Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/39Or44tiUTnxNg9nRRhzyBoK5v4.roa
File: 39Or44tiUTnxNg9nRRhzyBoK5v4.roa (raw, json)
Hash identifier: r9Cdiu5+3Q1hwLgaLOUdg5HgIDawZCXytRCd4JfYW2E=
Subject key identifier: DF:D3:AB:E3:8B:62:51:39:F1:36:0F:67:45:18:73:C8:1A:0A:E6:FE
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7954D1594974A1C331F4D7B02CE095B
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/39Or44tiUTnxNg9nRRhzyBoK5v4.roa
Signing time: Tue 02 Jan 2024 00:31:39 +0000
ROA not before: Tue 02 Jan 2024 00:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42731
IP address blocks: 31.14.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4d:15:94:97:4a:1c:33:1f:4d:7b:02:ce:09:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfd3abe38b625139f1360f67451873c81a0ae6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:ba:75:f9:05:3d:a9:de:49:7a:2b:95:13:
2a:0a:f1:bd:3b:e4:21:4f:f9:2e:a9:80:65:ae:6e:
c0:5d:83:cf:c8:5d:54:22:a3:17:6e:5a:df:61:ec:
40:86:19:4b:02:92:28:c3:d4:17:57:a3:9f:18:e1:
5f:bb:35:d4:52:d6:8b:e7:14:a8:71:ce:f9:41:0f:
3e:a3:2c:17:c1:0c:23:c3:fd:44:26:16:54:48:ea:
59:cb:16:e4:ab:10:24:c3:b6:41:17:ba:1f:83:fa:
02:38:09:4d:9e:2a:7d:cc:a2:50:e0:3d:0e:04:3b:
e5:de:3a:1e:e1:d2:16:0d:be:cd:ac:f4:5b:c1:00:
49:6b:6e:40:41:15:9d:86:42:b4:9a:19:d2:2e:1a:
86:54:8d:e0:ca:50:4f:e7:79:51:c5:2b:3c:aa:b4:
af:49:54:99:2f:4c:a8:09:4f:b9:2f:47:56:08:24:
b9:6c:c2:2a:c5:a0:8a:53:ae:54:56:fb:91:86:55:
be:b0:00:0a:90:fe:02:3d:8b:b6:c3:b9:20:25:48:
84:8f:2d:a4:38:51:7c:17:05:02:0e:e4:91:03:61:
12:56:41:60:61:fe:ef:1e:e7:04:67:c0:38:09:97:
d2:b7:71:63:cf:a5:bd:74:e1:87:4d:9a:ff:a0:a4:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D3:AB:E3:8B:62:51:39:F1:36:0F:67:45:18:73:C8:1A:0A:E6:FE
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/39Or44tiUTnxNg9nRRhzyBoK5v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.10.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:54:63:b9:61:ef:a9:68:4f:fc:04:49:55:78:3b:f5:0c:dd:
85:b6:38:d6:a1:45:62:a5:7d:f3:17:c6:aa:8b:7c:59:b8:0b:
fc:1f:68:e2:3e:3d:24:18:80:14:f5:32:b7:73:51:66:73:21:
f6:13:d3:26:e8:ec:89:31:34:78:ba:6f:25:77:cd:5a:3e:2a:
d5:6c:26:06:24:de:fa:f6:4d:86:cd:17:71:49:f8:27:b0:4c:
63:94:dc:bb:b5:3b:f0:2f:77:fd:67:b1:3d:9e:96:f3:9d:75:
16:a3:e2:38:89:c6:0e:c8:60:1b:82:e3:86:ef:a5:4e:2a:9d:
fb:a5:ac:82:18:a1:b3:46:9b:f3:42:0d:7a:cd:2a:96:fc:a3:
ba:0d:7c:6c:86:83:16:2b:2c:d7:97:79:f2:3d:1b:88:91:6e:
b3:60:b2:cb:c8:1b:21:b1:f3:4c:4b:71:fa:b6:77:e8:b3:83:
d9:66:5a:85:fd:ce:d0:00:07:95:77:60:71:e3:a6:59:e9:58:
85:15:00:c6:8d:0c:78:98:40:88:71:a3:8a:e2:81:6f:ed:bc:
4c:6f:fd:40:71:33:a8:4c:e0:13:9c:0d:ce:0b:eb:82:1e:8b:
df:f5:f6:70:ff:32:c2:3a:68:e8:4f:47:15:f4:39:f2:ac:78:
d0:9a:34:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlU0VlJdKHDMfTXsCzglbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQzYWJlMzhiNjI1MTM5ZjEzNjBmNjc0NTE4NzNjODFhMGFlNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNW6dfkFPaneSXorlRMqCvG9O+Qh
T/kuqYBlrm7AXYPPyF1UIqMXblrfYexAhhlLApIow9QXV6OfGOFfuzXUUtaL5xSo
cc75QQ8+oywXwQwjw/1EJhZUSOpZyxbkqxAkw7ZBF7ofg/oCOAlNnip9zKJQ4D0O
BDvl3joe4dIWDb7NrPRbwQBJa25AQRWdhkK0mhnSLhqGVI3gylBP53lRxSs8qrSv
SVSZL0yoCU+5L0dWCCS5bMIqxaCKU65UVvuRhlW+sAAKkP4CPYu2w7kgJUiEjy2k
OFF8FwUCDuSRA2ESVkFgYf7vHucEZ8A4CZfSt3Fjz6W9dOGHTZr/oKTQfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFN/Tq+OLYlE58TYPZ0UYc8gaCub+MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzM5T3I0NHRpVVRueE5nOW5SUmh6eUJvSzV2NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfDgow
DQYJKoZIhvcNAQELBQADggEBAKtUY7lh76loT/wESVV4O/UM3YW2ONahRWKlffMX
xqqLfFm4C/wfaOI+PSQYgBT1MrdzUWZzIfYT0ybo7IkxNHi6byV3zVo+KtVsJgYk
3vr2TYbNF3FJ+CewTGOU3Lu1O/Avd/1nsT2elvOddRaj4jiJxg7IYBuC44bvpU4q
nfulrIIYobNGm/NCDXrNKpb8o7oNfGyGgxYrLNeXefI9G4iRbrNgssvIGyGx80xL
cfq2d+izg9lmWoX9ztAAB5V3YHHjplnpWIUVAMaNDHiYQIhxo4rigW/tvExv/UBx
M6hM4BOcDc4L64Iei9/19nD/MsI6aOhPRxX0OfKseNCaNIQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:01 2025 by rpki-client