Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/myjBpSlHGk8sQKtSRu0z6XcM48g.roa
File: myjBpSlHGk8sQKtSRu0z6XcM48g.roa (raw, json)
Hash identifier: QiphYNa6L6yR+hCXy1+In1SkGe0ADUlos/hLva8LXjg=
Subject key identifier: 9B:28:C1:A5:29:47:1A:4F:2C:40:AB:52:46:ED:33:E9:77:0C:E3:C8
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018CDD435B6EB20CB3EF1978FDD116196D02
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/myjBpSlHGk8sQKtSRu0z6XcM48g.roa
Signing time: Sat 06 Jan 2024 05:33:48 +0000
ROA not before: Sat 06 Jan 2024 05:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 31.56.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:dd:43:5b:6e:b2:0c:b3:ef:19:78:fd:d1:16:19:6d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 6 05:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b28c1a529471a4f2c40ab5246ed33e9770ce3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:42:80:31:4c:ba:5a:b9:29:ec:56:e2:60:56:
5d:1f:81:96:5a:b3:31:13:f1:6b:5f:bf:c9:b8:de:
14:58:61:db:cb:03:ca:00:0e:db:b3:52:04:82:56:
67:7e:fd:02:5d:a6:26:67:f4:29:39:3c:2b:fe:f5:
68:1e:f8:93:e7:ba:b1:b7:2c:d3:99:1c:65:31:a5:
6e:7b:c4:c9:bd:78:b5:03:26:e5:85:59:b8:f3:4c:
1a:56:f4:32:a4:12:67:ed:2e:9b:5c:e7:bc:20:18:
81:d1:f4:53:fa:33:2f:7f:92:8f:77:d0:2f:7a:50:
cb:f0:d4:8a:ec:8a:1c:b0:c2:d3:17:f3:54:59:d5:
9c:20:15:34:1e:16:3d:c9:3d:8d:fc:34:15:97:f5:
c1:04:92:e7:b8:e2:cf:61:a3:dc:57:29:9d:d5:69:
f7:ec:8e:24:ee:09:37:14:c9:f6:25:ab:03:e0:1d:
8e:f0:5c:63:93:00:85:f5:35:0d:3c:a7:5a:08:91:
e8:0a:55:fb:fa:0e:17:8f:1f:c0:99:f2:68:75:84:
d4:c8:84:69:de:0a:f4:08:f7:ab:f7:9e:14:20:54:
b1:ff:53:c0:3d:1a:89:96:d0:70:f2:6b:68:69:fa:
64:84:41:81:9e:37:9c:e6:7e:37:b2:53:27:b7:ac:
8b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:28:C1:A5:29:47:1A:4F:2C:40:AB:52:46:ED:33:E9:77:0C:E3:C8
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/myjBpSlHGk8sQKtSRu0z6XcM48g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c8:90:56:08:85:ed:31:b1:fc:c7:f1:95:69:92:a4:4f:a8:
bb:3a:e3:96:ac:a6:e4:61:6f:4a:86:3c:46:b3:46:9e:3f:d6:
cc:7c:11:44:c8:f3:40:45:e7:12:a5:8d:8c:e9:28:da:72:0f:
62:5b:4c:22:6d:d9:6e:03:05:69:0f:0f:f7:6b:31:d4:d7:89:
ea:32:2e:a0:37:c6:fb:1f:9d:5e:5d:21:ea:c4:ef:46:7a:48:
f9:dd:fb:cb:54:64:b2:cd:90:7b:40:d8:1e:1e:88:33:f2:9e:
b7:7c:96:33:37:3f:1a:af:c0:ee:12:32:2b:9f:e5:d1:98:7a:
b2:bb:ea:ab:68:74:f9:f3:07:f1:31:51:ea:68:a4:a6:81:62:
e7:24:87:ab:3b:5e:59:c4:f4:71:83:cb:d2:0a:fc:fd:35:47:
b0:c6:e4:39:32:6d:cb:96:7e:b1:2d:3b:3d:99:d9:14:5a:e0:
15:7d:98:8c:41:21:f0:1f:36:8a:36:84:41:fb:3a:5f:01:a3:
bc:6c:8c:5a:af:f0:90:c1:0c:57:48:97:48:48:fb:4e:a9:49:
53:a6:0c:99:54:9f:90:b5:09:a2:36:b3:1a:38:c7:41:d4:a6:
8c:80:a7:62:d8:08:bd:e3:60:4b:92:6a:24:68:fa:3e:d7:e7:
ad:f8:d0:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzdQ1tusgyz7xl4/dEWGW0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMTA2MDUzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI4YzFhNTI5NDcxYTRmMmM0MGFiNTI0NmVkMzNlOTc3MGNlM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUKAMUy6Wrkp7FbiYFZdH4GWWrMx
E/FrX7/JuN4UWGHbywPKAA7bs1IEglZnfv0CXaYmZ/QpOTwr/vVoHviT57qxtyzT
mRxlMaVue8TJvXi1AyblhVm480waVvQypBJn7S6bXOe8IBiB0fRT+jMvf5KPd9Av
elDL8NSK7IocsMLTF/NUWdWcIBU0HhY9yT2N/DQVl/XBBJLnuOLPYaPcVymd1Wn3
7I4k7gk3FMn2JasD4B2O8FxjkwCF9TUNPKdaCJHoClX7+g4Xjx/AmfJodYTUyIRp
3gr0CPer954UIFSx/1PAPRqJltBw8mtoafpkhEGBnjec5n43slMnt6yLQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsowaUpRxpPLECrUkbtM+l3DOPIMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvbXlqQnBTbEhHazhzUUt0U1J1MHo2WGNNNDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHziuMA0G
CSqGSIb3DQEBCwUAA4IBAQB/yJBWCIXtMbH8x/GVaZKkT6i7OuOWrKbkYW9KhjxG
s0aeP9bMfBFEyPNARecSpY2M6Sjacg9iW0wibdluAwVpDw/3azHU14nqMi6gN8b7
H51eXSHqxO9Gekj53fvLVGSyzZB7QNgeHogz8p63fJYzNz8ar8DuEjIrn+XRmHqy
u+qraHT58wfxMVHqaKSmgWLnJIerO15ZxPRxg8vSCvz9NUewxuQ5Mm3Lln6xLTs9
mdkUWuAVfZiMQSHwHzaKNoRB+zpfAaO8bIxar/CQwQxXSJdISPtOqUlTpgyZVJ+Q
tQmiNrMaOMdB1KaMgKdi2Ai942BLkmokaPo+1+et+NDJ
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:03:28 2025 by rpki-client