Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/X-uwpSW9NRbHYwN3jAqKfZPh3LU.roa
File: X-uwpSW9NRbHYwN3jAqKfZPh3LU.roa (raw, json)
Hash identifier: ba5vM5aeeAvxv/7xZts/8F9Yf9kULXypYK4SitVVqh0=
Subject key identifier: 5F:EB:B0:A5:25:BD:35:16:C7:63:03:77:8C:0A:8A:7D:93:E1:DC:B5
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 01856E267C8B26CCB7D9E7CB13AED019EF20
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/X-uwpSW9NRbHYwN3jAqKfZPh3LU.roa
Signing time: Sun 01 Jan 2023 16:24:53 +0000
ROA not before: Sun 01 Jan 2023 16:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57033
IP address blocks: 31.43.163.0/24 maxlen: 24
31.43.160.0/22 maxlen: 22
31.43.161.0/24 maxlen: 24
31.43.162.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
193.107.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:7c:8b:26:cc:b7:d9:e7:cb:13:ae:d0:19:ef:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Jan 1 16:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5febb0a525bd3516c76303778c0a8a7d93e1dcb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:45:45:16:9d:6f:39:43:8b:de:5b:b1:b0:
06:c2:b6:8e:da:2e:03:cd:b0:07:15:8f:fb:d8:3f:
40:42:28:56:97:a9:d9:99:4c:55:ff:47:87:e6:73:
b2:05:9d:22:15:74:42:ed:06:bf:0e:a3:04:da:18:
9b:71:59:ea:95:0f:db:bf:55:56:32:b1:30:d9:15:
98:4c:78:15:2a:f9:17:ee:94:84:55:b3:f2:93:43:
70:a5:07:53:36:c9:e8:dc:5d:6c:b7:9c:59:9e:39:
99:4d:8a:8e:c0:98:6b:68:1a:c7:57:c1:e9:db:4a:
8d:a1:cf:3e:9c:dc:3d:fa:14:40:04:d0:cc:b5:f7:
5a:21:b3:49:fc:ba:8b:b1:5d:43:57:43:b7:4e:ed:
c3:58:0b:e3:82:01:18:cc:81:fc:9c:4f:90:06:c2:
a6:8b:33:f1:12:5e:c2:b3:3a:1b:60:8e:9f:53:92:
26:8b:76:be:77:00:88:da:2f:ee:91:27:2e:f7:c9:
a9:c4:c8:e2:f4:38:58:1f:23:8c:83:e3:fb:f0:dc:
40:a5:d6:d9:a9:90:fa:cd:a1:f9:66:24:67:2f:c8:
06:f0:76:04:43:b9:b4:84:a1:3b:45:2b:86:52:01:
19:9a:f4:ce:51:cc:d0:93:76:85:9e:2e:b5:65:d1:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:EB:B0:A5:25:BD:35:16:C7:63:03:77:8C:0A:8A:7D:93:E1:DC:B5
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/X-uwpSW9NRbHYwN3jAqKfZPh3LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.160.0/22
193.107.80.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:3c:7d:f4:73:8e:04:37:95:df:20:da:8a:84:3a:28:28:04:
45:71:06:1a:77:cc:03:38:95:1c:62:10:4f:32:c3:b4:82:1f:
15:69:31:07:8b:80:f1:d0:a9:5f:b9:c3:0f:4c:4d:4d:d7:a6:
f0:12:6b:af:26:63:e5:1c:17:11:5b:7c:6e:2d:5b:37:2c:da:
b5:63:81:36:ea:eb:68:72:39:4a:d0:55:f5:ec:89:a2:46:f2:
11:16:08:bd:a4:1d:80:b5:7b:b7:98:88:c1:7c:ae:54:08:a4:
e9:da:e4:d7:f4:a0:22:e1:10:01:5e:b2:3f:a9:1b:8b:ca:71:
3a:f7:39:c5:c2:a7:76:51:0d:b6:08:7b:95:e7:3d:7a:d0:1e:
f8:72:d5:86:e6:90:46:51:df:94:4d:be:1c:17:9d:fc:58:0a:
e3:40:25:f9:f3:4b:ab:80:ab:0a:60:72:43:bb:69:82:be:85:
ae:b4:64:2d:36:78:d2:ac:e1:73:04:56:6f:9c:60:46:a8:f8:
60:14:a8:8a:33:43:6b:4b:84:eb:37:96:f5:29:f9:b3:76:39:
69:52:6a:7d:e5:eb:2a:26:2b:8b:01:37:0c:90:48:fb:fa:77:
55:15:c9:df:66:22:c0:a1:43:0d:8d:bb:5b:c0:f8:2d:43:bb:
8a:1b:34:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuJnyLJsy32efLE67QGe8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjgyYTE1YzFhNWQxNTRiYmRhODcyYjM1NzYwN2E5MWY5
NTBhYTUwHhcNMjMwMTAxMTYyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmViYjBhNTI1YmQzNTE2Yzc2MzAzNzc4YzBhOGE3ZDkzZTFkY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUtFRRadbzlDi95bsbAGwraO2i4D
zbAHFY/72D9AQihWl6nZmUxV/0eH5nOyBZ0iFXRC7Qa/DqME2hibcVnqlQ/bv1VW
MrEw2RWYTHgVKvkX7pSEVbPyk0NwpQdTNsno3F1st5xZnjmZTYqOwJhraBrHV8Hp
20qNoc8+nNw9+hRABNDMtfdaIbNJ/LqLsV1DV0O3Tu3DWAvjggEYzIH8nE+QBsKm
izPxEl7CszobYI6fU5Imi3a+dwCI2i/ukScu98mpxMji9DhYHyOMg+P78NxApdbZ
qZD6zaH5ZiRnL8gG8HYEQ7m0hKE7RSuGUgEZmvTOUczQk3aFni61ZdEYYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/rsKUlvTUWx2MDd4wKin2T4dy1MB8GA1UdIwQY
MBaAFA4oKhXBpdFUu9qHKzV2B6kflQqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYt
Nzg3NDFhYzkzYjMwLzEvWC11d3BTVzlOUmJIWXdOM2pBcUtmWlBoM0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYWYxYWUtZDVlYi00Y2E0LThhYWYtNzg3NDFhYzkzYjMw
LzEvRGlncUZjR2wwVlM3Mm9jck5YWUhxUi1WQ3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyugAwQB
wWtQMA0GCSqGSIb3DQEBCwUAA4IBAQA/PH30c44EN5XfINqKhDooKARFcQYad8wD
OJUcYhBPMsO0gh8VaTEHi4Dx0KlfucMPTE1N16bwEmuvJmPlHBcRW3xuLVs3LNq1
Y4E26utocjlK0FX17ImiRvIRFgi9pB2AtXu3mIjBfK5UCKTp2uTX9KAi4RABXrI/
qRuLynE69znFwqd2UQ22CHuV5z160B74ctWG5pBGUd+UTb4cF538WArjQCX580ur
gKsKYHJDu2mCvoWutGQtNnjSrOFzBFZvnGBGqPhgFKiKM0NrS4TrN5b1Kfmzdjlp
Ump95esqJiuLATcMkEj7+ndVFcnfZiLAoUMNjbtbwPgtQ7uKGzRg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org