Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CTm9lTiOuuozb2ju4MalcE0mah8.roa
File: CTm9lTiOuuozb2ju4MalcE0mah8.roa (raw, json)
Hash identifier: rVAgbwj8KRI9nTG0H+SY09K0XIXDrq7vrNMptpCfxrQ=
Subject key identifier: 09:39:BD:95:38:8E:BA:EA:33:6F:68:EE:E0:C6:A5:70:4D:26:6A:1F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCD8716410723C3FE7491D9613E5BC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CTm9lTiOuuozb2ju4MalcE0mah8.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61218
IP address blocks: 31.42.183.0/24 maxlen: 24
2a0e:97c0:4b00::/40 maxlen: 48
2a0e:b100:1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d8:71:64:10:72:3c:3f:e7:49:1d:96:13:e5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0939bd95388ebaea336f68eee0c6a5704d266a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f4:09:ce:40:af:2d:1a:1d:3f:a3:54:b5:c0:
27:4b:2f:3c:09:a5:d8:38:5a:d3:fd:76:c1:e6:ea:
3f:1d:90:34:08:e7:db:2f:08:1d:e9:2a:c0:3c:5b:
1b:06:f9:3f:8f:75:c5:2a:b3:6f:83:0e:03:13:ca:
02:4d:67:d3:eb:1a:48:68:82:48:7d:fa:88:62:8b:
91:c8:c8:82:d2:0f:0d:c8:c5:d0:8b:4b:a8:97:6c:
81:bd:4f:1e:8c:df:5e:7c:39:da:95:06:cf:75:5c:
e4:0e:01:9c:04:d4:af:1f:b5:d2:76:dc:0a:20:9f:
d8:7a:4b:d1:4a:d8:dd:c3:78:0f:18:3c:1d:44:dc:
d9:db:95:c7:c1:eb:d2:21:0a:df:d7:fa:83:01:1e:
43:57:95:f2:7e:ec:c2:0f:6c:0f:16:43:6d:df:7e:
1f:ae:eb:7c:54:2b:2c:93:a6:04:8e:29:fa:c7:55:
13:ac:e7:c9:44:b2:4a:6b:62:56:d7:50:b2:ca:d0:
ce:f3:9e:6e:de:92:7a:fb:95:20:02:58:4c:bb:55:
ba:a2:ce:44:13:e1:da:cf:98:f2:32:ba:b6:27:db:
09:b7:f6:d8:c7:79:58:b4:18:f3:8c:37:d5:6c:30:
26:de:d5:f8:62:c2:45:2e:48:b8:7b:ff:ba:67:83:
55:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:39:BD:95:38:8E:BA:EA:33:6F:68:EE:E0:C6:A5:70:4D:26:6A:1F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CTm9lTiOuuozb2ju4MalcE0mah8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
IPv6:
2a0e:97c0:4b00::/40
2a0e:b100:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:8d:70:c0:01:d5:c5:ae:66:ac:d5:14:ef:c7:d7:26:7c:b2:
78:fe:46:a2:51:ad:8f:d5:d4:85:ae:99:84:fd:e2:79:c5:0f:
6a:be:3a:91:84:50:30:c9:11:8b:24:4b:af:23:8a:93:9f:ac:
ab:60:74:45:e1:d3:35:d6:5a:b6:a8:1a:3c:0a:c5:4a:df:a4:
a2:6d:2a:b6:e2:94:97:b2:59:f3:9b:4a:bc:e0:3e:2c:08:0f:
e5:b3:3b:78:d7:3b:71:e7:32:c9:4e:02:64:f9:0a:bc:05:a3:
24:c7:63:d5:1f:5c:dd:63:43:c7:58:41:63:ea:f7:50:4b:1c:
63:7b:5b:d4:73:22:1d:66:2a:13:a9:5f:65:22:77:71:de:03:
db:38:d3:c3:3b:a3:fb:b0:79:d3:5f:db:94:87:60:2a:d5:e9:
83:f9:8e:db:2d:de:fe:6a:68:0f:4a:84:97:61:90:b6:06:b9:
5b:5d:ad:84:1a:e1:14:66:df:b0:0c:c4:c6:00:9d:c9:e9:0d:
9c:1e:a5:d7:74:73:0d:0f:ec:b5:ef:59:1a:47:ce:b8:ab:dd:
63:cd:e2:fd:00:5e:9a:93:88:86:4d:88:46:a5:0e:1c:c0:78:
55:83:4d:22:06:a1:bd:5a:83:9e:e4:8f:54:9a:63:ad:3f:f1:
f9:d8:e0:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzJvNhxZBByPD/nSR2WE+W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM5YmQ5NTM4OGViYWVhMzM2ZjY4ZWVlMGM2YTU3MDRkMjY2YTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivQJzkCvLRodP6NUtcAnSy88CaXY
OFrT/XbB5uo/HZA0COfbLwgd6SrAPFsbBvk/j3XFKrNvgw4DE8oCTWfT6xpIaIJI
ffqIYouRyMiC0g8NyMXQi0uol2yBvU8ejN9efDnalQbPdVzkDgGcBNSvH7XSdtwK
IJ/YekvRStjdw3gPGDwdRNzZ25XHwevSIQrf1/qDAR5DV5XyfuzCD2wPFkNt334f
rut8VCssk6YEjin6x1UTrOfJRLJKa2JW11CyytDO855u3pJ6+5UgAlhMu1W6os5E
E+Haz5jyMrq2J9sJt/bYx3lYtBjzjDfVbDAm3tX4YsJFLki4e/+6Z4NVwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAk5vZU4jrrqM29o7uDGpXBNJmofMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1RtOWxUaU91dW96YjJqdTRNYWxjRTBtYWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAHyq3MBcE
AgACMBEDBgAqDpfASwMHACoOsQAAATANBgkqhkiG9w0BAQsFAAOCAQEABI1wwAHV
xa5mrNUU78fXJnyyeP5GolGtj9XUha6ZhP3iecUPar46kYRQMMkRiyRLryOKk5+s
q2B0ReHTNdZatqgaPArFSt+kom0qtuKUl7JZ85tKvOA+LAgP5bM7eNc7cecyyU4C
ZPkKvAWjJMdj1R9c3WNDx1hBY+r3UEscY3tb1HMiHWYqE6lfZSJ3cd4D2zjTwzuj
+7B501/blIdgKtXpg/mO2y3e/mpoD0qEl2GQtga5W12thBrhFGbfsAzExgCdyekN
nB6l13RzDQ/ste9ZGkfOuKvdY83i/QBempOIhk2IRqUOHMB4VYNNIgahvVqDnuSP
VJpjrT/x+djgOQ==
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:06 2024 by rpki-client on console-fra.rpki-client.org