Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/L_9yjH9xC7_S4bbAxl-xqxRS5Ts.roa
File: L_9yjH9xC7_S4bbAxl-xqxRS5Ts.roa (raw, json)
Hash identifier: Zg82rrPGHu8M7dTcdI3kR+J/dqOgd6c6ZdEvJoFNP+M=
Subject key identifier: 2F:FF:72:8C:7F:71:0B:BF:D2:E1:B6:C0:C6:5F:B1:AB:14:52:E5:3B
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018D13D7F288FC4594B91E30F05FEECD965F
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/L_9yjH9xC7_S4bbAxl-xqxRS5Ts.roa
Signing time: Tue 16 Jan 2024 19:55:35 +0000
ROA not before: Tue 16 Jan 2024 19:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 62.204.32.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f2:88:fc:45:94:b9:1e:30:f0:5f:ee:cd:96:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 16 19:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fff728c7f710bbfd2e1b6c0c65fb1ab1452e53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5f:b9:66:8e:9c:73:7c:e8:3f:15:84:72:d4:
ad:69:c1:11:d2:7f:db:3c:1c:71:dc:58:59:5b:f4:
da:82:38:cd:cd:06:0a:db:62:64:ee:34:b5:df:89:
03:4d:50:8c:93:cd:44:b5:1a:c4:5d:56:39:2e:39:
0c:f6:a9:a2:a6:29:b9:9a:38:a1:49:bd:93:9a:be:
52:12:68:45:4b:b5:49:65:f2:f6:f2:04:9b:b8:a2:
fa:56:2f:3f:9a:51:53:20:e1:31:16:e4:b7:9a:c7:
e9:dc:c8:12:6b:8d:37:f6:45:38:2a:33:bb:fd:a3:
c4:48:fa:06:3f:36:65:f2:93:11:98:df:f2:93:14:
25:56:d7:6f:d2:42:d6:67:96:a1:85:83:fe:d8:c9:
79:54:fe:ba:23:75:5f:4d:52:99:0b:bb:d5:41:f0:
50:5c:fa:4f:d6:1f:8e:1d:35:d7:58:03:0d:80:e0:
cc:14:73:6c:63:93:30:3c:ac:d6:55:80:48:28:b3:
3a:27:bc:3b:78:79:6f:6c:ed:28:ba:fc:cd:81:58:
83:25:34:de:ad:c5:c3:02:7e:58:46:e2:80:93:22:
b2:d4:06:5a:c1:29:c4:55:a5:7a:8d:af:ab:66:4c:
e0:99:d1:f8:9d:94:26:93:44:61:f8:45:f5:a8:df:
e0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FF:72:8C:7F:71:0B:BF:D2:E1:B6:C0:C6:5F:B1:AB:14:52:E5:3B
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/L_9yjH9xC7_S4bbAxl-xqxRS5Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.32.0/24
185.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0a:70:d9:bd:37:76:99:a0:72:f4:c6:30:77:a2:a1:2e:3d:
63:c3:f7:8e:05:ba:e0:49:4a:83:19:01:f7:88:38:3c:ef:27:
cc:9f:66:60:0a:db:3c:1b:9d:09:ec:0f:43:6e:48:26:c3:3a:
57:5c:13:cf:45:21:7a:7a:b7:6a:bc:99:6d:e8:68:da:12:c7:
62:07:02:a1:7e:3e:8f:e4:cb:74:7d:d4:4a:93:35:d1:f7:38:
dc:14:06:e1:26:0d:7e:a6:8c:5f:24:84:5b:0b:ad:6e:ec:a2:
ba:a9:83:c5:75:81:e5:7a:f6:b1:4b:8d:95:65:78:4e:63:d8:
3b:06:c5:fe:33:7d:14:d6:31:65:bb:a5:06:29:bf:35:c9:85:
e2:d8:b5:92:fa:db:22:91:e2:40:a1:72:99:cc:3c:0b:f9:a1:
23:8d:c8:32:38:e1:f4:08:3e:3a:d0:63:63:c1:53:fc:62:4e:
7e:e4:33:c9:87:5b:81:d2:20:f4:32:fe:b3:70:0b:8b:1d:1d:
6b:d3:93:be:72:59:7c:0b:e6:de:52:c7:17:d4:70:7d:1e:24:
d1:a5:93:56:85:24:5c:c6:f8:be:a9:f9:4d:04:db:5e:4c:6d:
e2:8d:1c:c6:44:b2:5e:5e:2a:3f:a1:23:0e:fc:31:c7:0d:2d:
25:c2:25:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1/KI/EWUuR4w8F/uzZZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZmNzI4YzdmNzEwYmJmZDJlMWI2YzBjNjVmYjFhYjE0NTJlNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF+5Zo6cc3zoPxWEctStacER0n/b
PBxx3FhZW/TagjjNzQYK22Jk7jS134kDTVCMk81EtRrEXVY5LjkM9qmipim5mjih
Sb2Tmr5SEmhFS7VJZfL28gSbuKL6Vi8/mlFTIOExFuS3msfp3MgSa4039kU4KjO7
/aPESPoGPzZl8pMRmN/ykxQlVtdv0kLWZ5ahhYP+2Ml5VP66I3VfTVKZC7vVQfBQ
XPpP1h+OHTXXWAMNgODMFHNsY5MwPKzWVYBIKLM6J7w7eHlvbO0ouvzNgViDJTTe
rcXDAn5YRuKAkyKy1AZawSnEVaV6ja+rZkzgmdH4nZQmk0Rh+EX1qN/gSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC//cox/cQu/0uG2wMZfsasUUuU7MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTF85eWpIOXhDN19TNGJiQXhsLXhxeFJTNVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPswgAwQA
uf0CMA0GCSqGSIb3DQEBCwUAA4IBAQBqCnDZvTd2maBy9MYwd6KhLj1jw/eOBbrg
SUqDGQH3iDg87yfMn2ZgCts8G50J7A9DbkgmwzpXXBPPRSF6erdqvJlt6GjaEsdi
BwKhfj6P5Mt0fdRKkzXR9zjcFAbhJg1+poxfJIRbC61u7KK6qYPFdYHlevaxS42V
ZXhOY9g7BsX+M30U1jFlu6UGKb81yYXi2LWS+tsikeJAoXKZzDwL+aEjjcgyOOH0
CD460GNjwVP8Yk5+5DPJh1uB0iD0Mv6zcAuLHR1r05O+cll8C+beUscX1HB9HiTR
pZNWhSRcxvi+qflNBNteTG3ijRzGRLJeXio/oSMO/DHHDS0lwiW9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org