Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/8P25hAKTWIbDHuh1BPJPEXp4Dmw.roa
File: 8P25hAKTWIbDHuh1BPJPEXp4Dmw.roa (raw, json)
Hash identifier: Wsn7tXg03zDL+M0HnXFRP+eBVbmtF3WEVTqM2LHHrXs=
Subject key identifier: F0:FD:B9:84:02:93:58:86:C3:1E:E8:75:04:F2:4F:11:7A:78:0E:6C
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 018CF7D1394E02F2613EDA45EDFD80D8165A
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/8P25hAKTWIbDHuh1BPJPEXp4Dmw.roa
Signing time: Thu 11 Jan 2024 09:18:53 +0000
ROA not before: Thu 11 Jan 2024 09:18:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57033
IP address blocks: 31.43.163.0/24 maxlen: 24
31.43.160.0/22 maxlen: 22
31.43.161.0/24 maxlen: 24
31.43.162.0/24 maxlen: 24
193.107.83.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:d1:39:4e:02:f2:61:3e:da:45:ed:fd:80:d8:16:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Jan 11 09:18:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0fdb98402935886c31ee87504f24f117a780e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:a1:a5:9d:a6:da:32:4f:b9:a7:e0:36:5d:
a4:e2:a9:4e:95:30:26:00:b1:c0:0a:94:d2:2d:ff:
8e:2f:9c:cf:c3:b7:ed:ae:a1:f1:ee:40:71:08:fa:
bc:91:08:ea:36:c4:4d:8a:8e:7b:d3:41:4e:cf:dd:
2f:eb:f8:c9:50:c5:c7:e9:42:eb:c4:a2:83:f4:14:
4b:39:46:50:e4:31:df:b8:2e:a0:08:d2:fb:58:77:
db:e1:30:8f:58:09:ba:a7:93:79:97:29:af:43:f8:
5e:9f:12:cb:27:77:0d:e2:35:c8:8e:8b:b2:1c:cc:
3e:27:06:5e:13:24:50:07:b6:b8:ab:12:c0:a8:57:
54:e7:2d:c4:b5:d5:36:41:f7:5f:cd:11:b3:10:cb:
b3:09:ee:ae:7f:8d:c3:57:d6:cd:3c:14:42:d8:85:
80:56:d6:99:43:a8:a8:c4:95:54:8a:47:fb:89:c2:
4d:e6:d4:90:49:8e:ca:01:b9:15:62:0b:ba:57:4a:
20:fc:4c:79:2a:ae:ed:53:bc:ce:83:58:84:77:0d:
47:17:55:bd:5b:63:88:ff:70:d3:24:ed:87:3c:1b:
28:3f:ea:ba:29:f0:b0:72:6b:45:8c:9d:84:1c:2f:
db:f5:89:0f:c2:f1:21:82:49:63:3e:58:f9:09:79:
ff:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FD:B9:84:02:93:58:86:C3:1E:E8:75:04:F2:4F:11:7A:78:0E:6C
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/8P25hAKTWIbDHuh1BPJPEXp4Dmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.160.0/22
193.107.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7b:b0:7d:fb:b5:8b:3c:7b:51:24:8f:ef:f3:76:8d:2d:90:
bb:76:3b:33:51:93:8c:8a:1d:02:95:ca:89:7b:4c:98:02:7b:
ee:fe:e4:a6:d2:24:11:3c:13:db:f5:ca:fa:ec:cd:d6:57:c3:
f7:10:a9:10:4c:a6:a0:a5:d0:40:90:c2:4b:1d:f7:b0:05:8d:
4e:fe:03:2a:d8:b4:6f:19:ba:93:97:45:b3:99:60:97:02:26:
58:5a:03:46:70:a2:4a:51:a7:12:9a:fc:42:84:9f:2d:f5:91:
0b:a3:4c:be:87:e5:eb:ac:73:60:cb:ac:c7:b0:60:e9:cd:a1:
a3:50:6b:88:26:61:75:19:c5:c1:f3:65:a6:d5:1f:bb:1d:74:
02:27:7d:51:ef:7c:07:34:5b:b0:2b:19:68:3c:f1:c8:32:d7:
ae:01:b3:a3:1f:40:ec:5e:95:07:62:b2:54:f5:9f:3c:9b:e2:
e3:7a:4e:30:26:f6:72:28:86:3f:5e:59:cc:fb:22:e3:4b:b0:
d2:de:cd:8d:34:38:35:fc:45:bc:62:22:d4:d5:d8:85:97:7c:
84:f0:e7:96:27:6e:9a:c9:4d:26:57:89:5d:1f:8e:60:b5:01:
26:6e:34:14:69:60:d6:07:47:ae:e5:c5:44:9e:26:65:ff:fe:
05:3b:56:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz30TlOAvJhPtpF7f2A2BZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgyYTE1YzFhNWQxNTRiYmRhODcyYjM1NzYwN2E5MWY5
NTBhYTUwHhcNMjQwMTExMDkxODUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZkYjk4NDAyOTM1ODg2YzMxZWU4NzUwNGYyNGYxMTdhNzgwZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVGhpZ2m2jJPuafgNl2k4qlOlTAm
ALHACpTSLf+OL5zPw7ftrqHx7kBxCPq8kQjqNsRNio5700FOz90v6/jJUMXH6ULr
xKKD9BRLOUZQ5DHfuC6gCNL7WHfb4TCPWAm6p5N5lymvQ/henxLLJ3cN4jXIjouy
HMw+JwZeEyRQB7a4qxLAqFdU5y3EtdU2QfdfzRGzEMuzCe6uf43DV9bNPBRC2IWA
VtaZQ6ioxJVUikf7icJN5tSQSY7KAbkVYgu6V0og/Ex5Kq7tU7zOg1iEdw1HF1W9
W2OI/3DTJO2HPBsoP+q6KfCwcmtFjJ2EHC/b9YkPwvEhgkljPlj5CXn/vwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPD9uYQCk1iGwx7odQTyTxF6eA5sMB8GA1UdIwQY
MBaAFA4oKhXBpdFUu9qHKzV2B6kflQqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYt
Nzg3NDFhYzkzYjMwLzEvOFAyNWhBS1RXSWJESHVoMUJQSlBFWHA0RG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYtNzg3NDFhYzkzYjMw
LzEvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyugAwQA
wWtTMA0GCSqGSIb3DQEBCwUAA4IBAQC2e7B9+7WLPHtRJI/v83aNLZC7djszUZOM
ih0ClcqJe0yYAnvu/uSm0iQRPBPb9cr67M3WV8P3EKkQTKagpdBAkMJLHfewBY1O
/gMq2LRvGbqTl0WzmWCXAiZYWgNGcKJKUacSmvxChJ8t9ZELo0y+h+XrrHNgy6zH
sGDpzaGjUGuIJmF1GcXB82Wm1R+7HXQCJ31R73wHNFuwKxloPPHIMteuAbOjH0Ds
XpUHYrJU9Z88m+Ljek4wJvZyKIY/XlnM+yLjS7DS3s2NNDg1/EW8YiLU1diFl3yE
8OeWJ26ayU0mV4ldH45gtQEmbjQUaWDWB0eu5cVEniZl//4FO1Y9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:56 2025 by rpki-client