Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dyLPDqmxPq0J-GMnGVDpzOABekI.roa
File: dyLPDqmxPq0J-GMnGVDpzOABekI.roa (raw, json)
Hash identifier: mzqDfXz2bQiPcgOYqj+x8RwgK6suXhL4FyZ21m9vjOw=
Subject key identifier: 77:22:CF:0E:A9:B1:3E:AD:09:F8:63:27:19:50:E9:CC:E0:01:7A:42
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0185C9994A2A8282EE0C0A2B485761FA3AFC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dyLPDqmxPq0J-GMnGVDpzOABekI.roa
Signing time: Thu 19 Jan 2023 10:35:44 +0000
ROA not before: Thu 19 Jan 2023 10:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 212.107.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:99:4a:2a:82:82:ee:0c:0a:2b:48:57:61:fa:3a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 19 10:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7722cf0ea9b13ead09f863271950e9cce0017a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e1:24:a5:d8:aa:59:cd:3b:8a:b3:97:91:98:
ee:6f:35:ba:86:ae:6e:b5:1b:87:81:1a:fb:ee:10:
d8:f8:36:de:a8:6f:f1:02:1e:40:3d:8b:fc:da:58:
3d:27:76:83:d3:c5:28:b4:19:76:f4:17:b0:44:8d:
72:4f:ee:2d:2b:6d:17:69:f7:14:cb:60:7b:75:0f:
c7:d7:d5:c8:37:7a:51:6f:7e:1c:ac:a8:04:ae:f9:
10:a9:b8:e5:2e:45:a8:f6:99:a3:82:98:d9:dd:94:
50:6c:26:1c:46:6d:43:c1:3d:5a:f0:9b:a5:16:9d:
54:6b:b0:6c:35:eb:f9:be:8e:22:40:46:2b:d2:9b:
9f:4d:4e:86:77:76:f2:72:a6:9e:7b:48:83:95:00:
be:35:d8:ec:a4:89:b4:a7:bb:94:c1:c6:84:ba:cf:
b1:00:50:7c:d6:78:c3:35:d3:49:dd:6c:be:d7:e0:
1a:31:83:ae:52:c4:95:3f:8b:c1:4c:20:b8:38:55:
9e:af:fd:bf:41:4b:87:bb:16:ea:39:45:2e:9c:53:
b6:90:50:16:69:86:25:37:95:2e:25:3e:f6:80:16:
df:22:b5:ea:0f:3c:86:61:de:77:5a:2f:f5:12:05:
18:7f:d7:6c:8d:0a:e0:35:5f:f8:9c:c7:55:61:f8:
7b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:22:CF:0E:A9:B1:3E:AD:09:F8:63:27:19:50:E9:CC:E0:01:7A:42
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dyLPDqmxPq0J-GMnGVDpzOABekI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.27.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a7:65:c1:f6:16:12:da:be:f5:f6:6f:df:7e:7a:89:5d:8e:
b7:f2:fb:bd:4d:23:d3:4e:c4:21:b1:f0:58:32:f3:af:b0:04:
40:6f:39:cf:c5:51:75:67:4f:6c:01:a1:6c:f6:21:26:3d:c5:
a4:5c:92:92:7b:cb:97:74:67:68:40:69:f9:75:59:3a:7d:e0:
13:1f:16:25:37:c2:ca:7f:98:3b:97:ec:bd:8c:c9:8d:d8:b6:
18:bf:f9:15:d6:ec:9a:84:6c:e1:22:3a:35:78:d9:78:a2:84:
1c:c5:70:34:f3:8b:d4:25:a3:d3:65:66:85:92:37:20:15:a3:
36:f1:4e:8c:d7:e4:fe:da:e9:a7:56:28:a4:08:c9:de:81:f1:
bf:f3:f9:aa:fb:d8:14:44:ac:77:b2:45:4f:f0:27:48:8b:61:
a3:6a:71:ca:71:ed:82:4d:8e:e6:bd:45:e0:d8:1d:fd:91:f7:
cb:35:73:4b:7a:08:45:41:81:c6:c8:24:91:60:0f:30:fd:21:
f1:02:cf:ae:7d:c7:fc:58:37:e5:c7:64:ab:e6:a8:6b:1d:51:
e2:b9:a5:c8:a9:94:cb:2a:13:3e:4a:d5:91:e5:d7:d9:6d:87:
43:19:e0:db:e7:df:27:87:1f:8d:ca:4e:00:dd:aa:e1:95:6d:
36:56:c5:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXJmUoqgoLuDAorSFdh+jr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTE5MTAzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIyY2YwZWE5YjEzZWFkMDlmODYzMjcxOTUwZTljY2UwMDE3YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uEkpdiqWc07irOXkZjubzW6hq5u
tRuHgRr77hDY+DbeqG/xAh5APYv82lg9J3aD08UotBl29BewRI1yT+4tK20XafcU
y2B7dQ/H19XIN3pRb34crKgErvkQqbjlLkWo9pmjgpjZ3ZRQbCYcRm1DwT1a8Jul
Fp1Ua7BsNev5vo4iQEYr0pufTU6Gd3bycqaee0iDlQC+NdjspIm0p7uUwcaEus+x
AFB81njDNdNJ3Wy+1+AaMYOuUsSVP4vBTCC4OFWer/2/QUuHuxbqOUUunFO2kFAW
aYYlN5UuJT72gBbfIrXqDzyGYd53Wi/1EgUYf9dsjQrgNV/4nMdVYfh7NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcizw6psT6tCfhjJxlQ6czgAXpCMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvZHlMUERxbXhQcTBKLUdNbkdWRHB6T0FCZWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GsbMA0G
CSqGSIb3DQEBCwUAA4IBAQA6p2XB9hYS2r719m/ffnqJXY638vu9TSPTTsQhsfBY
MvOvsARAbznPxVF1Z09sAaFs9iEmPcWkXJKSe8uXdGdoQGn5dVk6feATHxYlN8LK
f5g7l+y9jMmN2LYYv/kV1uyahGzhIjo1eNl4ooQcxXA084vUJaPTZWaFkjcgFaM2
8U6M1+T+2umnViikCMnegfG/8/mq+9gURKx3skVP8CdIi2GjanHKce2CTY7mvUXg
2B39kffLNXNLeghFQYHGyCSRYA8w/SHxAs+ufcf8WDflx2Sr5qhrHVHiuaXIqZTL
KhM+StWR5dfZbYdDGeDb598nhx+Nyk4A3arhlW02VsW5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org