Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Mz_yYWbrzwN5viZ7assqsgezn64.roa
File: Mz_yYWbrzwN5viZ7assqsgezn64.roa (raw, json)
Hash identifier: oABY8Va7v1fXpeJtlylNsQHNNQrhMSh/OLXSi746x4o=
Subject key identifier: 33:3F:F2:61:66:EB:CF:03:79:BE:26:7B:6A:CB:2A:B2:07:B3:9F:AE
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E9EDFD3619B2D53DF61BF9B65EBC11D5F
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Mz_yYWbrzwN5viZ7assqsgezn64.roa
Signing time: Tue 02 Apr 2024 12:54:12 +0000
ROA not before: Tue 02 Apr 2024 12:54:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 31.40.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:df:d3:61:9b:2d:53:df:61:bf:9b:65:eb:c1:1d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 2 12:54:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=333ff26166ebcf0379be267b6acb2ab207b39fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a8:0a:c5:67:67:2c:59:2c:91:49:fc:11:20:
6b:46:dc:6e:6e:18:eb:71:ad:11:eb:b3:14:09:68:
bd:e1:9b:c8:bb:fc:0c:09:c2:d6:52:89:b1:2a:c0:
f3:60:d6:7d:86:5f:37:56:b9:e2:a7:c6:34:4d:bb:
69:61:cc:04:05:e6:65:67:cf:40:e6:06:30:e7:6e:
2f:ef:98:67:04:fd:78:97:e0:31:11:64:a8:af:17:
3c:cd:21:3f:1a:b4:bd:b5:4d:27:56:b8:41:50:97:
54:75:73:39:95:36:d2:8b:56:7d:c5:04:b2:d7:5a:
f2:b5:01:37:14:51:36:32:db:ee:9e:fe:d0:13:ee:
25:95:3a:44:73:3d:33:e4:07:53:65:cb:ba:81:30:
0f:c4:59:1f:fe:ed:aa:9d:52:26:82:dc:2b:c3:d8:
e1:a5:b2:29:6f:71:9f:08:75:f2:34:6f:52:0d:d0:
a8:86:92:a7:aa:40:f1:55:83:77:76:86:19:b9:bf:
b5:b8:2a:cb:be:98:0e:89:c8:cc:ca:6f:75:a1:8a:
4f:d8:18:c7:43:24:4e:25:01:d7:ce:65:22:f0:56:
e1:36:0e:d1:e8:d3:0c:87:4f:04:46:32:ba:00:e4:
2b:c9:f7:9a:80:59:e6:d3:91:f7:07:50:5e:4f:a7:
66:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3F:F2:61:66:EB:CF:03:79:BE:26:7B:6A:CB:2A:B2:07:B3:9F:AE
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Mz_yYWbrzwN5viZ7assqsgezn64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.250.0/24
Signature Algorithm: sha256WithRSAEncryption
42:d0:49:b5:ad:4d:87:d7:76:15:66:22:31:b5:04:87:72:bc:
83:cc:45:ff:eb:08:99:b7:d4:85:fe:dc:98:4c:7c:8f:19:41:
28:85:3b:07:1d:94:76:ef:fb:e5:ce:47:8f:ed:4e:a5:1d:71:
f8:eb:95:c4:ae:5b:cf:02:b3:4a:49:dd:18:54:3d:ce:a9:93:
f7:a4:c2:f4:da:20:a2:94:72:f2:b2:9e:d1:4c:4c:34:4c:78:
36:0a:a5:5d:13:af:27:bf:ed:37:de:2d:5f:85:7d:b4:9e:65:
75:ef:70:ab:eb:b9:1d:db:80:fa:48:06:26:ad:07:f0:a1:7e:
e0:4e:37:27:da:70:92:58:7e:ca:44:5c:b2:36:4c:fb:08:f3:
71:f7:f8:ff:be:7b:14:55:79:d1:43:21:e6:31:b6:ff:24:34:
09:af:b8:07:67:0d:de:e1:ce:fe:0b:10:d0:d4:ae:e2:2e:03:
30:dd:c8:90:b5:b8:dc:9f:7b:c5:f9:8e:c5:8e:86:46:14:04:
13:69:b8:96:64:f9:a6:f0:0e:6f:00:02:d8:3a:db:3c:35:e6:
32:a4:4f:d3:24:27:db:6c:b6:bc:a5:00:43:ee:2a:43:6f:6a:
ea:a5:dd:8f:23:a9:d7:77:ee:75:52:92:30:bb:5d:dd:b1:ae:
4d:53:36:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6e39Nhmy1T32G/m2XrwR1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNDAyMTI1NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNmZjI2MTY2ZWJjZjAzNzliZTI2N2I2YWNiMmFiMjA3YjM5ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqgKxWdnLFkskUn8ESBrRtxubhjr
ca0R67MUCWi94ZvIu/wMCcLWUomxKsDzYNZ9hl83Vrnip8Y0TbtpYcwEBeZlZ89A
5gYw524v75hnBP14l+AxEWSorxc8zSE/GrS9tU0nVrhBUJdUdXM5lTbSi1Z9xQSy
11rytQE3FFE2Mtvunv7QE+4llTpEcz0z5AdTZcu6gTAPxFkf/u2qnVImgtwrw9jh
pbIpb3GfCHXyNG9SDdCohpKnqkDxVYN3doYZub+1uCrLvpgOicjMym91oYpP2BjH
QyROJQHXzmUi8FbhNg7R6NMMh08ERjK6AOQryfeagFnm05H3B1BeT6dmJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDM/8mFm688Deb4me2rLKrIHs5+uMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTXpfeVlXYnJ6d041dmlaN2Fzc3FzZ2V6bjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyj6MA0G
CSqGSIb3DQEBCwUAA4IBAQBC0Em1rU2H13YVZiIxtQSHcryDzEX/6wiZt9SF/tyY
THyPGUEohTsHHZR27/vlzkeP7U6lHXH465XErlvPArNKSd0YVD3OqZP3pML02iCi
lHLysp7RTEw0THg2CqVdE68nv+033i1fhX20nmV173Cr67kd24D6SAYmrQfwoX7g
Tjcn2nCSWH7KRFyyNkz7CPNx9/j/vnsUVXnRQyHmMbb/JDQJr7gHZw3e4c7+CxDQ
1K7iLgMw3ciQtbjcn3vF+Y7FjoZGFAQTabiWZPmm8A5vAALYOts8NeYypE/TJCfb
bLa8pQBD7ipDb2rqpd2PI6nXd+51UpIwu13dsa5NUzZD
-----END CERTIFICATE-----
Generated at Fri Aug 30 07:31:20 2024 by rpki-client on console-fra.rpki-client.org