Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ywUwdeXsGObY6WmaHLeMx41wzYw.roa
File: ywUwdeXsGObY6WmaHLeMx41wzYw.roa (raw, json)
Hash identifier: l130ZvUZNfVw9gYGPFsJ6pUN960p9ueZrMrFdSxxKWE=
Subject key identifier: CB:05:30:75:E5:EC:18:E6:D8:E9:69:9A:1C:B7:8C:C7:8D:70:CD:8C
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018D9BD839E403E4A761D5625505730B1D59
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ywUwdeXsGObY6WmaHLeMx41wzYw.roa
Signing time: Mon 12 Feb 2024 05:44:15 +0000
ROA not before: Mon 12 Feb 2024 05:44:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 31.56.174.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9b:d8:39:e4:03:e4:a7:61:d5:62:55:05:73:0b:1d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 12 05:44:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb053075e5ec18e6d8e9699a1cb78cc78d70cd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:dc:2f:c2:b2:47:e5:eb:54:9f:de:a7:c8:
1b:4c:0c:f7:77:7a:8c:97:ab:6d:87:22:87:c6:65:
70:14:c7:7c:10:52:70:88:73:5d:ec:6a:83:16:32:
7f:d0:a7:aa:a8:05:35:f9:b7:71:ed:86:7c:4b:26:
6e:20:c7:0f:54:1e:2b:24:8d:ef:df:f5:ce:1a:0c:
82:55:15:5e:0e:ae:41:fa:ca:b4:30:6e:70:70:b1:
a1:5d:01:13:c3:e7:f7:fa:9e:8e:a1:d9:89:1d:09:
d3:71:32:c7:5e:6e:d4:25:68:42:7b:cc:44:1f:7e:
3f:cf:91:df:bb:4b:ae:86:4d:78:71:f7:9e:c2:81:
93:c1:2c:b9:62:8a:55:83:e7:19:75:2b:73:12:b0:
3c:eb:17:56:7a:0b:73:80:bf:8a:eb:82:0c:f6:89:
e5:c0:aa:ee:26:5b:1b:ab:be:5b:74:52:6b:1c:d2:
b3:44:ea:bd:f4:46:16:47:69:a4:2d:57:af:ba:7a:
3f:fe:c2:ea:ad:ef:d8:48:1c:cb:c3:48:e7:30:38:
c1:37:c9:2c:42:06:66:dd:b7:50:79:cc:e9:72:e3:
6f:f9:d5:3d:ba:c1:7e:93:86:d0:1a:cb:aa:06:1d:
18:2e:6d:70:65:e5:e6:ce:dd:5a:8d:95:2a:a6:c0:
7e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:30:75:E5:EC:18:E6:D8:E9:69:9A:1C:B7:8C:C7:8D:70:CD:8C
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ywUwdeXsGObY6WmaHLeMx41wzYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.174.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:05:30:90:d5:6f:43:e8:a2:52:c0:9d:04:19:91:7a:13:0c:
11:3d:01:b0:df:7b:3e:8d:0f:50:67:b5:7a:be:83:19:11:ce:
3f:73:26:f2:17:e3:01:6a:0d:9b:53:51:f2:64:59:27:f0:27:
f0:91:5d:a2:b6:8c:88:db:50:51:64:42:7d:3d:ed:1e:ee:03:
9b:3e:19:0d:da:df:f5:75:77:cd:04:a5:ce:50:b4:6f:61:8d:
b1:33:83:a0:cc:2f:40:06:01:db:a1:e1:40:74:fe:ad:e3:dc:
dd:94:ec:65:c2:71:d5:ad:6d:53:77:a7:8c:43:a8:5c:1a:85:
e6:b6:f1:52:c0:a6:62:71:c6:73:49:e5:67:0b:6e:1f:09:67:
91:f7:5e:7f:bc:d3:f7:28:45:e8:b5:e3:6d:be:3e:47:98:ac:
4c:b1:69:c0:89:57:73:2b:37:19:5a:7e:24:a0:26:3b:de:87:
9a:f7:79:94:95:b0:02:9a:a8:bd:85:81:ed:ba:75:b8:b5:49:
09:5f:4e:5a:86:98:67:c1:7b:f5:85:19:a5:48:dd:54:d8:8c:
b7:b9:37:66:2c:dd:fb:a3:cc:a0:fa:f5:87:83:b7:f0:a2:7c:
9b:ae:df:7e:31:66:cf:2b:35:44:bb:c3:4c:bf:e0:1c:a5:89:
9b:04:b6:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2b2DnkA+SnYdViVQVzCx1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMjEyMDU0NDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA1MzA3NWU1ZWMxOGU2ZDhlOTY5OWExY2I3OGNjNzhkNzBjZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm7cL8KyR+XrVJ/ep8gbTAz3d3qM
l6tthyKHxmVwFMd8EFJwiHNd7GqDFjJ/0KeqqAU1+bdx7YZ8SyZuIMcPVB4rJI3v
3/XOGgyCVRVeDq5B+sq0MG5wcLGhXQETw+f3+p6OodmJHQnTcTLHXm7UJWhCe8xE
H34/z5Hfu0uuhk14cfeewoGTwSy5YopVg+cZdStzErA86xdWegtzgL+K64IM9onl
wKruJlsbq75bdFJrHNKzROq99EYWR2mkLVevuno//sLqre/YSBzLw0jnMDjBN8ks
QgZm3bdQeczpcuNv+dU9usF+k4bQGsuqBh0YLm1wZeXmzt1ajZUqpsB+twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMsFMHXl7Bjm2Olpmhy3jMeNcM2MMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEveXdVd2RlWHNHT2JZNldtYUhMZU14NDF3ell3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHziuAwQA
2Tz+MA0GCSqGSIb3DQEBCwUAA4IBAQBdBTCQ1W9D6KJSwJ0EGZF6EwwRPQGw33s+
jQ9QZ7V6voMZEc4/cybyF+MBag2bU1HyZFkn8CfwkV2itoyI21BRZEJ9Pe0e7gOb
PhkN2t/1dXfNBKXOULRvYY2xM4OgzC9ABgHboeFAdP6t49zdlOxlwnHVrW1Td6eM
Q6hcGoXmtvFSwKZiccZzSeVnC24fCWeR915/vNP3KEXoteNtvj5HmKxMsWnAiVdz
KzcZWn4koCY73oea93mUlbACmqi9hYHtunW4tUkJX05ahphnwXv1hRmlSN1U2Iy3
uTdmLN37o8yg+vWHg7fwonybrt9+MWbPKzVEu8NMv+AcpYmbBLYj
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:08:56 2025 by rpki-client