Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/9yhJ_mGh2jRyEZy4NeEj07P7P6U.roa
File: 9yhJ_mGh2jRyEZy4NeEj07P7P6U.roa (raw, json)
Hash identifier: T13Mu99GweaeI2j+unnEDYJdlpQVPataV6QvYo3MDPM=
Subject key identifier: F7:28:49:FE:61:A1:DA:34:72:11:9C:B8:35:E1:23:D3:B3:FB:3F:A5
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 018A75847FF1C1060A48E47BB072B406242B
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/9yhJ_mGh2jRyEZy4NeEj07P7P6U.roa
Signing time: Fri 08 Sep 2023 15:58:52 +0000
ROA not before: Fri 08 Sep 2023 15:58:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57033
IP address blocks: 31.43.163.0/24 maxlen: 24
31.43.160.0/22 maxlen: 22
31.43.161.0/24 maxlen: 24
31.43.162.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:84:7f:f1:c1:06:0a:48:e4:7b:b0:72:b4:06:24:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Sep 8 15:58:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72849fe61a1da3472119cb835e123d3b3fb3fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:71:54:0f:53:04:e1:14:69:cc:38:d3:dd:
e9:3f:71:04:50:ac:f7:3a:1d:a8:5c:b1:c6:3f:9c:
66:83:60:ea:6d:f3:53:c7:ff:91:22:d5:86:27:a2:
12:7a:f7:05:ac:5e:c7:81:71:b2:4e:5d:ed:28:f1:
d2:ed:8b:ed:95:44:6d:b5:11:f4:b8:e8:6c:ca:81:
1d:6a:b9:7f:09:58:d2:74:f3:d8:82:78:53:b0:f2:
8f:4c:e4:2b:e0:d3:0e:a8:32:5a:de:bf:ec:94:37:
dc:03:73:a2:29:f7:8a:34:9b:5c:99:bf:b5:6d:c4:
31:b4:6b:9f:37:71:88:15:c5:e8:db:7a:db:63:ef:
16:74:48:df:8e:21:2c:42:21:90:cb:3c:70:87:b0:
65:69:70:90:3e:40:d5:b1:32:e5:c7:37:d4:bf:c1:
30:9d:4e:28:0b:e7:26:3b:b8:79:70:11:07:28:d4:
7f:e4:51:4f:1d:bf:f8:24:b3:81:0a:9c:3d:0b:3e:
41:ba:93:f9:b8:f9:93:65:a3:dd:67:a9:d2:31:45:
03:9f:be:59:e2:b8:e9:ee:a2:de:30:96:28:4a:af:
71:d2:e7:57:6a:81:87:4e:4e:7e:c2:28:ec:7f:c3:
c6:d5:9c:e5:bf:e7:b3:f5:60:56:7f:19:61:f7:58:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:28:49:FE:61:A1:DA:34:72:11:9C:B8:35:E1:23:D3:B3:FB:3F:A5
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/9yhJ_mGh2jRyEZy4NeEj07P7P6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.160.0/22
193.107.80.0/24
Signature Algorithm: sha256WithRSAEncryption
52:86:fb:8f:ae:93:c8:83:3c:55:d3:51:63:86:f7:91:1e:36:
43:4e:57:39:26:2d:9a:cb:df:50:99:ab:af:4f:fc:c1:b1:c3:
01:e6:ea:e6:ee:86:51:47:57:e1:a1:b2:c0:56:6f:ef:0f:dc:
5d:6c:12:6a:12:4a:56:42:c7:06:33:b4:b8:df:52:1e:c1:eb:
a2:89:6b:8b:f5:45:27:b0:e8:7f:09:5c:a1:16:96:05:70:e3:
05:ef:94:2c:6d:00:d4:8d:25:ff:13:12:ec:9d:23:5c:65:d9:
18:f4:18:29:af:51:27:92:f6:75:36:09:72:9f:55:ef:b8:1c:
bd:ea:29:b3:e1:86:76:bb:74:9c:d5:de:f8:bc:17:f1:ca:37:
86:cf:cc:64:dc:3f:5a:6a:69:a0:64:6d:fc:72:7c:dc:ec:27:
e3:4e:38:be:98:e7:9d:bf:c5:5c:30:19:18:13:d5:00:63:8e:
be:63:c9:a5:0f:14:8f:e9:65:3d:76:e9:81:fd:ed:b7:97:41:
0d:33:5c:62:4f:e0:3d:1e:4b:57:8e:42:5e:1f:c9:83:3f:63:
1e:0a:7b:63:ec:0b:13:e7:66:ab:57:52:b3:00:0a:8e:ed:61:
b9:a5:ae:5d:e9:1c:63:71:64:54:8e:e1:66:67:64:9f:43:38:
c0:a1:55:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYp1hH/xwQYKSOR7sHK0BiQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgyYTE1YzFhNWQxNTRiYmRhODcyYjM1NzYwN2E5MWY5
NTBhYTUwHhcNMjMwOTA4MTU1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI4NDlmZTYxYTFkYTM0NzIxMTljYjgzNWUxMjNkM2IzZmIzZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszFxVA9TBOEUacw4093pP3EEUKz3
Oh2oXLHGP5xmg2DqbfNTx/+RItWGJ6ISevcFrF7HgXGyTl3tKPHS7YvtlURttRH0
uOhsyoEdarl/CVjSdPPYgnhTsPKPTOQr4NMOqDJa3r/slDfcA3OiKfeKNJtcmb+1
bcQxtGufN3GIFcXo23rbY+8WdEjfjiEsQiGQyzxwh7BlaXCQPkDVsTLlxzfUv8Ew
nU4oC+cmO7h5cBEHKNR/5FFPHb/4JLOBCpw9Cz5BupP5uPmTZaPdZ6nSMUUDn75Z
4rjp7qLeMJYoSq9x0udXaoGHTk5+wijsf8PG1Zzlv+ez9WBWfxlh91gsrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPcoSf5hodo0chGcuDXhI9Oz+z+lMB8GA1UdIwQY
MBaAFA4oKhXBpdFUu9qHKzV2B6kflQqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYt
Nzg3NDFhYzkzYjMwLzEvOXloSl9tR2gyalJ5RVp5NE5lRWowN1A3UDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYtNzg3NDFhYzkzYjMw
LzEvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyugAwQA
wWtQMA0GCSqGSIb3DQEBCwUAA4IBAQBShvuPrpPIgzxV01FjhveRHjZDTlc5Ji2a
y99QmauvT/zBscMB5urm7oZRR1fhobLAVm/vD9xdbBJqEkpWQscGM7S431Ieweui
iWuL9UUnsOh/CVyhFpYFcOMF75QsbQDUjSX/ExLsnSNcZdkY9Bgpr1EnkvZ1Ngly
n1XvuBy96imz4YZ2u3Sc1d74vBfxyjeGz8xk3D9aammgZG38cnzc7CfjTji+mOed
v8VcMBkYE9UAY46+Y8mlDxSP6WU9dumB/e23l0ENM1xiT+A9HktXjkJeH8mDP2Me
Cntj7AsT52arV1KzAAqO7WG5pa5d6RxjcWRUjuFmZ2SfQzjAoVVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org