Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/rtUM-6r1c6-h2oq3mFKc1tpIc1Q.roa
File: rtUM-6r1c6-h2oq3mFKc1tpIc1Q.roa (raw, json)
Hash identifier: 0TkNTm3+RnffBA+nCPGeclRK8tga1B81WZ+FFl2AyCs=
Subject key identifier: AE:D5:0C:FB:AA:F5:73:AF:A1:DA:8A:B7:98:52:9C:D6:DA:48:73:54
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018D13D7EF07F132A25705A6F1FEB0F438E4
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/rtUM-6r1c6-h2oq3mFKc1tpIc1Q.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 31.222.248.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ef:07:f1:32:a2:57:05:a6:f1:fe:b0:f4:38:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aed50cfbaaf573afa1da8ab798529cd6da487354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:25:14:ce:fb:38:77:9e:a2:e3:60:5e:c5:1a:
4a:f9:44:d4:21:0e:e2:6b:5a:c2:b7:7c:03:c3:c4:
68:ec:1c:a2:3b:9b:97:d1:85:f3:b5:74:48:f2:fd:
e4:f3:89:af:ba:63:1e:05:50:cf:a5:8a:93:58:e9:
b6:97:cb:ff:8c:2d:93:a3:20:b8:a7:73:8a:ef:23:
1b:04:86:aa:0c:0e:c2:d2:a2:65:e4:a0:76:38:4a:
ba:84:44:54:be:e4:4d:53:33:91:33:2f:d3:6f:ef:
6a:13:13:d6:0b:1d:79:8c:6a:bf:c3:f1:16:ee:16:
5b:c1:6f:56:4b:0a:0d:52:57:00:7d:a0:f2:1d:f5:
ec:69:77:31:6a:75:77:36:31:f5:b9:26:b7:6b:d8:
15:10:a1:35:d9:37:91:33:f4:92:c4:be:d7:24:7b:
82:98:66:39:e5:37:f4:d2:5e:e7:a0:f3:aa:e8:1e:
c8:aa:76:33:1e:f2:09:d7:c7:b3:98:f4:5f:36:e6:
45:9b:a0:aa:18:4a:33:64:7c:ca:24:46:7f:32:c3:
8d:a7:06:cb:62:d6:98:66:27:dd:2f:bb:c1:5f:55:
61:65:02:c9:30:1d:5d:b2:12:fd:29:81:c4:97:61:
6b:c7:39:2c:81:f8:ee:ec:2a:23:08:36:59:b6:5e:
cc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D5:0C:FB:AA:F5:73:AF:A1:DA:8A:B7:98:52:9C:D6:DA:48:73:54
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/rtUM-6r1c6-h2oq3mFKc1tpIc1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.248.0/24
176.56.38.0/24
193.239.209.0/24
Signature Algorithm: sha256WithRSAEncryption
15:48:0e:c3:9c:75:56:ec:d3:ca:75:fb:21:b4:aa:99:60:0b:
bc:fd:6b:8e:d2:b9:3c:6f:11:cb:dc:3a:50:2a:be:27:ad:dd:
a7:39:c5:bf:f8:bf:ba:93:22:2a:f9:4d:a2:fe:06:05:c2:46:
1c:99:11:7f:98:1a:f8:d6:dd:ec:f7:50:1e:9b:4a:a8:88:cd:
6e:03:43:e4:13:9d:17:f6:d6:47:67:21:47:d2:4b:22:ed:31:
14:be:51:46:74:2b:62:ee:37:a9:d8:bd:f4:a4:a9:5f:4f:27:
1d:d9:30:46:07:3b:8b:86:bc:55:11:d8:c6:a4:eb:28:ce:36:
b6:5f:26:13:82:a1:53:aa:00:c6:41:de:67:5e:c9:93:2f:be:
67:cd:e4:a7:7c:a5:b3:4d:79:1d:e8:7e:d4:4c:a4:33:8e:9b:
a3:8f:b3:48:74:cc:6a:58:f3:19:40:39:13:0e:6b:c2:8d:b6:
aa:76:13:c6:c5:42:30:e2:64:bb:75:cf:e4:79:7c:ae:2a:b9:
77:59:85:25:84:77:82:56:f3:c1:7c:ef:41:0a:f7:ff:b8:29:
f1:43:3d:5d:1a:8d:cf:b7:0d:64:c5:55:34:16:81:58:9e:7c:
f9:03:c2:2b:7e:3a:88:8a:16:83:23:8e:ef:b6:f1:43:bc:99:
29:dc:f1:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0T1+8H8TKiVwWm8f6w9DjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ1MGNmYmFhZjU3M2FmYTFkYThhYjc5ODUyOWNkNmRhNDg3MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCUUzvs4d56i42BexRpK+UTUIQ7i
a1rCt3wDw8Ro7ByiO5uX0YXztXRI8v3k84mvumMeBVDPpYqTWOm2l8v/jC2ToyC4
p3OK7yMbBIaqDA7C0qJl5KB2OEq6hERUvuRNUzORMy/Tb+9qExPWCx15jGq/w/EW
7hZbwW9WSwoNUlcAfaDyHfXsaXcxanV3NjH1uSa3a9gVEKE12TeRM/SSxL7XJHuC
mGY55Tf00l7noPOq6B7IqnYzHvIJ18ezmPRfNuZFm6CqGEozZHzKJEZ/MsONpwbL
YtaYZifdL7vBX1VhZQLJMB1dshL9KYHEl2Frxzksgfju7CojCDZZtl7MXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK7VDPuq9XOvodqKt5hSnNbaSHNUMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvcnRVTS02cjFjNi1oMm9xM21GS2MxdHBJYzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH974AwQA
sDgmAwQAwe/RMA0GCSqGSIb3DQEBCwUAA4IBAQAVSA7DnHVW7NPKdfshtKqZYAu8
/WuO0rk8bxHL3DpQKr4nrd2nOcW/+L+6kyIq+U2i/gYFwkYcmRF/mBr41t3s91Ae
m0qoiM1uA0PkE50X9tZHZyFH0ksi7TEUvlFGdCti7jep2L30pKlfTycd2TBGBzuL
hrxVEdjGpOsozja2XyYTgqFTqgDGQd5nXsmTL75nzeSnfKWzTXkd6H7UTKQzjpuj
j7NIdMxqWPMZQDkTDmvCjbaqdhPGxUIw4mS7dc/keXyuKrl3WYUlhHeCVvPBfO9B
Cvf/uCnxQz1dGo3Ptw1kxVU0FoFYnnz5A8IrfjqIihaDI47vtvFDvJkp3PFl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:48 2024 by rpki-client on console-fra.rpki-client.org