Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/yyQ-X8fF_lsJj4pEP1B0ai3AjuI.roa
File: yyQ-X8fF_lsJj4pEP1B0ai3AjuI.roa (raw, json)
Hash identifier: OhWtBgm2+0KrQZipmEKz7YB26ZTo1UPiA6N32oJloGs=
Subject key identifier: CB:24:3E:5F:C7:C5:FE:5B:09:8F:8A:44:3F:50:74:6A:2D:C0:8E:E2
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 0188F7280A97AF1055D5D783E94630DAD2A3
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/yyQ-X8fF_lsJj4pEP1B0ai3AjuI.roa
Signing time: Mon 26 Jun 2023 10:02:56 +0000
ROA not before: Mon 26 Jun 2023 10:02:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15596
IP address blocks: 31.42.112.0/20 maxlen: 20
91.210.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:28:0a:97:af:10:55:d5:d7:83:e9:46:30:da:d2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Jun 26 10:02:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb243e5fc7c5fe5b098f8a443f50746a2dc08ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:39:79:3b:00:b7:df:90:d9:83:41:3a:d4:
8d:48:ae:0f:1b:d5:83:ce:39:48:34:c0:1b:e7:5f:
75:69:31:8c:0a:98:e0:db:cf:71:eb:ff:a6:89:39:
a7:6e:ba:3d:7d:15:e3:b6:76:86:7b:7b:fa:d9:26:
a5:c3:71:93:ac:9c:ad:9e:0c:68:a0:33:26:74:f7:
6c:5a:90:38:7a:07:b0:bc:73:f4:29:fa:ee:43:57:
cf:2e:16:6f:9d:dc:74:f1:e5:8e:28:3c:83:4e:e1:
f2:08:bf:57:49:7f:d1:04:95:b9:90:77:1c:1b:d9:
5c:93:65:8f:69:3a:31:09:5f:ad:1a:d4:b7:98:7c:
e8:d1:36:24:db:47:d4:02:4e:05:5a:bb:95:24:bc:
45:d3:03:27:4b:8e:42:77:70:c3:4a:53:66:fd:c0:
4e:62:e2:5b:80:08:16:a9:68:75:90:c5:02:29:66:
6c:26:73:7a:c0:65:ad:96:79:cf:17:2e:85:48:1a:
91:e2:12:12:a3:28:3d:75:f4:94:c1:b4:0a:8b:f0:
cd:99:1d:2e:67:fc:6c:6c:e6:99:3b:6b:bd:3f:fd:
29:a0:fb:23:20:c0:ab:46:38:2c:b1:64:17:a2:28:
15:54:ff:5c:d1:7f:93:82:2d:44:b4:6e:a1:06:14:
8e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:24:3E:5F:C7:C5:FE:5B:09:8F:8A:44:3F:50:74:6A:2D:C0:8E:E2
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/yyQ-X8fF_lsJj4pEP1B0ai3AjuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.112.0/20
91.210.144.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:e8:eb:06:bb:f4:6e:f8:f8:cc:9a:92:59:bc:d8:af:ea:5a:
ec:ad:ec:88:ef:72:0d:57:2e:2e:ce:ba:1b:4b:c7:87:3d:43:
1d:a1:14:b1:5f:6b:42:43:62:f8:27:81:a0:fd:f3:50:31:a1:
5f:91:60:ca:5e:33:cd:74:78:11:84:dc:d8:10:9b:8b:20:6f:
e5:5a:19:08:0f:2e:56:2a:fb:0d:a5:44:ba:ee:52:52:a3:4b:
1f:44:da:c1:5e:cd:6c:91:44:b5:67:37:79:59:8b:9d:27:ac:
e8:b0:da:21:5b:f7:1d:92:14:36:64:dd:78:c6:86:f7:7d:b1:
38:d3:95:ba:7e:a6:dc:23:c7:67:3e:bd:33:3c:b6:a9:ab:7b:
93:09:0b:6f:78:1a:b2:d0:15:67:9d:89:d0:b8:2e:b2:8a:c6:
df:aa:b9:17:03:1c:bc:ae:fe:22:34:45:61:93:37:bc:44:50:
84:b6:82:fa:3d:1a:16:81:9f:23:42:82:87:be:5b:ff:86:cf:
4d:be:6c:9e:ee:0f:d1:78:f5:1d:cd:0a:7f:6f:a9:64:46:c1:
2d:86:83:89:5d:9e:6e:bc:2b:ce:a9:5c:d2:b9:52:cf:43:a0:
f1:21:6f:7a:0d:4a:ff:4d:5e:21:59:b4:72:ac:24:1a:b2:86:
17:0e:b1:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYj3KAqXrxBV1deD6UYw2tKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjMwNjI2MTAwMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjI0M2U1ZmM3YzVmZTViMDk4ZjhhNDQzZjUwNzQ2YTJkYzA4ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/85eTsAt9+Q2YNBOtSNSK4PG9WD
zjlINMAb5191aTGMCpjg289x6/+miTmnbro9fRXjtnaGe3v62Salw3GTrJytngxo
oDMmdPdsWpA4egewvHP0KfruQ1fPLhZvndx08eWOKDyDTuHyCL9XSX/RBJW5kHcc
G9lck2WPaToxCV+tGtS3mHzo0TYk20fUAk4FWruVJLxF0wMnS45Cd3DDSlNm/cBO
YuJbgAgWqWh1kMUCKWZsJnN6wGWtlnnPFy6FSBqR4hISoyg9dfSUwbQKi/DNmR0u
Z/xsbOaZO2u9P/0poPsjIMCrRjgssWQXoigVVP9c0X+Tgi1EtG6hBhSOCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMskPl/Hxf5bCY+KRD9QdGotwI7iMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEveXlRLVg4ZkZfbHNKajRwRVAxQjBhaTNBanVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEHypwAwQC
W9KQMA0GCSqGSIb3DQEBCwUAA4IBAQCd6OsGu/Ru+PjMmpJZvNiv6lrsreyI73IN
Vy4uzrobS8eHPUMdoRSxX2tCQ2L4J4Gg/fNQMaFfkWDKXjPNdHgRhNzYEJuLIG/l
WhkIDy5WKvsNpUS67lJSo0sfRNrBXs1skUS1Zzd5WYudJ6zosNohW/cdkhQ2ZN14
xob3fbE405W6fqbcI8dnPr0zPLapq3uTCQtveBqy0BVnnYnQuC6yisbfqrkXAxy8
rv4iNEVhkze8RFCEtoL6PRoWgZ8jQoKHvlv/hs9Nvmye7g/RePUdzQp/b6lkRsEt
hoOJXZ5uvCvOqVzSuVLPQ6DxIW96DUr/TV4hWbRyrCQasoYXDrH/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:49 2024 by rpki-client on console-ams.rpki-client.org