Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/yuPuMgiOTDY-g2k5Ie42nqCNDn4.roa
File: yuPuMgiOTDY-g2k5Ie42nqCNDn4.roa (raw, json)
Hash identifier: 5WdFqnb0YXoS4/t5ms6Yy3vRVxvCVrPpJhvxtFYOKTk=
Subject key identifier: CA:E3:EE:32:08:8E:4C:36:3E:83:69:39:21:EE:36:9E:A0:8D:0E:7E
Certificate issuer: /CN=8dc69c6bbe89e7c0479b617744a4424f66674944
Certificate serial: 018CCA2A2968DB2D4603D0A96B955193347C
Authority key identifier: 8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/yuPuMgiOTDY-g2k5Ie42nqCNDn4.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199239
IP address blocks: 91.92.115.0/24 maxlen: 24
85.202.95.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:29:68:db:2d:46:03:d0:a9:6b:95:51:93:34:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc69c6bbe89e7c0479b617744a4424f66674944
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cae3ee32088e4c363e83693921ee369ea08d0e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d9:45:01:ca:cd:41:9e:46:30:16:d2:05:08:
da:a8:c9:1d:1f:f4:ed:56:66:70:df:db:ea:2c:c1:
83:ec:b1:c0:e1:9d:36:a6:d6:57:fb:cd:0f:1d:82:
81:31:09:2b:7e:cc:68:00:30:83:4f:b8:eb:bc:f7:
4e:5e:16:c6:d1:6b:b1:e5:73:13:21:ab:4a:72:97:
57:a7:3d:17:f0:0b:50:d3:0e:1b:4a:6c:c2:83:b2:
68:14:ee:49:ab:ff:6d:6c:4d:a4:ff:ff:12:43:bb:
21:af:55:4c:73:3d:85:bb:3b:9b:df:b6:f2:1c:7d:
29:72:69:ce:53:7b:91:12:c4:89:0a:c6:b6:6e:be:
5d:5c:bf:41:1f:9e:b5:07:d6:0e:5f:1f:e8:5d:49:
02:28:d2:f0:47:24:a9:02:b8:06:e9:95:eb:d4:2b:
cc:9a:bb:b8:09:d3:ba:f6:38:af:b2:e0:98:d1:75:
da:72:be:00:2e:c5:ce:a3:cd:fe:d7:a9:0b:88:3a:
40:e9:dc:fe:dd:1b:3a:c0:a2:fe:27:03:e2:b0:7c:
da:f4:f4:2e:aa:df:88:17:08:60:12:2a:25:d0:7a:
12:cd:06:a5:99:5d:ce:32:95:18:5d:81:b2:1d:bf:
39:86:64:00:08:79:a0:e5:d8:26:67:3c:10:43:7b:
e6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E3:EE:32:08:8E:4C:36:3E:83:69:39:21:EE:36:9E:A0:8D:0E:7E
X509v3 Authority Key Identifier:
keyid:8D:C6:9C:6B:BE:89:E7:C0:47:9B:61:77:44:A4:42:4F:66:67:49:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcaca76J58BHm2F3RKRCT2ZnSUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/yuPuMgiOTDY-g2k5Ie42nqCNDn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/23db5c-1a10-44c6-9d77-bb5caac2e903/1/jcaca76J58BHm2F3RKRCT2ZnSUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.95.0/24
91.92.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:43:a6:4c:35:22:d7:51:f2:ea:43:4a:45:3a:56:16:13:8a:
