Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/EYw0k2SLH_gSbDgrXL03m5a5ZN4.roa
File: EYw0k2SLH_gSbDgrXL03m5a5ZN4.roa (raw, json)
Hash identifier: ZWdjU79BwKgc+i0sjdLd6PwRXrNTC+6BVHEG0ZPyrto=
Subject key identifier: 11:8C:34:93:64:8B:1F:F8:12:6C:38:2B:5C:BD:37:9B:96:B9:64:DE
Certificate issuer: /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Certificate serial: 04FB3631
Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/EYw0k2SLH_gSbDgrXL03m5a5ZN4.roa
Signing time: Sat 01 Jan 2022 06:58:55 +0000
ROA not before: Sat 01 Jan 2022 06:58:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48544
IP address blocks: 31.185.17.0/24 maxlen: 24
31.185.16.0/24 maxlen: 24
31.185.23.0/24 maxlen: 24
31.185.22.0/24 maxlen: 24
31.185.21.0/24 maxlen: 24
31.185.19.0/24 maxlen: 24
31.185.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83572273 (0x4fb3631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b
Validity
Not Before: Jan 1 06:58:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=118c3493648b1ff8126c382b5cbd379b96b964de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:3e:66:c1:72:5e:47:f0:df:07:48:27:db:
be:fa:10:e7:62:ba:e5:66:8a:46:1a:33:0f:ea:4c:
a9:ba:e6:b4:75:89:1a:f5:3b:c4:5f:7f:7d:f3:86:
f0:29:62:c5:93:c1:92:74:53:4a:bb:67:67:4b:17:
b2:57:9f:24:d4:79:4c:08:18:a9:dd:20:ef:18:6e:
82:76:f4:ab:71:a1:c6:91:ec:c7:21:6e:30:74:84:
e5:7f:dd:30:ea:05:9c:af:09:fe:68:95:14:d9:bf:
bd:e0:28:54:a5:e0:32:56:5a:da:12:b8:e0:cf:dd:
43:97:b6:32:8b:d4:f2:43:e3:3e:57:78:2c:42:f4:
b7:f2:4f:ed:71:d7:36:99:f0:32:a0:5c:62:e7:74:
ba:d2:4d:d3:0c:c8:3b:80:38:f4:c7:f3:b8:5d:c3:
a6:b4:16:45:f6:40:db:9c:50:70:9e:04:a9:b1:ef:
c8:17:eb:11:6f:69:7a:c4:85:4b:d5:28:fa:4c:1d:
39:dd:24:51:ca:75:13:b7:f8:42:d8:f2:38:1a:5e:
cd:25:03:bc:73:ae:e2:72:74:bb:ca:e3:72:3a:19:
40:e0:1b:ee:23:aa:0b:3b:31:4e:8a:59:2e:3f:ac:
89:d1:ee:40:6c:ef:48:2e:a9:34:9a:e1:f0:19:a0:
7f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8C:34:93:64:8B:1F:F8:12:6C:38:2B:5C:BD:37:9B:96:B9:64:DE
X509v3 Authority Key Identifier:
keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/EYw0k2SLH_gSbDgrXL03m5a5ZN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.16.0/22
31.185.21.0-31.185.23.255
Signature Algorithm: sha256WithRSAEncryption
3d:d6:cf:3c:fc:8a:fd:8b:75:fa:45:03:14:ac:1a:38:d4:40:
03:b7:fc:5c:80:d0:d2:7a:79:75:ee:a0:50:c5:77:96:ae:37:
