Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/BaMIy04_f8CXzI6CgsnOn59gZT0.roa
File: BaMIy04_f8CXzI6CgsnOn59gZT0.roa (raw, json)
Hash identifier: ce7rMnQoWT89X8MIvADC8HRx4RcsDScVxaSApo9t+nU=
Subject key identifier: 05:A3:08:CB:4E:3F:7F:C0:97:CC:8E:82:82:C9:CE:9F:9F:60:65:3D
Certificate issuer: /CN=69f8eb366fc6c8a09bfb140f1505f9ec675d42e4
Certificate serial: 01878E7F57FD60BA1D77E23D8B38FD50469F
Authority key identifier: 69:F8:EB:36:6F:C6:C8:A0:9B:FB:14:0F:15:05:F9:EC:67:5D:42:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afjrNm_GyKCb-xQPFQX57GddQuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/BaMIy04_f8CXzI6CgsnOn59gZT0.roa
Signing time: Mon 17 Apr 2023 09:15:22 +0000
ROA not before: Mon 17 Apr 2023 09:15:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12837
IP address blocks: 31.24.208.0/21 maxlen: 21
31.24.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:7f:57:fd:60:ba:1d:77:e2:3d:8b:38:fd:50:46:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f8eb366fc6c8a09bfb140f1505f9ec675d42e4
Validity
Not Before: Apr 17 09:15:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05a308cb4e3f7fc097cc8e8282c9ce9f9f60653d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:13:c5:8f:cd:a0:9d:3f:0c:15:ca:af:55:
24:3c:d3:2a:39:58:21:df:cd:1a:3c:71:31:b3:31:
71:6f:39:cd:50:21:92:cf:8b:5c:bb:e1:3f:7a:9a:
9d:86:17:32:ad:03:20:48:36:50:93:1e:3c:7c:0d:
e7:6b:62:c4:8a:1d:b5:6d:ab:a5:d7:37:0e:b7:89:
67:f5:01:54:e4:db:31:51:ef:8b:cc:ba:9c:73:4c:
ef:60:14:5f:b0:93:0a:2e:0f:35:50:27:e0:ae:63:
20:f1:a1:be:b4:5e:60:19:7f:23:28:71:c5:b5:13:
da:88:43:70:c9:bf:31:0c:ec:2c:82:b2:02:58:ac:
48:28:73:fa:2c:4a:71:03:b2:29:64:79:f5:a7:56:
c4:4b:6c:fe:49:b6:61:19:50:90:f3:29:13:d5:21:
a1:dd:bc:54:f4:30:dc:42:5d:b8:84:f6:ec:d3:5a:
c3:f5:1c:7f:81:77:9a:cd:30:f8:c4:28:3e:ef:5b:
02:85:60:34:e9:01:1f:b1:a5:14:84:42:a0:1e:31:
c4:dc:c4:00:3f:00:9b:7c:13:4d:21:4a:09:88:7f:
ef:8b:67:65:a0:52:21:66:7b:2a:bd:a1:6c:ff:84:
39:ea:6b:2d:e9:52:e3:88:36:6e:8e:86:94:a2:91:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A3:08:CB:4E:3F:7F:C0:97:CC:8E:82:82:C9:CE:9F:9F:60:65:3D
X509v3 Authority Key Identifier:
keyid:69:F8:EB:36:6F:C6:C8:A0:9B:FB:14:0F:15:05:F9:EC:67:5D:42:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afjrNm_GyKCb-xQPFQX57GddQuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/BaMIy04_f8CXzI6CgsnOn59gZT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/afjrNm_GyKCb-xQPFQX57GddQuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.208.0/21
Signature Algorithm: sha256WithRSAEncryption
