct5k.roa
File: YeGIPg1LLCDZEU8itFK6Oi0ct5k.roa (raw, json)
Hash identifier: 9g5Yz5NOt3r33zAiCj+SG1Yw16YqjRS6VLWqlM480Gw=
Subject key identifier: 61:E1:88:3E:0D:4B:2C:20:D9:11:4F:22:B4:52:BA:3A:2D:1C:B7:99
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 1A93C9FF
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/YeGIPg1LLCDZEU8itFK6Oi0ct5k.roa
Signing time: Thu 27 Jan 2022 15:36:14 +0000
ROA not before: Thu 27 Jan 2022 15:36:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49158
IP address blocks: 109.246.53.0/24 maxlen: 24
109.246.0.0/17 maxlen: 17
212.9.96.0/19 maxlen: 20
2a02:2b90::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445893119 (0x1a93c9ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Jan 27 15:36:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61e1883e0d4b2c20d9114f22b452ba3a2d1cb799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d9:ad:f0:3e:64:f8:3d:c8:aa:f0:c7:be:2c:
8e:4e:f7:94:eb:37:9b:c0:2e:c7:e2:48:61:ad:fa:
3e:e0:72:e4:ce:a8:88:dd:f1:97:a4:9f:e4:bc:32:
c1:50:22:ad:16:cd:70:d4:d1:3b:d1:7e:e0:63:e5:
77:2a:a9:2e:7e:c3:bb:ba:a9:e5:37:cd:bd:e4:63:
db:e0:ee:27:83:8c:ec:ba:2f:89:24:73:e2:73:c2:
c1:7e:1f:85:ea:34:ea:94:b0:fd:98:53:38:de:fa:
a9:6a:7a:69:18:2c:8a:5f:06:e3:2b:d7:2e:59:98:
13:66:d2:36:13:2e:a1:0f:5b:ff:74:27:f0:4e:a0:
00:03:3b:da:72:7c:d3:73:16:f8:68:c2:cd:23:03:
4f:8b:0c:b9:e2:a5:b4:cc:0b:95:69:b0:d7:e7:ce:
d9:6b:82:16:d9:a2:5f:6d:b0:93:2c:7c:f2:8a:8e:
6c:40:73:53:e5:75:7c:fb:d2:87:bc:d3:fc:c7:40:
f7:54:9d:26:6c:18:12:df:5d:13:85:e9:76:07:68:
f1:47:78:e1:81:70:1f:f7:34:2e:f3:57:11:ba:4d:
ee:b4:9d:9f:c8:6a:79:74:1b:61:98:fa:92:72:13:
61:7a:f5:52:33:87:69:9c:b7:8b:44:e7:c6:dc:d8:
f4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E1:88:3E:0D:4B:2C:20:D9:11:4F:22:B4:52:BA:3A:2D:1C:B7:99
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/YeGIPg1LLCDZEU8itFK6Oi0ct5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.246.0.0/17
212.9.96.0/19
IPv6:
2a02:2b90::/29
Signature Algorithm: sha256WithRSAEncryption
61:59:94:0d:7b:08:90:a0:0c:f6:92:11:59:ef:2b:fc:53:b3:
44:ad:32:44:41:8e:59:e5:5a:cf:b3:a0:90:60:f5:da:7c:7c:
3e:59:b5:0e:88:9d:61:ef:f0:32:b6:14:d2:7f:60:2a:c3:27:
3e:5c:b1:fa:cb:d5:a8:2c:38:e6:3f:ff:20:54:bf:73:0c:16:
e2:6c:18:db:62:c8:a5:d1:a9:2b:f7:1a:e4:b5:7d:0a:10:32:
44:7f:53:ba:09:5d:36:28:1d:55:a7:2e:2d:ab:5f:bb:20:df:
49:4d:49:26:21:9b:5e:66:c5:a8:a6:59:d2:53:70:a5:01:30:
0a:ab:76:d7:8b:a4:64:c0:c6:ae:7b:86:25:eb:dd:74:a0:29:
25:d8:2a:33:41:7c:d4:a2:32:f0:76:95:3a:bd:ab:18:12:0c:
0e:ee:51:70:4a:0c:eb:7a:0d:8d:ed:4a:8a:16:ea:aa:6a:c4:
ad:fe:f1:ca:53:7c:1e:6f:17:1b:bc:08:f8:75:16:51:ba:fe:
30:fd:d6:0b:7c:f5:8a:f1:8b:2a:0b:23:cc:98:84:4a:34:ce:
a2:ac:8a:88:05:0b:b0:06:3b:4e:9b:a0:34:52:27:9d:ae:e0:
6f:ff:35:33:8f:8a:1b:02:3c:97:7e:0e:d1:c6:12:37:85:6f:
d3:ea:16:52
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGpPJ/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNjMzlkMTg5OWU2OTliZjUxNzc0MThlZTM4MTQ4OWVkZmY0MzgwMB4XDTIyMDEy
NzE1MzYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFlMTg4M2UwZDRi
MmMyMGQ5MTE0ZjIyYjQ1MmJhM2EyZDFjYjc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTZrfA+ZPg9yKrwx74sjk73lOs3m8Aux+JIYa36PuBy5M6o
iN3xl6Sf5LwywVAirRbNcNTRO9F+4GPldyqpLn7Du7qp5TfNveRj2+DuJ4OM7Lov
iSRz4nPCwX4fheo06pSw/ZhTON76qWp6aRgsil8G4yvXLlmYE2bSNhMuoQ9b/3Qn
8E6gAAM72nJ803MW+GjCzSMDT4sMueKltMwLlWmw1+fO2WuCFtmiX22wkyx88oqO
bEBzU+V1fPvSh7zT/MdA91SdJmwYEt9dE4Xpdgdo8Ud44YFwH/c0LvNXEbpN7rSd
n8hqeXQbYZj6knITYXr1UjOHaZy3i0TnxtzY9FUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRh4Yg+DUssINkRTyK0Uro6LRy3mTAfBgNVHSMEGDAWgBR8PDnRiZ5pm/UX
dBjuOBSJ7f9DgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdzUwWW1lYVp2MUYzUVk3amdVaWUzX1E0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8x
L1llR0lQZzFMTENEWkVVOGl0Rks2T2kwY3Q1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8xL2ZEdzUwWW1lYVp2
MUYzUVk3amdVaWUzX1E0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEB232AAMEBdQJYDANBAIAAjAHAwUD
KgIrkDANBgkqhkiG9w0BAQsFAAOCAQEAYVmUDXsIkKAM9pIRWe8r/FOzRK0yREGO
WeVaz7OgkGD12nx8Plm1DoidYe/wMrYU0n9gKsMnPlyx+svVqCw45j//IFS/cwwW
4mwY22LIpdGpK/ca5LV9ChAyRH9TugldNigdVacuLatfuyDfSU1JJiGbXmbFqKZZ
0lNwpQEwCqt214ukZMDGrnuGJevddKApJdgqM0F81KIy8HaVOr2rGBIMDu5RcEoM
63oNje1KihbqqmrErf7xylN8Hm8XG7wI+HUWUbr+MP3WC3z1ivGLKgsjzJiESjTO
oqyKiAULsAY7TpugNFInna7gb/81M4+KGwI8l34O0cYSN4Vv0+oWUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-fra.rpki-client.org