Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/2KQvHEjDwPVipXRixpb-69LSYjI.roa
File: 2KQvHEjDwPVipXRixpb-69LSYjI.roa (raw, json)
Hash identifier: umFh++hMqtfUkinUjOsedL2JD00xG5j8sp7QqKC3S5U=
Subject key identifier: D8:A4:2F:1C:48:C3:C0:F5:62:A5:74:62:C6:96:FE:EB:D2:D2:62:32
Certificate issuer: /CN=787054b167aa98841cdc2c4ba2b86139ab988e7d
Certificate serial: 018CCA2A3DE4E90E481B0CCF8BC29D11F431
Authority key identifier: 78:70:54:B1:67:AA:98:84:1C:DC:2C:4B:A2:B8:61:39:AB:98:8E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHBUsWeqmIQc3CxLorhhOauYjn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/2KQvHEjDwPVipXRixpb-69LSYjI.roa
Signing time: Tue 02 Jan 2024 12:33:35 +0000
ROA not before: Tue 02 Jan 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30742
IP address blocks: 2.59.32.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3d:e4:e9:0e:48:1b:0c:cf:8b:c2:9d:11:f4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787054b167aa98841cdc2c4ba2b86139ab988e7d
Validity
Not Before: Jan 2 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8a42f1c48c3c0f562a57462c696feebd2d26232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4f:dc:d3:20:79:78:f6:f3:b3:08:e0:88:91:
5e:c7:4b:19:cb:ba:ec:cb:63:36:fa:a5:59:5d:9d:
62:bc:45:8f:4c:9e:56:99:e7:1f:a9:b3:43:b2:37:
3d:2b:ff:d8:93:38:39:18:0d:3a:f6:f1:40:10:64:
24:97:a8:f3:08:e0:9e:a7:ae:4d:8f:b0:c3:a8:ad:
e7:d7:67:c2:3c:dd:ce:01:47:b9:3f:f0:0c:2d:51:
e3:b2:cd:a1:d5:1f:24:fa:05:df:5a:66:5b:3e:f3:
f2:6a:bb:d0:e7:c1:1e:88:1d:50:d5:7d:05:66:ed:
ae:8e:97:1e:c9:8b:44:85:59:ed:92:f1:73:13:a3:
99:0b:64:bd:2f:32:c6:c7:09:7b:55:3c:78:b0:59:
0f:fe:d3:c3:23:2d:63:fc:86:47:07:1c:d2:a3:cc:
92:98:ae:38:a8:ff:78:4a:00:54:70:0b:bd:40:da:
6b:c3:96:34:83:1f:5c:bd:b7:d4:e3:34:07:7b:f5:
82:6f:3d:27:f6:81:d7:8d:b9:83:9d:38:16:a0:12:
b8:b3:45:57:28:ea:0c:65:7a:65:07:80:04:cb:84:
bd:4c:7a:bf:a1:5c:4f:f8:a2:8d:62:c9:42:c2:25:
7b:8c:4d:11:69:6e:db:a5:9b:0c:04:47:c2:aa:6b:
81:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A4:2F:1C:48:C3:C0:F5:62:A5:74:62:C6:96:FE:EB:D2:D2:62:32
X509v3 Authority Key Identifier:
keyid:78:70:54:B1:67:AA:98:84:1C:DC:2C:4B:A2:B8:61:39:AB:98:8E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHBUsWeqmIQc3CxLorhhOauYjn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/2KQvHEjDwPVipXRixpb-69LSYjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/eHBUsWeqmIQc3CxLorhhOauYjn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.32.0/22
Signature Algorithm: sha256WithRSAEncryption
