Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/IMYAIMqe2ceplrykthhFYkzX8BA.roa
File: IMYAIMqe2ceplrykthhFYkzX8BA.roa (raw, json)
Hash identifier: wiRxGZgrngdoKw9b2N4nkltqdI+43888BlnVlszvWZA=
Subject key identifier: 20:C6:00:20:CA:9E:D9:C7:A9:96:BC:A4:B6:18:45:62:4C:D7:F0:10
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 0190DB7FB80F77464C5F2ACEEEBC97E98316
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/IMYAIMqe2ceplrykthhFYkzX8BA.roa
Signing time: Mon 22 Jul 2024 17:31:38 +0000
ROA not before: Mon 22 Jul 2024 17:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15672
IP address blocks: 31.24.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:7f:b8:0f:77:46:4c:5f:2a:ce:ee:bc:97:e9:83:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Jul 22 17:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20c60020ca9ed9c7a996bca4b61845624cd7f010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:65:f5:d3:7a:4d:c5:17:83:79:9b:77:bc:4d:
fd:2f:97:3c:fb:40:d6:61:75:7d:44:40:f9:51:9c:
3d:9c:4a:2c:6c:79:fa:29:b4:fb:fb:fc:6a:ba:83:
60:6e:a3:2a:e9:42:85:2b:25:14:ac:7d:40:9c:81:
9f:25:98:f0:53:17:c0:59:a8:9d:37:63:8f:07:fd:
ad:11:9a:6b:37:db:7c:47:b1:10:9e:f2:78:73:a9:
15:b4:3b:24:72:6a:ec:70:05:c6:0b:33:de:f7:54:
b5:96:5f:46:89:8b:ce:c2:65:e7:12:50:31:1f:30:
58:07:46:2f:c2:43:a7:79:3f:af:13:84:66:82:ae:
1b:ea:35:52:db:bc:e1:35:ee:1b:e8:9b:e7:0d:03:
b3:26:21:a3:aa:69:7c:5a:9c:a0:c0:58:53:20:a4:
c9:49:6c:f4:2d:4b:b4:d7:d6:a6:86:ee:9d:0d:96:
28:a3:88:74:29:c8:e4:3c:ee:8d:ae:41:6c:2d:69:
38:ab:cd:b9:e2:9b:b2:51:b3:92:d9:0b:9f:43:7f:
63:3b:11:b2:7c:59:b5:d6:cc:c3:57:30:8f:b3:02:
77:85:cd:a6:01:c2:ef:a1:fb:99:82:99:8c:a3:38:
76:96:3e:c3:66:ca:7d:db:b3:1f:9b:61:96:bc:1b:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C6:00:20:CA:9E:D9:C7:A9:96:BC:A4:B6:18:45:62:4C:D7:F0:10
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/IMYAIMqe2ceplrykthhFYkzX8BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.255.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d0:b7:f0:81:7d:ac:48:c2:bc:92:80:ff:fc:92:48:83:52:
ca:fb:6d:81:9b:c8:f2:dd:47:5d:31:3c:a6:dc:95:a5:6a:85:
1e:5e:21:69:5e:f4:be:70:fe:e9:71:4c:1e:ea:03:a4:23:d5:
7b:47:1b:a5:82:25:3d:bf:4e:76:9c:67:5a:18:0a:a6:ff:45:
47:4c:9b:a2:22:0d:59:7a:9c:ed:a5:2b:fb:a3:7f:71:6b:af:
b7:66:ac:11:52:36:38:19:4f:88:3b:f9:b9:74:c9:4f:ad:f7:
4f:53:0e:73:27:18:f3:8e:c7:bd:86:37:06:f5:fb:69:40:4e:
79:3c:e4:00:50:fb:5e:e9:30:15:7f:be:3c:a0:ad:03:3e:f2:
5a:d7:25:9e:2b:a2:0f:fe:09:51:e6:33:4f:97:96:16:73:c6:
d1:c5:ed:5e:4d:10:a2:4f:9f:5c:3e:8d:e8:d6:fe:ca:66:9f:
ef:a9:38:89:0d:cd:00:b1:61:af:bb:6a:83:cb:51:9b:b2:c7:
23:30:f7:45:54:49:c9:f4:fe:ff:28:be:24:8a:d0:69:29:2b:
6e:43:be:ff:44:c7:e2:04:45:c4:57:4e:a5:bf:41:89:1c:22:
d6:00:46:82:f4:79:e5:87:05:a9:88:d8:d1:92:a4:85:93:d0:
d7:52:b2:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDbf7gPd0ZMXyrO7ryX6YMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjQwNzIyMTczMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM2MDAyMGNhOWVkOWM3YTk5NmJjYTRiNjE4NDU2MjRjZDdmMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02X103pNxReDeZt3vE39L5c8+0DW
YXV9RED5UZw9nEosbHn6KbT7+/xquoNgbqMq6UKFKyUUrH1AnIGfJZjwUxfAWaid
N2OPB/2tEZprN9t8R7EQnvJ4c6kVtDskcmrscAXGCzPe91S1ll9GiYvOwmXnElAx
HzBYB0YvwkOneT+vE4Rmgq4b6jVS27zhNe4b6JvnDQOzJiGjqml8WpygwFhTIKTJ
SWz0LUu019amhu6dDZYoo4h0KcjkPO6NrkFsLWk4q8254puyUbOS2QufQ39jOxGy
fFm11szDVzCPswJ3hc2mAcLvofuZgpmMozh2lj7DZsp927Mfm2GWvBv3+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDGACDKntnHqZa8pLYYRWJM1/AQMB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvSU1ZQUlNcWUyY2VwbHJ5a3RoaEZZa3pYOEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxj/MA0G
CSqGSIb3DQEBCwUAA4IBAQBj0LfwgX2sSMK8koD//JJIg1LK+22Bm8jy3UddMTym
3JWlaoUeXiFpXvS+cP7pcUwe6gOkI9V7RxulgiU9v052nGdaGAqm/0VHTJuiIg1Z
epztpSv7o39xa6+3ZqwRUjY4GU+IO/m5dMlPrfdPUw5zJxjzjse9hjcG9ftpQE55
POQAUPte6TAVf748oK0DPvJa1yWeK6IP/glR5jNPl5YWc8bRxe1eTRCiT59cPo3o
1v7KZp/vqTiJDc0AsWGvu2qDy1GbsscjMPdFVEnJ9P7/KL4kitBpKStuQ77/RMfi
BEXEV06lv0GJHCLWAEaC9HnlhwWpiNjRkqSFk9DXUrI/
-----END CERTIFICATE-----
Generated at Mon Aug 5 13:06:54 2024 by rpki-client on console-fra.rpki-client.org