Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/WKUzVi7SLBzNROW80dCDa5od9NI.roa
File: WKUzVi7SLBzNROW80dCDa5od9NI.roa (raw, json)
Hash identifier: dAUV6QmMZRPFRb3I/jPVPsTMXWDZvk+boe30H7p0S2Y=
Subject key identifier: 58:A5:33:56:2E:D2:2C:1C:CD:44:E5:BC:D1:D0:83:6B:9A:1D:F4:D2
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018ED5C7D506C7FE1C268D93938D040A44F4
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/WKUzVi7SLBzNROW80dCDa5od9NI.roa
Signing time: Sat 13 Apr 2024 04:47:06 +0000
ROA not before: Sat 13 Apr 2024 04:47:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 31.57.0.0/16 maxlen: 16
31.58.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d5:c7:d5:06:c7:fe:1c:26:8d:93:93:8d:04:0a:44:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 13 04:47:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58a533562ed22c1ccd44e5bcd1d0836b9a1df4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fb:eb:35:2a:23:5e:81:b5:69:56:f2:38:c7:
58:92:d7:9d:0f:ae:6b:73:b6:d4:35:09:c1:5e:76:
b4:ea:be:02:e5:96:48:27:b7:22:05:61:35:22:58:
b4:15:4d:4a:78:17:7a:c2:6f:a3:24:ca:33:03:bc:
11:0c:52:5a:bf:98:01:4d:bb:e4:f2:5d:81:b1:2d:
53:2d:ec:97:67:bf:33:f1:c3:27:2c:c4:75:5b:50:
f9:d2:6d:d2:d5:dc:07:26:7c:b8:c6:3d:65:37:48:
1c:a8:e1:01:12:67:c2:0f:54:33:0c:69:8d:f7:fa:
3b:a9:ba:7d:70:10:5e:89:58:bd:c6:12:9b:8a:78:
f1:3a:a8:eb:66:9d:6b:fc:66:7e:72:9d:59:5e:bd:
98:f0:a4:b2:06:6b:25:4e:c1:55:c6:fc:73:31:df:
25:a7:b9:8d:c3:2c:c7:8f:2f:10:ff:8d:a1:28:ae:
38:10:d5:9f:c3:39:22:01:58:a6:ea:18:f2:b3:42:
97:0a:a4:11:92:e9:25:cb:0a:99:10:9b:43:de:62:
05:cf:c3:b1:63:33:68:56:19:1a:7f:8a:3d:22:6f:
99:ea:d6:38:2a:a4:22:07:0c:7e:47:d5:15:b4:ce:
7f:88:e0:09:48:16:55:53:43:e2:67:c4:20:09:79:
3c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A5:33:56:2E:D2:2C:1C:CD:44:E5:BC:D1:D0:83:6B:9A:1D:F4:D2
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/WKUzVi7SLBzNROW80dCDa5od9NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.0.0-31.58.255.255
Signature Algorithm: sha256WithRSAEncryption
73:36:b5:16:56:90:87:12:5d:8f:1d:d8:92:8e:5b:18:4e:59:
f2:ed:34:c3:76:4e:cd:22:4b:c2:99:d5:97:fe:77:5e:eb:7b:
95:17:5e:b2:0a:56:5f:f9:75:ec:94:a5:f8:26:a4:06:f7:5a:
cf:58:20:3b:5f:75:a0:ac:63:10:a5:71:4f:30:57:6b:e0:ae:
47:2c:af:f5:a4:6e:74:72:cf:74:08:d6:82:1f:04:b8:e7:64:
65:31:f3:83:8b:a4:ff:65:b5:a7:a9:95:71:4e:99:20:2a:9b:
b3:f4:69:5f:06:a9:e5:1f:fd:cd:c7:0c:3b:4b:0e:7b:90:ff:
8f:c5:1d:9b:7f:d2:61:8f:6a:ce:a2:0d:7d:58:ee:e6:17:10:
cd:d8:73:17:ad:82:af:1b:9e:28:d6:f3:05:27:b9:1b:70:2e:
f5:35:de:4d:e9:3b:21:13:93:86:cf:49:92:17:be:0c:44:2e:
05:55:4b:a5:26:d4:c9:47:29:a9:01:88:73:75:8e:5f:ca:09:
f0:54:62:47:ab:32:bc:19:88:8e:48:4d:e6:ef:00:df:5f:3e:
cc:ca:b7:bd:ee:17:4d:7a:4d:f9:8b:81:9e:62:8e:fa:ad:b7:
af:2d:39:a5:5e:ee:8e:0f:7a:cc:cd:11:5d:ef:7f:50:84:08:
6d:f5:98:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7Vx9UGx/4cJo2Tk40ECkT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDEzMDQ0NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGE1MzM1NjJlZDIyYzFjY2Q0NGU1YmNkMWQwODM2YjlhMWRmNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPvrNSojXoG1aVbyOMdYktedD65r
c7bUNQnBXna06r4C5ZZIJ7ciBWE1Ili0FU1KeBd6wm+jJMozA7wRDFJav5gBTbvk
8l2BsS1TLeyXZ78z8cMnLMR1W1D50m3S1dwHJny4xj1lN0gcqOEBEmfCD1QzDGmN
9/o7qbp9cBBeiVi9xhKbinjxOqjrZp1r/GZ+cp1ZXr2Y8KSyBmslTsFVxvxzMd8l
p7mNwyzHjy8Q/42hKK44ENWfwzkiAVim6hjys0KXCqQRkuklywqZEJtD3mIFz8Ox
YzNoVhkaf4o9Im+Z6tY4KqQiBwx+R9UVtM5/iOAJSBZVU0PiZ8QgCXk82wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFilM1Yu0iwczUTlvNHQg2uaHfTSMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvV0tVelZpN1NMQnpOUk9XODBkQ0RhNW9kOU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMMAoDAwAfOQMD
AB86MA0GCSqGSIb3DQEBCwUAA4IBAQBzNrUWVpCHEl2PHdiSjlsYTlny7TTDdk7N
IkvCmdWX/nde63uVF16yClZf+XXslKX4JqQG91rPWCA7X3WgrGMQpXFPMFdr4K5H
LK/1pG50cs90CNaCHwS452RlMfODi6T/ZbWnqZVxTpkgKpuz9GlfBqnlH/3Nxww7
Sw57kP+PxR2bf9Jhj2rOog19WO7mFxDN2HMXrYKvG54o1vMFJ7kbcC71Nd5N6Tsh
E5OGz0mSF74MRC4FVUulJtTJRympAYhzdY5fygnwVGJHqzK8GYiOSE3m7wDfXz7M
yre97hdNek35i4GeYo76rbevLTmlXu6OD3rMzRFd739QhAht9ZjL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:51 2024 by rpki-client on console-fra.rpki-client.org