Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/BBJYqKcyVFPiMxKuHgrqtQNHs6U.roa
File: BBJYqKcyVFPiMxKuHgrqtQNHs6U.roa (raw, json)
Hash identifier: s/wGS3fe7l/+mxYzdNLXi2YVXFzykoScg85JDXIrxYc=
Subject key identifier: 04:12:58:A8:A7:32:54:53:E2:33:12:AE:1E:0A:EA:B5:03:47:B3:A5
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 018EE15AFAF51763B2D9D3D6018D8FB54D9D
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/BBJYqKcyVFPiMxKuHgrqtQNHs6U.roa
Signing time: Mon 15 Apr 2024 10:43:39 +0000
ROA not before: Mon 15 Apr 2024 10:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57033
IP address blocks: 31.43.161.0/24 maxlen: 24
31.43.162.0/24 maxlen: 24
193.107.83.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:5a:fa:f5:17:63:b2:d9:d3:d6:01:8d:8f:b5:4d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Apr 15 10:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=041258a8a7325453e23312ae1e0aeab50347b3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:22:1c:e1:e3:cf:9c:72:3d:2e:fd:23:39:
a1:ae:c6:06:15:94:9f:4f:88:71:07:87:c4:b9:e0:
f2:f1:83:9a:aa:6c:1e:b7:22:d6:d2:00:86:33:e2:
dc:57:d4:47:1d:23:1c:55:3e:cc:7c:b5:9e:50:c1:
b5:4f:3b:c7:c5:96:a2:6e:20:67:ef:c2:4f:01:87:
ce:41:2d:3c:7e:fd:97:16:75:2c:e9:88:48:2c:04:
84:5a:b3:98:d7:d8:c5:ad:41:4f:80:3e:80:fb:8e:
23:de:62:34:b7:3e:4b:04:6a:63:a1:da:bc:ab:4c:
29:4e:b7:e0:d1:f5:d1:54:24:58:c3:e8:5b:00:2d:
7f:2c:bd:e7:81:f3:ec:75:1a:e3:f1:e6:cd:e4:72:
3e:fb:e0:f1:6d:3c:5e:54:da:45:07:14:65:10:15:
92:17:e3:4b:7a:e6:7d:12:21:5f:52:05:1c:3d:d8:
d8:07:7f:5e:eb:28:09:0b:82:39:d2:df:87:7f:09:
33:ce:a6:01:5e:1a:f5:19:bf:1c:cb:32:3f:6c:96:
6f:0c:fb:99:52:e3:34:42:6e:1a:78:fd:47:f3:95:
ba:1b:51:74:4f:7f:f8:39:6d:56:86:c1:ff:b4:8c:
40:76:aa:99:18:92:2e:ea:6b:7e:09:ca:8e:2d:79:
42:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:12:58:A8:A7:32:54:53:E2:33:12:AE:1E:0A:EA:B5:03:47:B3:A5
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/BBJYqKcyVFPiMxKuHgrqtQNHs6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.161.0-31.43.162.255
193.107.83.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:12:f4:b3:0e:ba:25:34:ba:31:84:3c:56:e9:4e:d9:a2:5c:
cd:8a:2d:e6:b2:0b:3e:bd:8c:03:a9:d6:56:1c:45:f9:33:38:
2c:57:57:4c:49:0e:24:1b:24:35:67:68:d1:fd:21:e8:17:88:
5e:48:79:33:69:b6:74:7e:1b:52:bd:0a:56:71:c4:d0:2a:fd:
07:43:c7:d3:f0:03:29:19:db:70:10:81:2f:45:11:2e:57:7d:
f7:87:7b:db:b6:e6:85:70:64:a2:fd:6f:d9:68:71:c1:62:26:
e3:ef:29:81:17:18:aa:79:36:e0:83:b5:16:bc:f0:b3:9a:b2:
e7:03:cb:8e:e9:20:15:ea:1d:52:2f:c1:01:0f:28:7f:3b:d6:
25:65:12:44:8e:53:19:db:ab:ae:d0:d4:bd:cf:f5:96:93:98:
bf:c0:2b:46:aa:bb:c4:7b:33:9e:86:a8:85:da:20:b3:ac:48:
2e:b8:94:10:c7:ce:e9:7d:d3:33:b7:a4:71:da:26:5a:42:31:
40:83:4b:5c:d2:4d:2c:ca:cd:35:15:bc:11:db:ca:39:2d:89:
68:a9:be:26:a4:91:5a:da:91:a6:a2:a7:af:22:3e:64:1b:37:
c2:3e:a3:0b:30:b1:f3:ae:b9:b2:39:33:a2:64:94:80:8e:6e:
de:6a:5b:4a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY7hWvr1F2Oy2dPWAY2PtU2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgyYTE1YzFhNWQxNTRiYmRhODcyYjM1NzYwN2E5MWY5
NTBhYTUwHhcNMjQwNDE1MTA0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDEyNThhOGE3MzI1NDUzZTIzMzEyYWUxZTBhZWFiNTAzNDdiM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA0iHOHjz5xyPS79IzmhrsYGFZSf
T4hxB4fEueDy8YOaqmwetyLW0gCGM+LcV9RHHSMcVT7MfLWeUMG1TzvHxZaibiBn
78JPAYfOQS08fv2XFnUs6YhILASEWrOY19jFrUFPgD6A+44j3mI0tz5LBGpjodq8
q0wpTrfg0fXRVCRYw+hbAC1/LL3ngfPsdRrj8ebN5HI+++DxbTxeVNpFBxRlEBWS
F+NLeuZ9EiFfUgUcPdjYB39e6ygJC4I50t+HfwkzzqYBXhr1Gb8cyzI/bJZvDPuZ
UuM0Qm4aeP1H85W6G1F0T3/4OW1WhsH/tIxAdqqZGJIu6mt+CcqOLXlCfQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAQSWKinMlRT4jMSrh4K6rUDR7OlMB8GA1UdIwQY
MBaAFA4oKhXBpdFUu9qHKzV2B6kflQqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYt
Nzg3NDFhYzkzYjMwLzEvQkJKWXFLY3lWRlBpTXhLdUhncnF0UU5IczZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYtNzg3NDFhYzkzYjMw
LzEvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfK6ED
BAAfK6IDBADBa1MwDQYJKoZIhvcNAQELBQADggEBANgS9LMOuiU0ujGEPFbpTtmi
XM2KLeayCz69jAOp1lYcRfkzOCxXV0xJDiQbJDVnaNH9IegXiF5IeTNptnR+G1K9
ClZxxNAq/QdDx9PwAykZ23AQgS9FES5XffeHe9u25oVwZKL9b9loccFiJuPvKYEX
GKp5NuCDtRa88LOasucDy47pIBXqHVIvwQEPKH871iVlEkSOUxnbq67Q1L3P9ZaT
mL/AK0aqu8R7M56GqIXaILOsSC64lBDHzul90zO3pHHaJlpCMUCDS1zSTSzKzTUV
vBHbyjktiWipviakkVrakaaip68iPmQbN8I+owswsfOuubI5M6JklICObt5qW0o=
-----END CERTIFICATE-----
Generated at Thu Jul 25 17:10:08 2024 by rpki-client on console-fra.rpki-client.org