Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/bY23QSr002kdc9SIhemXHq4UvGs.roa
File: bY23QSr002kdc9SIhemXHq4UvGs.roa (raw, json)
Hash identifier: b2H0CMRCNdGMPhnwfeFSGHO8dpekGw4EkZSL1ICUAn4=
Subject key identifier: 6D:8D:B7:41:2A:F4:D3:69:1D:73:D4:88:85:E9:97:1E:AE:14:BC:6B
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 01828753F208CEEB1A1A44972FFB8A473E3B
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/bY23QSr002kdc9SIhemXHq4UvGs.roa
Signing time: Wed 10 Aug 2022 10:36:41 +0000
ROA not before: Wed 10 Aug 2022 10:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44854
IP address blocks: 103.229.81.0/24 maxlen: 24
185.219.6.0/24 maxlen: 24
27.123.244.0/22 maxlen: 22
93.114.180.0/23 maxlen: 24
2a10:e300:35::/48 maxlen: 48
2a10:e300::/32 maxlen: 48
2a10:e300:26::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:87:53:f2:08:ce:eb:1a:1a:44:97:2f:fb:8a:47:3e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Aug 10 10:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d8db7412af4d3691d73d48885e9971eae14bc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:55:c1:3d:12:a7:fe:30:d7:7b:da:fa:88:c3:
b3:71:4e:8c:1d:e9:b6:7b:98:58:29:83:58:37:86:
b2:83:11:5d:84:ae:43:4a:42:f3:18:fb:f1:73:97:
1d:37:f2:07:95:ca:6f:9f:d9:6d:d6:08:e9:93:5a:
4e:0e:1f:a4:46:d8:2f:e3:37:fa:06:43:a4:80:f9:
c9:32:66:d2:db:c2:1f:3e:8e:90:17:4d:14:3a:cd:
dd:3d:c0:6f:e9:3e:0f:2c:be:69:e9:94:25:e6:fb:
af:e9:39:e8:2c:14:4d:ab:16:88:62:2b:00:25:cf:
cb:eb:fe:d6:c5:af:8c:50:53:fb:1f:63:f4:f9:32:
42:1a:51:0f:0f:01:2a:9c:2a:04:a3:e5:33:ec:84:
e8:56:d5:9f:12:1a:0d:f4:bb:91:ae:18:94:9b:32:
8b:cf:b2:f2:bb:41:4d:d9:18:4d:4f:a3:1e:4f:9b:
db:e2:6c:d1:0d:05:8a:10:bb:4b:80:ae:2f:cb:a0:
bf:4f:58:16:76:fb:83:58:9b:fb:a9:37:9d:54:77:
02:f4:a8:59:c1:e7:ef:7e:60:82:16:25:80:77:56:
2d:23:67:92:60:10:ae:cc:e0:ab:e4:2a:e8:20:c8:
56:a7:cc:2d:61:e0:cc:75:45:5f:66:bf:b1:8a:81:
e8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:B7:41:2A:F4:D3:69:1D:73:D4:88:85:E9:97:1E:AE:14:BC:6B
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/bY23QSr002kdc9SIhemXHq4UvGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.123.244.0/22
93.114.180.0/23
103.229.81.0/24
185.219.6.0/24
IPv6:
2a10:e300::/32
Signature Algorithm: sha256WithRSAEncryption
43:3c:c1:1a:59:ba:cf:4c:77:9f:00:9f:08:69:7a:9d:db:31:
b9:6b:1d:aa:75:16:61:5c:ff:a4:be:91:af:55:bc:cf:c0:85:
e9:cf:e6:60:63:31:f5:30:31:07:3f:25:e5:38:df:52:8f:64:
1c:e2:c3:33:94:62:da:61:67:5d:41:c3:26:e9:2b:9d:11:ff:
98:3a:d9:54:3c:41:6e:a6:aa:1e:1e:a9:de:fb:d6:80:81:61:
73:4c:c7:ba:92:b2:a4:62:cf:f2:e9:0c:86:d7:b9:b0:f6:cb:
7f:2b:9e:f3:46:a4:90:bb:cf:46:e4:fa:79:55:04:cf:bd:6f:
9f:64:e3:a9:10:4e:2f:51:00:85:03:68:e2:1e:8b:83:2b:0c:
b7:15:3a:e7:28:5d:bb:de:d3:20:2c:8d:87:ab:3b:ff:6f:ae:
64:cc:2c:d7:69:86:11:eb:02:68:54:95:75:ef:50:73:30:a1:
9c:bc:51:2e:c1:af:86:39:85:28:02:7c:62:96:39:b4:b7:25:
fe:38:d7:62:79:96:e6:72:b4:1f:a3:a9:84:13:7c:6b:56:72:
e6:d2:f3:53:16:b4:fd:54:04:7a:3e:3b:d9:af:0a:78:6b:3a:
4b:c9:7f:f7:c2:b5:5c:29:94:41:af:96:4f:96:2f:b9:df:6c:
a4:4b:7a:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYKHU/IIzusaGkSXL/uKRz47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjIwODEwMTAzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhkYjc0MTJhZjRkMzY5MWQ3M2Q0ODg4NWU5OTcxZWFlMTRiYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FXBPRKn/jDXe9r6iMOzcU6MHem2
e5hYKYNYN4aygxFdhK5DSkLzGPvxc5cdN/IHlcpvn9lt1gjpk1pODh+kRtgv4zf6
BkOkgPnJMmbS28IfPo6QF00UOs3dPcBv6T4PLL5p6ZQl5vuv6TnoLBRNqxaIYisA
Jc/L6/7Wxa+MUFP7H2P0+TJCGlEPDwEqnCoEo+Uz7IToVtWfEhoN9LuRrhiUmzKL
z7Lyu0FN2RhNT6MeT5vb4mzRDQWKELtLgK4vy6C/T1gWdvuDWJv7qTedVHcC9KhZ
wefvfmCCFiWAd1YtI2eSYBCuzOCr5CroIMhWp8wtYeDMdUVfZr+xioHo/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG2Nt0Eq9NNpHXPUiIXplx6uFLxrMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvYlkyM1FTcjAwMmtkYzlTSWhlbVhIcTRVdkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCG3v0AwQB
XXK0AwQAZ+VRAwQAudsGMA0EAgACMAcDBQAqEOMAMA0GCSqGSIb3DQEBCwUAA4IB
AQBDPMEaWbrPTHefAJ8IaXqd2zG5ax2qdRZhXP+kvpGvVbzPwIXpz+ZgYzH1MDEH
PyXlON9Sj2Qc4sMzlGLaYWddQcMm6SudEf+YOtlUPEFupqoeHqne+9aAgWFzTMe6
krKkYs/y6QyG17mw9st/K57zRqSQu89G5Pp5VQTPvW+fZOOpEE4vUQCFA2jiHouD
Kwy3FTrnKF273tMgLI2Hqzv/b65kzCzXaYYR6wJoVJV171BzMKGcvFEuwa+GOYUo
Anxiljm0tyX+ONdieZbmcrQfo6mEE3xrVnLm0vNTFrT9VAR6PjvZrwp4azpLyX/3
wrVcKZRBr5ZPli+532ykS3pv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org