Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/A3aCppOcXq5axOIq4UKC3gw798s.roa
File: A3aCppOcXq5axOIq4UKC3gw798s.roa (raw, json)
Hash identifier: ExrPWn+VT2Y5kbEf327YKo6qIG+AkSvPgKELCIp7PEs=
Subject key identifier: 03:76:82:A6:93:9C:5E:AE:5A:C4:E2:2A:E1:42:82:DE:0C:3B:F7:CB
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018E3243C4A09E7C432812D27E2AAF6FBDD9
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/A3aCppOcXq5axOIq4UKC3gw798s.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.222.244.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
91.210.71.0/24 maxlen: 24
109.205.62.0/24 maxlen: 24
193.228.131.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c4:a0:9e:7c:43:28:12:d2:7e:2a:af:6f:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=037682a6939c5eae5ac4e22ae14282de0c3bf7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:99:95:ee:46:c9:45:d7:85:43:06:33:c3:9e:
00:28:76:d7:9a:13:cd:95:b9:ed:70:ab:72:88:9f:
3a:e8:f2:3f:72:87:b6:ef:6e:86:40:69:f5:4a:44:
96:86:91:df:45:3a:b2:d6:e7:0f:97:d4:a0:1e:06:
8b:de:01:36:62:27:da:f8:a9:01:52:57:42:5f:16:
0a:51:bf:ef:f8:21:7c:56:89:e1:af:a9:fd:de:3c:
b4:66:aa:04:e2:92:86:52:39:bf:09:e0:64:a7:a3:
2b:d4:8f:f9:e4:6a:b4:6c:5e:6d:c3:30:21:e0:b1:
70:27:1c:72:f0:d5:94:c1:ec:cd:79:28:82:c4:e5:
62:2f:2e:c1:47:83:e4:00:a6:51:87:9c:21:1e:52:
a9:0e:02:7b:f3:8d:18:3f:3e:46:91:61:d9:b4:91:
aa:49:54:3b:45:3f:74:78:78:7f:a8:28:8c:7c:98:
37:1b:41:a2:cf:62:00:fa:21:6d:60:ce:f2:5c:e5:
b6:eb:5a:b5:f3:ca:74:c5:10:67:84:7c:3d:4d:42:
e6:ab:c2:81:fa:41:88:84:6f:30:4e:93:8d:dc:e5:
b6:81:57:48:4b:a1:08:5e:02:4a:63:66:15:32:1d:
13:16:47:e6:30:67:57:88:37:62:23:6c:82:49:dc:
95:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:76:82:A6:93:9C:5E:AE:5A:C4:E2:2A:E1:42:82:DE:0C:3B:F7:CB
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/A3aCppOcXq5axOIq4UKC3gw798s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.244.0/24
88.151.11.0/24
91.210.71.0/24
109.205.62.0/24
193.228.131.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a2:0e:7a:b6:82:1c:83:df:31:39:64:d0:d7:be:06:f7:85:
23:11:f1:3c:39:f3:85:0f:82:f6:96:ef:11:58:e0:24:4a:9b:
2e:4c:0d:23:b0:0a:44:d3:0f:5e:d0:ec:84:ef:f7:82:2d:b4:
55:7f:71:dd:0b:ad:1a:5f:3f:e6:4d:7a:79:b0:27:06:bb:18:
cd:a4:0e:84:66:ba:26:f3:0c:37:54:fd:5b:c9:0e:4b:b3:4a:
51:f1:cc:66:70:6a:a6:7a:07:47:30:d9:e7:62:14:3a:f1:58:
ed:3e:17:a2:cd:df:3a:d8:ed:61:73:5f:0f:07:4d:c6:ad:60:
83:72:20:c0:28:b6:20:78:92:d8:67:f5:05:3b:00:5f:fa:06:
6a:d1:ad:73:a3:06:82:51:95:bc:2c:df:07:79:60:09:55:9f:
6f:a8:c6:f8:96:06:5a:44:3d:b4:41:f7:e1:87:e1:5a:91:e3:
4b:bd:c6:06:34:50:14:6e:83:d0:fc:31:43:b7:49:ec:19:69:
e2:b3:60:74:07:2b:21:b0:b2:c2:f4:65:5e:83:fd:9f:5a:a8:
33:68:b8:18:2b:76:24:bb:55:a3:4e:60:9a:0b:9f:16:ce:b3:
d2:b9:0f:f3:8f:84:ff:2f:9f:6c:23:94:6d:9a:c6:66:20:82:
6c:8a:5a:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4yQ8SgnnxDKBLSfiqvb73ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc2ODJhNjkzOWM1ZWFlNWFjNGUyMmFlMTQyODJkZTBjM2JmN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5mV7kbJRdeFQwYzw54AKHbXmhPN
lbntcKtyiJ866PI/coe2726GQGn1SkSWhpHfRTqy1ucPl9SgHgaL3gE2Yifa+KkB
UldCXxYKUb/v+CF8Vonhr6n93jy0ZqoE4pKGUjm/CeBkp6Mr1I/55Gq0bF5twzAh
4LFwJxxy8NWUwezNeSiCxOViLy7BR4PkAKZRh5whHlKpDgJ7840YPz5GkWHZtJGq
SVQ7RT90eHh/qCiMfJg3G0Giz2IA+iFtYM7yXOW261q188p0xRBnhHw9TULmq8KB
+kGIhG8wTpON3OW2gVdIS6EIXgJKY2YVMh0TFkfmMGdXiDdiI2yCSdyVvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAN2gqaTnF6uWsTiKuFCgt4MO/fLMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvQTNhQ3BwT2NYcTVheE9JcTRVS0MzZ3c3OThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH970AwQA
WJcLAwQAW9JHAwQAbc0+AwQAweSDMA0GCSqGSIb3DQEBCwUAA4IBAQB9og56toIc
g98xOWTQ174G94UjEfE8OfOFD4L2lu8RWOAkSpsuTA0jsApE0w9e0OyE7/eCLbRV
f3HdC60aXz/mTXp5sCcGuxjNpA6EZrom8ww3VP1byQ5Ls0pR8cxmcGqmegdHMNnn
YhQ68VjtPheizd862O1hc18PB03GrWCDciDAKLYgeJLYZ/UFOwBf+gZq0a1zowaC
UZW8LN8HeWAJVZ9vqMb4lgZaRD20Qffhh+FakeNLvcYGNFAUboPQ/DFDt0nsGWni
s2B0ByshsLLC9GVeg/2fWqgzaLgYK3Yku1WjTmCaC58WzrPSuQ/zj4T/L59sI5Rt
msZmIIJsilpO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:18 2024 by rpki-client on console-ams.rpki-client.org