Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/ya8Go4GHLCA6ewBqfNRwnYNRk64.roa
File: ya8Go4GHLCA6ewBqfNRwnYNRk64.roa (raw, json)
Hash identifier: dtnpSuRg1/a1hCCIlnboqLMUZ9CqWSyKbe7vt7eaYWg=
Subject key identifier: C9:AF:06:A3:81:87:2C:20:3A:7B:00:6A:7C:D4:70:9D:83:51:93:AE
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 04816B4C
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/ya8Go4GHLCA6ewBqfNRwnYNRk64.roa
Signing time: Mon 28 Mar 2022 14:13:13 +0000
ROA not before: Mon 28 Mar 2022 14:13:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 103.243.124.0/22 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75590476 (0x4816b4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Mar 28 14:13:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9af06a381872c203a7b006a7cd4709d835193ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:e4:cc:ed:0c:ff:e4:a3:56:a4:9a:7d:2a:c0:
73:9d:7f:c2:c3:79:fa:dd:05:25:c6:c2:4d:85:25:
f4:82:5a:76:5f:b8:1c:8c:70:0d:bd:83:ae:ff:9e:
33:c9:4f:e3:76:04:d3:4c:f4:48:25:9e:3e:b7:66:
73:a3:6e:79:b4:b8:49:56:05:41:6f:c1:ab:1a:8c:
fe:17:e2:d1:34:b4:7f:30:bd:10:c4:71:e4:42:79:
9c:cd:f6:9a:83:79:d1:e3:a0:d6:65:c2:a0:6c:81:
24:a2:85:d4:f4:b0:ca:7e:6a:60:47:12:51:cd:b2:
a8:88:e2:f6:be:5f:e5:5b:b4:83:2e:61:f9:55:54:
33:d2:9d:d7:a6:11:66:5a:3a:9c:e7:21:4f:7b:90:
d4:3b:69:62:48:da:a6:2a:b9:95:d5:c2:52:ce:6d:
fe:16:45:01:44:71:65:df:0f:7c:65:1a:eb:64:33:
54:0b:cd:a9:74:aa:f2:61:a4:fa:50:29:15:10:d3:
98:02:2e:00:07:ec:52:7f:5d:01:9b:89:a5:a2:5e:
44:d5:05:de:12:5c:bd:fc:fd:ad:fb:48:5d:c4:45:
13:07:73:87:00:9a:32:df:c9:87:64:35:fd:aa:15:
2c:1d:04:ff:6c:87:80:42:85:a8:92:d1:ff:0c:02:
42:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AF:06:A3:81:87:2C:20:3A:7B:00:6A:7C:D4:70:9D:83:51:93:AE
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/ya8Go4GHLCA6ewBqfNRwnYNRk64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.243.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:51:7e:2c:bf:3e:8a:bb:9d:16:c7:ec:b9:9e:7c:a5:c3:2c:
ee:6b:dd:1b:93:e1:6f:91:38:c6:2a:77:80:e5:b5:3d:46:04:
c6:73:68:0d:b1:8d:ee:25:90:80:98:6e:78:94:da:81:c4:af:
15:ce:e1:79:5d:04:8e:69:af:37:72:e4:ae:4a:81:83:28:f0:
ab:fe:3c:3c:24:0e:8b:5a:ab:55:d1:a7:71:2c:ff:0f:5b:14:
25:4e:6f:71:a5:0e:c2:2f:c7:15:49:6d:f6:2b:72:cf:8d:5c:
79:e7:71:d2:a6:6c:33:c1:68:c8:f9:89:bc:59:37:83:98:d4:
29:d9:b9:53:b6:64:e9:f3:df:0d:14:91:85:be:cd:9a:23:1b:
84:40:9e:aa:fa:60:51:1d:24:60:23:ae:27:8e:ec:dc:e5:6f:
e4:a5:e5:b1:68:48:92:7d:7b:da:7a:6b:33:f2:90:e8:1d:5f:
c2:5f:bc:97:b1:69:69:4b:45:86:1d:97:b6:7b:9f:c1:cc:a4:
09:e7:29:68:68:f0:36:81:1e:d8:2f:d1:f2:d8:97:e2:fa:e2:
93:4a:07:ee:b7:dd:16:dd:e5:c4:90:a5:a8:0b:b4:a8:c8:04:
89:ef:91:a0:12:11:86:20:3d:f6:90:7a:0d:50:33:1b:7b:cb:
a1:ec:5f:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIFrTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjkyYjVkYTRiNGZmZWFmNzIwNjQ5NTE4ZmJhYWExMGM1Y2IyODExMB4XDTIyMDMy
ODE0MTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlhZjA2YTM4MTg3
MmMyMDNhN2IwMDZhN2NkNDcwOWQ4MzUxOTNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPfkzO0M/+SjVqSafSrAc51/wsN5+t0FJcbCTYUl9IJadl+4
HIxwDb2Drv+eM8lP43YE00z0SCWePrdmc6NuebS4SVYFQW/BqxqM/hfi0TS0fzC9
EMRx5EJ5nM32moN50eOg1mXCoGyBJKKF1PSwyn5qYEcSUc2yqIji9r5f5Vu0gy5h
+VVUM9Kd16YRZlo6nOchT3uQ1DtpYkjapiq5ldXCUs5t/hZFAURxZd8PfGUa62Qz
VAvNqXSq8mGk+lApFRDTmAIuAAfsUn9dAZuJpaJeRNUF3hJcvfz9rftIXcRFEwdz
hwCaMt/Jh2Q1/aoVLB0E/2yHgEKFqJLR/wwCQgcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTJrwajgYcsIDp7AGp81HCdg1GTrjAfBgNVHSMEGDAWgBRCkrXaS0/+r3IG
SVGPuqoQxcsoETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FwSzEya3RQX3E5eUJrbFJqN3FxRU1YTEtCRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNDUyMmZiLWMxZGEtNGNjYy1hN2M3LWEwNDNlMWI2N2I5NC8x
L3lhOEdvNEdITENBNmV3QnFmTlJ3bllOUms2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NDUyMmZiLWMxZGEtNGNjYy1hN2M3LWEwNDNlMWI2N2I5NC8xL1FwSzEya3RQX3E5
eUJrbFJqN3FxRU1YTEtCRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmfzfDANBgkqhkiG9w0BAQsFAAOC
AQEAPVF+LL8+irudFsfsuZ58pcMs7mvdG5Phb5E4xip3gOW1PUYExnNoDbGN7iWQ
gJhueJTagcSvFc7heV0EjmmvN3LkrkqBgyjwq/48PCQOi1qrVdGncSz/D1sUJU5v
caUOwi/HFUlt9ityz41ceedx0qZsM8FoyPmJvFk3g5jUKdm5U7Zk6fPfDRSRhb7N
miMbhECeqvpgUR0kYCOuJ47s3OVv5KXlsWhIkn172nprM/KQ6B1fwl+8l7FpaUtF
hh2XtnufwcykCecpaGjwNoEe2C/R8tiX4vrik0oH7rfdFt3lxJClqAu0qMgEie+R
oBIRhiA99pB6DVAzG3vLoexfow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org