Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/2ny_uauaN_r1aIQJ8r7mdEgLIPw.roa
File: 2ny_uauaN_r1aIQJ8r7mdEgLIPw.roa (raw, json)
Hash identifier: +ahlrU0j9H85xNOL/eygRPLydwupwdz1fDLWpABpfZA=
Subject key identifier: DA:7C:BF:B9:AB:9A:37:FA:F5:68:84:09:F2:BE:E6:74:48:0B:20:FC
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 01867C6100EDEF690DD93BBED50E4FABF7B8
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/2ny_uauaN_r1aIQJ8r7mdEgLIPw.roa
Signing time: Thu 23 Feb 2023 03:46:17 +0000
ROA not before: Thu 23 Feb 2023 03:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:61:00:ed:ef:69:0d:d9:3b:be:d5:0e:4f:ab:f7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Feb 23 03:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7cbfb9ab9a37faf5688409f2bee674480b20fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1e:1d:84:5c:38:30:61:50:4b:c0:d0:a5:05:
04:b4:53:ec:50:be:aa:e3:b2:5c:0c:9e:96:48:64:
45:41:fa:9e:28:21:34:ed:f3:0c:df:ab:61:4d:c4:
6a:21:b4:04:b9:7d:ea:2c:08:d8:ee:c2:d4:58:58:
c9:0c:d0:a5:fb:f1:ae:a2:a6:c4:94:57:b5:45:7b:
05:ef:9b:4d:fc:ce:34:79:d6:d3:f1:b2:b1:d5:d6:
1a:c5:be:9f:ae:62:c2:a7:63:ba:4b:74:63:8f:3b:
fc:97:c9:06:3d:dc:98:6e:03:3c:e9:68:24:31:8f:
9b:0b:cb:fe:5e:f6:07:6a:a5:49:01:81:25:9d:08:
e1:f5:f6:54:91:0e:6f:77:ea:c5:3b:fb:9e:69:a7:
44:94:bd:2d:63:09:95:22:2d:f6:70:d2:db:75:bc:
81:6a:db:87:a5:c0:ab:7c:bd:7e:84:1c:5d:24:4a:
34:27:4d:03:04:23:09:3f:ae:e7:d9:66:59:44:bb:
4f:5b:26:c8:d1:60:47:2c:be:1e:b4:10:0c:98:c7:
6c:42:74:0c:ef:06:d0:98:73:22:42:0b:ad:c3:04:
f5:36:17:c8:9f:56:c6:12:bb:c5:ed:7d:8d:b6:d9:
fe:15:ae:76:80:2e:ec:d3:98:29:52:aa:49:a5:c6:
5a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7C:BF:B9:AB:9A:37:FA:F5:68:84:09:F2:BE:E6:74:48:0B:20:FC
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/2ny_uauaN_r1aIQJ8r7mdEgLIPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
34:06:b8:c1:92:c2:61:16:52:7d:4a:39:88:50:3b:55:7e:b7:
94:8c:9e:4f:63:b2:e5:ba:7e:c0:ca:fd:81:85:05:8a:89:44:
8c:dc:16:72:ce:bb:80:6e:4c:46:0e:8c:67:2b:ed:7a:40:0e:
9e:3f:80:5a:5a:7f:41:76:4f:b8:b0:61:b3:8c:d6:7b:fe:3b:
d6:eb:bd:e7:10:c5:40:1e:ae:15:3e:33:0f:8f:d9:d2:f4:10:
ef:29:cb:ae:41:3f:f4:e1:2c:fe:8b:6b:8c:3f:b1:a7:79:ee:
22:d8:34:25:9a:fa:8e:dd:39:95:0f:5f:d7:3e:75:ad:45:cf:
71:19:55:a8:75:48:63:45:ae:33:fe:59:8d:73:5d:07:47:a0:
d0:a5:db:6f:5a:a5:c3:84:ea:50:ac:d1:35:22:ad:c7:1d:88:
7e:6f:7e:cc:ed:9b:8a:7a:d7:4d:04:b4:4d:4b:b1:bd:0b:92:
85:85:83:b1:f0:87:f0:23:a3:b1:04:6b:6b:30:07:fd:34:f7:
a9:87:bc:58:d2:af:dd:5f:17:ab:87:26:a4:02:6b:5d:20:a3:
fb:18:16:eb:91:ef:bf:db:7b:40:a0:57:61:f0:3f:2e:90:50:
62:7c:05:2d:1b:9e:0d:e6:a2:ce:3c:01:cc:6b:13:ee:d0:0d:
27:19:70:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ8YQDt72kN2Tu+1Q5Pq/e4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjMwMjIzMDM0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdjYmZiOWFiOWEzN2ZhZjU2ODg0MDlmMmJlZTY3NDQ4MGIyMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx4dhFw4MGFQS8DQpQUEtFPsUL6q
47JcDJ6WSGRFQfqeKCE07fMM36thTcRqIbQEuX3qLAjY7sLUWFjJDNCl+/GuoqbE
lFe1RXsF75tN/M40edbT8bKx1dYaxb6frmLCp2O6S3Rjjzv8l8kGPdyYbgM86Wgk
MY+bC8v+XvYHaqVJAYElnQjh9fZUkQ5vd+rFO/ueaadElL0tYwmVIi32cNLbdbyB
atuHpcCrfL1+hBxdJEo0J00DBCMJP67n2WZZRLtPWybI0WBHLL4etBAMmMdsQnQM
7wbQmHMiQgutwwT1NhfIn1bGErvF7X2Nttn+Fa52gC7s05gpUqpJpcZa/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNp8v7mrmjf69WiECfK+5nRICyD8MB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvMm55X3VhdWFOX3IxYUlRSjhyN21kRWdMSVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQA0BrjBksJhFlJ9SjmIUDtVfreUjJ5PY7Llun7Ayv2B
hQWKiUSM3BZyzruAbkxGDoxnK+16QA6eP4BaWn9Bdk+4sGGzjNZ7/jvW673nEMVA
Hq4VPjMPj9nS9BDvKcuuQT/04Sz+i2uMP7Gnee4i2DQlmvqO3TmVD1/XPnWtRc9x
GVWodUhjRa4z/lmNc10HR6DQpdtvWqXDhOpQrNE1Iq3HHYh+b37M7ZuKetdNBLRN
S7G9C5KFhYOx8IfwI6OxBGtrMAf9NPeph7xY0q/dXxerhyakAmtdIKP7GBbrke+/
23tAoFdh8D8ukFBifAUtG54N5qLOPAHMaxPu0A0nGXCL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:29 2024 by rpki-client on console-fra.rpki-client.org