Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/7_KE4XYIRmTg0rFDA0LxDtjDp3s.roa
File: 7_KE4XYIRmTg0rFDA0LxDtjDp3s.roa (raw, json)
Hash identifier: KAOhj08UVCaw7SycVpuezBaw6H+lsIi6zxeRxXhVeOI=
Subject key identifier: EF:F2:84:E1:76:08:46:64:E0:D2:B1:43:03:42:F1:0E:D8:C3:A7:7B
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 018CC4937817B3FB892C1C006F4CE159EDA8
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/7_KE4XYIRmTg0rFDA0LxDtjDp3s.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212744
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4040::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:78:17:b3:fb:89:2c:1c:00:6f:4c:e1:59:ed:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eff284e176084664e0d2b1430342f10ed8c3a77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:45:0a:fc:56:e4:90:83:91:d7:e7:10:79:
25:af:fe:7c:bd:9f:22:5c:52:76:5f:30:3c:41:74:
9b:77:11:1f:93:bf:8d:9f:c5:cc:3b:96:fe:a0:16:
d1:0d:f1:d9:29:4f:58:ea:6e:7a:6f:75:f2:21:bd:
17:6c:4a:75:ef:95:3b:b0:ff:0d:48:c7:21:bb:83:
f3:23:57:19:1a:e5:7e:65:f1:d1:23:a8:30:e1:56:
14:28:fb:59:1b:9d:55:79:ca:43:19:f1:9d:ea:84:
4c:d9:f6:37:e3:21:f4:b4:6b:20:21:b1:a8:29:4f:
32:f3:c5:68:65:61:1e:21:42:d4:39:60:28:45:02:
ef:8e:f7:68:b3:ca:df:fc:12:47:cc:84:87:2b:b6:
87:18:93:cd:33:5a:45:03:aa:08:47:93:0f:c4:27:
e0:46:b0:b5:7c:9a:1b:f2:c3:c4:41:a0:58:8e:c3:
4d:df:c9:18:9e:02:87:e7:4e:36:25:83:c7:41:56:
cb:95:57:14:96:b4:be:6e:2f:d2:d5:54:86:01:5e:
c3:4d:e5:62:8f:a0:2f:73:dc:98:fa:d6:f7:13:82:
e3:f4:e8:72:01:8d:31:3d:1e:54:2b:a0:b0:b4:d0:
67:bc:72:74:16:9e:82:02:bf:ff:52:96:df:7a:d8:
97:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F2:84:E1:76:08:46:64:E0:D2:B1:43:03:42:F1:0E:D8:C3:A7:7B
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/7_KE4XYIRmTg0rFDA0LxDtjDp3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
51:b8:ec:ff:eb:b7:3a:39:d9:73:48:0d:46:3e:dd:94:62:0f:
c3:42:a4:48:42:b3:29:c5:e9:69:39:3d:85:de:74:93:c8:b5:
8e:aa:73:82:27:c2:89:b1:78:c2:67:4a:5a:a5:dc:93:f5:a8:
86:21:3f:f1:e8:0c:85:88:96:24:1b:57:c6:9e:29:fb:75:6c:
01:df:75:16:a2:37:52:f8:0b:4a:be:da:3c:6f:cd:5f:25:1e:
60:5d:58:74:90:56:94:53:30:b3:a3:49:4c:bd:48:62:e9:50:
12:13:21:54:c6:62:8c:73:be:aa:1f:c4:d8:30:58:78:bc:c1:
dd:b0:c5:2b:9f:1a:56:ee:85:ca:9f:67:15:59:d9:d2:14:d6:
e6:d8:3d:1f:f6:09:8a:09:16:3b:72:e9:55:94:e1:94:93:3c:
d0:e5:79:eb:cc:5c:c1:79:cb:0f:9e:a4:8f:84:21:5d:08:b6:
93:14:7e:0e:03:0d:ed:c1:1b:b5:65:8d:ea:1f:e6:ed:f4:cd:
17:36:f8:45:81:3d:46:8e:4c:3e:76:80:60:20:b2:67:20:bd:
65:aa:46:b4:0d:62:11:5a:d7:96:c0:82:7b:a9:87:6d:91:fa:
0d:83:0e:c0:11:3a:4e:e3:aa:43:bb:70:52:41:52:73:7b:e4:
45:df:41:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk3gXs/uJLBwAb0zhWe2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1
M2FjOGYwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmYyODRlMTc2MDg0NjY0ZTBkMmIxNDMwMzQyZjEwZWQ4YzNhNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmelFCvxW5JCDkdfnEHklr/58vZ8i
XFJ2XzA8QXSbdxEfk7+Nn8XMO5b+oBbRDfHZKU9Y6m56b3XyIb0XbEp175U7sP8N
SMchu4PzI1cZGuV+ZfHRI6gw4VYUKPtZG51VecpDGfGd6oRM2fY34yH0tGsgIbGo
KU8y88VoZWEeIULUOWAoRQLvjvdos8rf/BJHzISHK7aHGJPNM1pFA6oIR5MPxCfg
RrC1fJob8sPEQaBYjsNN38kYngKH5042JYPHQVbLlVcUlrS+bi/S1VSGAV7DTeVi
j6Avc9yY+tb3E4Lj9OhyAY0xPR5UK6CwtNBnvHJ0Fp6CAr//UpbfetiXXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO/yhOF2CEZk4NKxQwNC8Q7Yw6d7MB8GA1UdIwQY
MBaAFCQ3c25vVZAK2/sEVsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMt
MzE2NjhhZTNiMTY2LzEvN19LRTRYWUlSbVRnMHJGREEwTHhEdGpEcDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2
LzEvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQBRuOz/67c6OdlzSA1GPt2U
Yg/DQqRIQrMpxelpOT2F3nSTyLWOqnOCJ8KJsXjCZ0papdyT9aiGIT/x6AyFiJYk
G1fGnin7dWwB33UWojdS+AtKvto8b81fJR5gXVh0kFaUUzCzo0lMvUhi6VASEyFU
xmKMc76qH8TYMFh4vMHdsMUrnxpW7oXKn2cVWdnSFNbm2D0f9gmKCRY7culVlOGU
kzzQ5XnrzFzBecsPnqSPhCFdCLaTFH4OAw3twRu1ZY3qH+bt9M0XNvhFgT1Gjkw+
doBgILJnIL1lqka0DWIRWteWwIJ7qYdtkfoNgw7AETpO46pDu3BSQVJze+RF30FL
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:10:08 2024 by rpki-client on console-ams.rpki-client.org