23:2d:e9:8d:45:20:2f:33:49:f8:50:0d:f2:f5:21:8a:df:3f:
65:37:2e:b7:3c:08:a9:99:10:c0:4b:e8:a4:4a:be:1d:e4:52:
40:da:84:b3:eb:09:94:6d:4e:b4:ef:e0:93:2b:3a:98:96:53:
cf:c1:fc:95:73:58:8b:91:f7:72:e1:a9:db:6f:91:e9:ef:aa:
b0:76:c7:f4:f5:57:e3:d5:28:28:44:32:33:65:22:35:cd:4b:
12:fc:04:c3:77:0c:77:b1:1f:92:df:ab:b9:41:68:44:01:f0:
fb:ed:08:30:67:96:31:07:7d:86:c1:6c:8b:63:d9:b6:35:2e:
41:05:52:8e:bf:7f:2a:10:e6:97:94:fb:6a:a2:7c:bd:ee:2e:
35:40:2f:f0:2f:97:d0:6e:21:d4:43:8f:53:bc:27:04:fa:ce:
ed:8c:26:7a:93:80:83:f2:e2:c9:cc:5e:b3:2a:83:05:a4:05:
93:23:3f:8d:32:22:9a:4b:e0:9f:11:b2:7e:3a:7a:7e:53:80:
e7:94:08:01:ff:04:06:29:2c:bb:48:7d:ab:2e:ce:bc:6f:1c:
15:15:ee:ea:e4:b3:68:52:fb:a1:c7:70:d1:a3:db:90:27:c0:
b2:8c:03:e0:5d:58:e4:7c:e4:de:0f:37:9d:d1:05:b6:13:48:
b5:c6:9f:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeOf1f9YLodd+I9izj9UEafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjhlYjM2NmZjNmM4YTA5YmZiMTQwZjE1MDVmOWVjNjc1
ZDQyZTQwHhcNMjMwNDE3MDkxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWEzMDhjYjRlM2Y3ZmMwOTdjYzhlODI4MmM5Y2U5ZjlmNjA2NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMoTxY/NoJ0/DBXKr1UkPNMqOVgh
380aPHExszFxbznNUCGSz4tcu+E/epqdhhcyrQMgSDZQkx48fA3na2LEih21baul
1zcOt4ln9QFU5NsxUe+LzLqcc0zvYBRfsJMKLg81UCfgrmMg8aG+tF5gGX8jKHHF
tRPaiENwyb8xDOwsgrICWKxIKHP6LEpxA7IpZHn1p1bES2z+SbZhGVCQ8ykT1SGh
3bxU9DDcQl24hPbs01rD9Rx/gXeazTD4xCg+71sChWA06QEfsaUUhEKgHjHE3MQA
PwCbfBNNIUoJiH/vi2dloFIhZnsqvaFs/4Q56mst6VLjiDZujoaUopFSVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWjCMtOP3/Al8yOgoLJzp+fYGU9MB8GA1UdIwQY
MBaAFGn46zZvxsigm/sUDxUF+exnXULkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZqck5tX0d5S0NiLXhRUEZRWDU3R2RkUXVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZGFkOGMtOWVkMy00ZjAxLWIxMDct
NzQ4NmMwNTgyZjJhLzEvQmFNSXkwNF9mOENYekk2Q2dzbk9uNTlnWlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZGFkOGMtOWVkMy00ZjAxLWIxMDctNzQ4NmMwNTgyZjJh
LzEvYWZqck5tX0d5S0NiLXhRUEZRWDU3R2RkUXVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHxjQMA0G
CSqGSIb3DQEBCwUAA4IBAQAjLemNRSAvM0n4UA3y9SGK3z9lNy63PAipmRDAS+ik
Sr4d5FJA2oSz6wmUbU607+CTKzqYllPPwfyVc1iLkfdy4anbb5Hp76qwdsf09Vfj
1SgoRDIzZSI1zUsS/ATDdwx3sR+S36u5QWhEAfD77QgwZ5YxB32GwWyLY9m2NS5B
BVKOv38qEOaXlPtqony97i41QC/wL5fQbiHUQ49TvCcE+s7tjCZ6k4CD8uLJzF6z
KoMFpAWTIz+NMiKaS+CfEbJ+Onp+U4DnlAgB/wQGKSy7SH2rLs68bxwVFe7q5LNo
Uvuhx3DRo9uQJ8CyjAPgXVjkfOTeDzed0QW2E0i1xp9s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:06 2024 by rpki-client on console-fra.rpki-client.org