a6:55:d1:d5:55:b3:ee:05:1e:5d:05:94:b4:60:0d:8a:81:e7:
2e:98:df:6e:93:8c:3b:09:e8:f3:3e:f6:76:79:a2:7b:1e:f3:
52:c0:82:8c:59:ee:a8:5f:5f:fd:7f:2d:1c:2c:9d:b1:22:b9:
5b:27:12:8d:3f:e9:4b:b8:8b:57:f7:5a:a9:57:34:d3:8e:1f:
4f:39:8c:4a:60:fa:66:1c:54:1c:77:98:7a:48:8e:db:fa:73:
ad:cf:76:ed:16:6a:5c:fd:5d:cf:bd:cd:94:1c:8a:7d:bc:92:
5d:5f:9a:2e:48:3d:96:90:1f:0a:47:8f:64:d1:df:b5:c5:d7:
25:c7:e3:49:a8:6d:b5:34:a6:89:af:9c:8a:62:0a:03:ae:0b:
ec:51:55:89:4a:3e:c1:d8:15:dd:08:fd:d2:5b:0f:c9:c9:70:
92:5f:51:4f:d9:11:59:42:7e:49:60:89:54:4e:45:85:2c:84:
d7:31:ac:b9:ff:b6:a2:ed:6f:b9:cd:6e:42:4d:e2:78:40:53:
90:5d:47:84:51:76:07:47:fe:4c:71:37:a5:c1:26:93:e8:b2:
27:c7:34:34:f1:65:74:50:b0:ae:84:a9:88:92:52:cc:26:02:
9a:43:8d:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKilo2y1GA9Cpa5VRkzR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzY5YzZiYmU4OWU3YzA0NzliNjE3NzQ0YTQ0MjRmNjY2
NzQ5NDQwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUzZWUzMjA4OGU0YzM2M2U4MzY5MzkyMWVlMzY5ZWEwOGQwZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9lFAcrNQZ5GMBbSBQjaqMkdH/Tt
VmZw39vqLMGD7LHA4Z02ptZX+80PHYKBMQkrfsxoADCDT7jrvPdOXhbG0Wux5XMT
IatKcpdXpz0X8AtQ0w4bSmzCg7JoFO5Jq/9tbE2k//8SQ7shr1VMcz2Fuzub37by
HH0pcmnOU3uREsSJCsa2br5dXL9BH561B9YOXx/oXUkCKNLwRySpArgG6ZXr1CvM
mru4CdO69jivsuCY0XXacr4ALsXOo83+16kLiDpA6dz+3Rs6wKL+JwPisHza9PQu
qt+IFwhgEiol0HoSzQalmV3OMpUYXYGyHb85hmQACHmg5dgmZzwQQ3vmTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMrj7jIIjkw2PoNpOSHuNp6gjQ5+MB8GA1UdIwQY
MBaAFI3GnGu+iefAR5thd0SkQk9mZ0lEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzct
YmI1Y2FhYzJlOTAzLzEveXVQdU1naU9URFktZzJrNUllNDJucUNORG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yM2RiNWMtMWExMC00NGM2LTlkNzctYmI1Y2FhYzJlOTAz
LzEvamNhY2E3Nko1OEJIbTJGM1JLUkNUMlpuU1VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcpfAwQA
W1xzMA0GCSqGSIb3DQEBCwUAA4IBAQB6Q6ZMNSLXUfLqQ0pFOlYWE4qmVdHVVbPu
BR5dBZS0YA2KgecumN9uk4w7CejzPvZ2eaJ7HvNSwIKMWe6oX1/9fy0cLJ2xIrlb
JxKNP+lLuItX91qpVzTTjh9POYxKYPpmHFQcd5h6SI7b+nOtz3btFmpc/V3Pvc2U
HIp9vJJdX5ouSD2WkB8KR49k0d+1xdclx+NJqG21NKaJr5yKYgoDrgvsUVWJSj7B
2BXdCP3SWw/JyXCSX1FP2RFZQn5JYIlUTkWFLITXMay5/7ai7W+5zW5CTeJ4QFOQ
XUeEUXYHR/5McTelwSaT6LInxzQ08WV0ULCuhKmIklLMJgKaQ42T
-----END CERTIFICATE-----
Generated at Wed Jul 31 10:33:50 2024 by rpki-client on console-fra.rpki-client.org