Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/cFCypHPkY7k9A2NE4zUAHNHxY_g.roa
File: cFCypHPkY7k9A2NE4zUAHNHxY_g.roa (raw, json)
Hash identifier: WvfYDgZ48fWMbqrn96n10i9n56Ig8dKGZ6DPB2Vwp4E=
Subject key identifier: 70:50:B2:A4:73:E4:63:B9:3D:03:63:44:E3:35:00:1C:D1:F1:63:F8
Certificate issuer: /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial: 0241F5C5
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/cFCypHPkY7k9A2NE4zUAHNHxY_g.roa
Signing time: Sat 01 Jan 2022 01:58:05 +0000
ROA not before: Sat 01 Jan 2022 01:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51069
IP address blocks: 193.194.108.0/22 maxlen: 23
178.219.80.0/20 maxlen: 24
31.129.64.0/19 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37877189 (0x241f5c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Validity
Not Before: Jan 1 01:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7050b2a473e463b93d036344e335001cd1f163f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d1:60:e2:fc:38:82:66:d3:59:b0:7c:41:66:
6e:fb:e0:67:ad:2e:78:29:62:e0:ca:f7:45:19:59:
39:f3:f2:51:25:94:f5:03:ba:5d:95:c6:7f:4d:16:
7e:12:fd:c2:01:5a:1c:62:b1:16:b0:44:ff:f3:c8:
a2:46:dc:c0:47:02:b2:f3:f9:46:ab:ef:90:61:e8:
9b:73:b2:11:f1:f0:5e:47:90:b3:cf:72:00:ca:bf:
ce:1e:de:ac:0c:47:99:f1:5b:d0:b7:3c:2b:ac:16:
d1:e4:82:ad:79:dc:8f:c7:25:0a:15:72:f9:b3:2d:
d3:d5:c1:70:b1:9e:d9:7c:cb:74:1e:89:ca:2c:f1:
80:2c:6a:cd:f7:ca:fc:ca:24:e6:74:5d:5c:10:31:
20:49:fb:09:f7:68:81:92:73:15:e1:7e:31:22:b0:
ab:79:15:56:23:44:28:08:93:5b:25:23:59:12:c5:
ae:bf:d2:8d:f9:6d:af:a9:d8:83:9b:e5:e1:71:87:
4b:b4:6f:27:4f:16:82:dc:80:26:4d:95:13:d3:76:
3f:28:71:2d:5e:4a:4b:d8:d0:9e:20:63:7d:db:2b:
3d:53:88:9c:0f:62:0a:88:af:36:b6:75:73:bb:f5:
b6:d1:d8:36:01:5c:dd:07:97:0a:88:5f:de:2a:68:
a1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:50:B2:A4:73:E4:63:B9:3D:03:63:44:E3:35:00:1C:D1:F1:63:F8
X509v3 Authority Key Identifier:
keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/cFCypHPkY7k9A2NE4zUAHNHxY_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.64.0/19
178.219.80.0/20
193.194.108.0/22
Signature Algorithm: sha256WithRSAEncryption
88:8a:00:6b:4b:da:6c:71:61:7c:8a:2a:d5:09:18:be:e9:27:
73:cf:2a:fc:9a:71:2a:42:35:43:d9:99:91:3d:ac:1b:40:c9:
e1:1c:4b:ae:58:92:78:f9:cc:80:69:42:70:e2:70:68:b5:05:
4c:8e:8c:22:0f:cc:b3:44:91:66:69:e8:cf:61:d8:c5:3b:68:
15:0c:2c:e3:45:6d:d7:47:55:4f:91:17:fc:5d:00:64:6e:c5:
ad:dc:dc:82:6e:91:53:ea:ed:cf:5b:12:37:96:fd:e7:49:d2:
e9:39:b2:d8:1b:db:74:98:a9:cc:fe:22:05:4f:3e:df:1a:48:
f0:ec:49:a8:e7:c2:b7:e9:00:46:4b:23:fd:9c:7d:a0:da:20:
d2:d5:92:de:a4:04:d2:eb:7a:3d:bb:af:cd:25:1a:f8:da:d9:
01:b4:04:a2:a2:97:c9:18:4b:a0:38:65:76:bf:7a:69:1d:f5:
72:02:21:be:80:e1:45:1c:26:2c:a7:cb:c3:3b:38:a4:ed:b5:
5b:6c:49:fe:e4:d7:e0:1e:27:05:08:aa:df:f1:e9:65:46:1f:
0d:68:9e:d4:83:a4:bb:e5:38:56:16:67:24:bd:58:95:71:37:
67:ce:78:30:2d:58:9f:26:75:6d:57:4f:e5:f8:b4:6f:e6:db:
82:9f:de:dd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAkH1xTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGM0ODNiNzVjMmRiMWNmOWZmNGU5NGM3YTBmZGYwZGIwMDAwZjAwMB4XDTIyMDEw
MTAxNTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA1MGIyYTQ3M2U0
NjNiOTNkMDM2MzQ0ZTMzNTAwMWNkMWYxNjNmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLRYOL8OIJm01mwfEFmbvvgZ60ueCli4Mr3RRlZOfPyUSWU
9QO6XZXGf00WfhL9wgFaHGKxFrBE//PIokbcwEcCsvP5RqvvkGHom3OyEfHwXkeQ
s89yAMq/zh7erAxHmfFb0Lc8K6wW0eSCrXncj8clChVy+bMt09XBcLGe2XzLdB6J
yizxgCxqzffK/Mok5nRdXBAxIEn7CfdogZJzFeF+MSKwq3kVViNEKAiTWyUjWRLF
rr/Sjfltr6nYg5vl4XGHS7RvJ08WgtyAJk2VE9N2PyhxLV5KS9jQniBjfdsrPVOI
nA9iCoivNrZ1c7v1ttHYNgFc3QeXCohf3ipooYcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRwULKkc+RjuT0DY0TjNQAc0fFj+DAfBgNVHSMEGDAWgBToxIO3XC2xz5/0
6Ux6D98NsAAPADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZNU0R0MXd0c2MtZjlPbE1lZ19mRGJBQUR3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMzFmZGEwLTdhYWEtNDYxYy1hMzUyLWViMzViZmEwNjVhZC8x
L2NGQ3lwSFBrWTdrOUEyTkU0elVBSE5IeFlfZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MzFmZGEwLTdhYWEtNDYxYy1hMzUyLWViMzViZmEwNjVhZC8xLzZNU0R0MXd0c2Mt
ZjlPbE1lZ19mRGJBQUR3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBR+BQAMEBLLbUAMEAsHCbDANBgkq
hkiG9w0BAQsFAAOCAQEAiIoAa0vabHFhfIoq1QkYvuknc88q/JpxKkI1Q9mZkT2s
G0DJ4RxLrliSePnMgGlCcOJwaLUFTI6MIg/Ms0SRZmnoz2HYxTtoFQws40Vt10dV
T5EX/F0AZG7Frdzcgm6RU+rtz1sSN5b950nS6Tmy2BvbdJipzP4iBU8+3xpI8OxJ
qOfCt+kARksj/Zx9oNog0tWS3qQE0ut6PbuvzSUa+NrZAbQEoqKXyRhLoDhldr96
aR31cgIhvoDhRRwmLKfLwzs4pO21W2xJ/uTX4B4nBQiq3/HpZUYfDWie1IOku+U4
VhZnJL1YlXE3Z854MC1YnyZ1bVdP5fi0b+bbgp/e3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:44 2025 by rpki-client