Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/ygNW66-qf-oVYuriR6LSvn54JV8.roa
File: ygNW66-qf-oVYuriR6LSvn54JV8.roa (raw, json)
Hash identifier: GWYyo92lKAYbUTdI40MIvfRCrTnAxYr+6uAlKTh9+NA=
Subject key identifier: CA:03:56:EB:AF:AA:7F:EA:15:62:EA:E2:47:A2:D2:BE:7E:78:25:5F
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0187EC3B0B43E2AEF41B0943B5A8AFD127E4
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/ygNW66-qf-oVYuriR6LSvn54JV8.roa
Signing time: Fri 05 May 2023 14:05:05 +0000
ROA not before: Fri 05 May 2023 14:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.162.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:3b:0b:43:e2:ae:f4:1b:09:43:b5:a8:af:d1:27:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: May 5 14:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca0356ebafaa7fea1562eae247a2d2be7e78255f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ad:c4:fd:47:d4:f0:1b:4f:de:ba:ad:89:15:
56:00:19:04:64:c1:b6:26:72:42:30:d2:4f:90:f8:
47:e7:de:07:2b:ec:a3:aa:b8:29:be:ea:f8:8f:da:
92:f4:14:03:f9:36:12:35:ca:11:01:51:06:ee:46:
f3:be:87:b7:9d:a9:59:3e:cf:97:b2:2d:1c:97:d0:
be:e0:f8:de:06:02:20:42:43:aa:c6:1e:e5:7a:8e:
65:15:4e:f1:af:f8:f8:28:74:60:08:cd:40:fb:f0:
e7:87:7b:fb:a8:22:74:63:b0:4b:93:21:49:1c:76:
f4:b1:e6:50:fd:e5:60:51:45:45:f7:c3:a2:81:88:
f4:4a:c2:ff:7e:a4:4d:47:52:c6:9b:1f:01:66:f8:
66:7e:da:eb:22:f9:63:ad:ba:34:68:10:4a:4a:08:
f4:ac:5a:d7:b2:a8:84:00:5b:c9:65:24:4a:d0:9b:
46:1f:9c:ee:bf:0b:42:30:db:62:4a:39:cb:5e:06:
04:e7:ca:40:a6:7e:24:0f:4b:6b:c3:e0:c4:7b:f8:
af:b8:55:8a:f1:a0:c7:7c:d0:2d:70:a7:64:8a:48:
36:62:78:9b:aa:29:85:4a:5b:67:ac:51:8b:ea:70:
17:a0:ae:b1:9f:28:13:5d:6a:5c:03:02:40:de:24:
d8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:03:56:EB:AF:AA:7F:EA:15:62:EA:E2:47:A2:D2:BE:7E:78:25:5F
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/ygNW66-qf-oVYuriR6LSvn54JV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.78.0/24
Signature Algorithm: sha256WithRSAEncryption
42:b4:90:80:0a:4f:2a:3f:ff:3a:9b:0d:70:77:a1:45:ce:88:
0e:9f:c8:01:57:23:50:49:4e:ea:bd:75:5d:ea:14:0e:06:8d:
1f:d5:7e:42:ab:b3:85:de:22:c2:a6:4d:99:ff:48:03:61:14:
69:2c:13:e8:89:62:5a:00:c7:2c:f6:3d:40:c3:ec:d0:a9:a9:
9a:c1:74:dd:e3:b7:18:63:fa:a7:e2:a7:9a:67:07:ec:6f:a1:
6f:7b:74:92:38:33:18:9c:cb:39:16:9b:75:13:44:d0:a3:6d:
62:2b:ef:6a:bc:fe:62:87:9f:53:76:62:15:b7:0c:94:a4:62:
9d:1c:ab:8e:2f:32:38:14:23:bf:92:00:12:a9:5f:8f:72:19:
7a:ae:1b:b8:1e:33:f8:9f:c1:f1:51:9d:69:82:e9:fa:f7:f7:
96:d7:28:f7:dc:9d:84:ac:da:0b:6b:30:0b:21:d5:a7:c9:29:
8c:5c:cd:d7:97:1e:65:39:94:c8:de:57:52:a0:1f:23:75:c8:
bd:40:8d:37:99:54:88:cb:23:93:8c:38:16:98:d9:66:39:95:
f0:e0:a6:8e:2a:56:8b:f8:34:38:fa:d0:86:c8:6f:83:f9:66:
75:16:ce:63:1d:9f:60:30:42:7f:65:86:0e:5b:4d:84:73:f6:
8b:08:16:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfsOwtD4q70GwlDtaiv0SfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwNTA1MTQwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTAzNTZlYmFmYWE3ZmVhMTU2MmVhZTI0N2EyZDJiZTdlNzgyNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq3E/UfU8BtP3rqtiRVWABkEZMG2
JnJCMNJPkPhH594HK+yjqrgpvur4j9qS9BQD+TYSNcoRAVEG7kbzvoe3nalZPs+X
si0cl9C+4PjeBgIgQkOqxh7leo5lFU7xr/j4KHRgCM1A+/Dnh3v7qCJ0Y7BLkyFJ
HHb0seZQ/eVgUUVF98OigYj0SsL/fqRNR1LGmx8BZvhmftrrIvljrbo0aBBKSgj0
rFrXsqiEAFvJZSRK0JtGH5zuvwtCMNtiSjnLXgYE58pApn4kD0trw+DEe/ivuFWK
8aDHfNAtcKdkikg2YnibqimFSltnrFGL6nAXoK6xnygTXWpcAwJA3iTYWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoDVuuvqn/qFWLq4kei0r5+eCVfMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEveWdOVzY2LXFmLW9WWXVyaVI2TFN2bjU0SlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaJOMA0G
CSqGSIb3DQEBCwUAA4IBAQBCtJCACk8qP/86mw1wd6FFzogOn8gBVyNQSU7qvXVd
6hQOBo0f1X5Cq7OF3iLCpk2Z/0gDYRRpLBPoiWJaAMcs9j1Aw+zQqamawXTd47cY
Y/qn4qeaZwfsb6Fve3SSODMYnMs5Fpt1E0TQo21iK+9qvP5ih59TdmIVtwyUpGKd
HKuOLzI4FCO/kgASqV+Pchl6rhu4HjP4n8HxUZ1pgun69/eW1yj33J2ErNoLazAL
IdWnySmMXM3Xlx5lOZTI3ldSoB8jdci9QI03mVSIyyOTjDgWmNlmOZXw4KaOKlaL
+DQ4+tCGyG+D+WZ1Fs5jHZ9gMEJ/ZYYOW02Ec/aLCBaB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org