f9:07:91:df:b9:e2:fd:2a:ca:33:84:99:d2:d7:e8:99:c7:18:
4e:81:2a:2c:e2:8c:a3:4c:09:e8:4b:e0:cb:13:b0:31:6a:49:
9d:dc:31:56:40:8c:ec:91:7b:6e:a6:e7:aa:b9:ab:27:ec:f8:
0b:30:8a:b4:26:73:1d:d8:5f:18:4f:27:a8:fe:c7:71:1a:d1:
04:fb:3d:d5:7c:af:9d:10:e2:a9:6b:e2:2b:29:37:10:48:00:
2b:bb:35:71:10:2f:7c:b6:12:f5:1d:bb:e8:59:a4:09:33:b2:
fa:ec:f8:9e:f5:26:c3:32:b6:bc:f4:bc:0e:a7:a1:f2:34:e4:
d0:07:c8:8f:cb:71:ce:e3:91:c7:8a:62:5f:5e:d9:74:f7:71:
d2:72:bc:95:b1:88:05:73:77:41:ec:76:c4:6f:af:99:55:5a:
e6:a1:71:20:c3:a6:a1:ff:61:59:1e:15:63:9d:8b:b3:87:58:
f3:95:bf:77:9a:b0:12:42:c1:b4:0e:fc:34:dd:6e:98:95:17:
e8:ec:d3:e6:2e:33:0c:4f:f0:b8:aa:c4:e2:45:67:dd:93:d8:
12:15:a7:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBPs2MTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTY2YjRkYTQ4OTFmYjgwOTAxODJiYzMzYjQ5YjU5NjI0ZmM5ZDliMB4XDTIyMDEw
MTA2NTg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE4YzM0OTM2NDhi
MWZmODEyNmMzODJiNWNiZDM3OWI5NmI5NjRkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKi2PmbBcl5H8N8HSCfbvvoQ52K65WaKRhozD+pMqbrmtHWJ
GvU7xF9/ffOG8ClixZPBknRTSrtnZ0sXslefJNR5TAgYqd0g7xhugnb0q3GhxpHs
xyFuMHSE5X/dMOoFnK8J/miVFNm/veAoVKXgMlZa2hK44M/dQ5e2MovU8kPjPld4
LEL0t/JP7XHXNpnwMqBcYud0utJN0wzIO4A49MfzuF3DprQWRfZA25xQcJ4EqbHv
yBfrEW9pesSFS9Uo+kwdOd0kUcp1E7f4QtjyOBpezSUDvHOu4nJ0u8rjcjoZQOAb
7iOqCzsxTopZLj+sidHuQGzvSC6pNJrh8Bmgf8sCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQRjDSTZIsf+BJsOCtcvTeblrlk3jAfBgNVHSMEGDAWgBQZZrTaSJH7gJAY
K8M7SbWWJPydmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dXYTAya2lSLTRDUUdDdkRPMG0xbGlUOG5acy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNDEzZTkxLWFjZmUtNDdlMS1hZGQyLTc5ZDViNDZkOWMwZS8x
L0VZdzBrMlNMSF9nU2JEZ3JYTDAzbTVhNVpONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NDEzZTkxLWFjZmUtNDdlMS1hZGQyLTc5ZDViNDZkOWMwZS8xL0dXYTAya2lSLTRD
UUdDdkRPMG0xbGlUOG5acy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAh+5EDAMAwQAH7kVAwQDH7kQMA0G
CSqGSIb3DQEBCwUAA4IBAQA91s88/Ir9i3X6RQMUrBo41EADt/xcgNDSenl17qBQ
xXeWrjf5B5HfueL9KsozhJnS1+iZxxhOgSos4oyjTAnoS+DLE7Axakmd3DFWQIzs
kXtupuequasn7PgLMIq0JnMd2F8YTyeo/sdxGtEE+z3VfK+dEOKpa+IrKTcQSAAr
uzVxEC98thL1HbvoWaQJM7L67Pie9SbDMra89LwOp6HyNOTQB8iPy3HO45HHimJf
Xtl093HScryVsYgFc3dB7HbEb6+ZVVrmoXEgw6ah/2FZHhVjnYuzh1jzlb93mrAS
QsG0Dvw03W6YlRfo7NPmLjMMT/C4qsTiRWfdk9gSFafH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-fra.rpki-client.org