31:c9:c8:28:28:cb:18:33:5b:0e:ba:fb:94:1f:6b:80:10:66:
91:6a:97:60:b0:23:26:60:44:b9:51:ef:83:cf:5f:71:bd:b6:
d6:82:ec:b5:62:52:c7:aa:73:e1:cf:5d:0b:3d:1e:76:bb:0c:
80:5e:6a:63:3b:17:be:b4:3a:77:34:53:03:b7:ea:43:c6:1b:
34:82:8a:07:74:f5:31:df:80:c9:f8:0a:92:05:a1:6b:7f:00:
97:49:7b:99:de:c2:68:c0:1f:ef:09:09:da:fa:69:a6:d8:fb:
a9:b2:7b:df:b0:7e:a7:00:03:f0:61:10:c0:2d:1e:c2:3c:b2:
14:38:4a:db:00:36:83:ae:f9:07:65:bf:ca:41:69:9b:e4:16:
37:b3:28:69:12:7a:9a:51:58:f5:37:05:83:f3:ac:1f:0e:33:
0c:ab:08:42:64:2d:67:4e:71:03:2c:8e:f1:f4:e4:94:a6:10:
06:8f:1c:77:5e:4f:fa:5f:2b:cc:07:d2:ec:3c:b3:8a:db:38:
da:c2:b0:1a:12:b9:23:52:4d:20:4c:52:45:e8:e7:bd:27:8a:
2f:5b:54:d8:ac:81:ab:1a:35:b3:f7:77:6d:41:5f:a8:cd:eb:
68:c9:39:d2:2e:c2:b3:83:d2:54:49:d9:61:e3:4c:b0:94:3d:
18:a3:5c:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKj3k6Q5IGwzPi8KdEfQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzA1NGIxNjdhYTk4ODQxY2RjMmM0YmEyYjg2MTM5YWI5
ODhlN2QwHhcNMjQwMTAyMTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE0MmYxYzQ4YzNjMGY1NjJhNTc0NjJjNjk2ZmVlYmQyZDI2MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0/c0yB5ePbzswjgiJFex0sZy7rs
y2M2+qVZXZ1ivEWPTJ5WmecfqbNDsjc9K//Ykzg5GA069vFAEGQkl6jzCOCep65N
j7DDqK3n12fCPN3OAUe5P/AMLVHjss2h1R8k+gXfWmZbPvPyarvQ58EeiB1Q1X0F
Zu2ujpceyYtEhVntkvFzE6OZC2S9LzLGxwl7VTx4sFkP/tPDIy1j/IZHBxzSo8yS
mK44qP94SgBUcAu9QNprw5Y0gx9cvbfU4zQHe/WCbz0n9oHXjbmDnTgWoBK4s0VX
KOoMZXplB4AEy4S9THq/oVxP+KKNYslCwiV7jE0RaW7bpZsMBEfCqmuB0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNikLxxIw8D1YqV0YsaW/uvS0mIyMB8GA1UdIwQY
MBaAFHhwVLFnqpiEHNwsS6K4YTmrmI59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhCVXNXZXFtSVFjM0N4TG9yaGhPYXVZam4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mZmE3MDMtYjQ2Mi00MDIyLTllMWUt
NmQ3MDRjZGEwZWI5LzEvMktRdkhFakR3UFZpcFhSaXhwYi02OUxTWWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mZmE3MDMtYjQ2Mi00MDIyLTllMWUtNmQ3MDRjZGEwZWI5
LzEvZUhCVXNXZXFtSVFjM0N4TG9yaGhPYXVZam4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjsgMA0G
CSqGSIb3DQEBCwUAA4IBAQAxycgoKMsYM1sOuvuUH2uAEGaRapdgsCMmYES5Ue+D
z19xvbbWguy1YlLHqnPhz10LPR52uwyAXmpjOxe+tDp3NFMDt+pDxhs0gooHdPUx
34DJ+AqSBaFrfwCXSXuZ3sJowB/vCQna+mmm2PupsnvfsH6nAAPwYRDALR7CPLIU
OErbADaDrvkHZb/KQWmb5BY3syhpEnqaUVj1NwWD86wfDjMMqwhCZC1nTnEDLI7x
9OSUphAGjxx3Xk/6XyvMB9LsPLOK2zjawrAaErkjUk0gTFJF6Oe9J4ovW1TYrIGr
GjWz93dtQV+ozetoyTnSLsKzg9JUSdlh40ywlD0Yo1xV
-----END CERTIFICATE-----
Generated at Fri Nov 1 16:06:58 2024 by rpki-client on console-ams.rpki-client.org