Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/hneEI4ylnkf5Lg-F5FZKM5VGZO4.roa
File: hneEI4ylnkf5Lg-F5FZKM5VGZO4.roa (raw, json)
Hash identifier: iPrad/Wwp8wvgQGfsVqLfjhf2gFZgXnmdDxqimD724Y=
Subject key identifier: 86:77:84:23:8C:A5:9E:47:F9:2E:0F:85:E4:56:4A:33:95:46:64:EE
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018EBF65EFA7C10F8FEDF34FFAE54EA5442A
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/hneEI4ylnkf5Lg-F5FZKM5VGZO4.roa
Signing time: Mon 08 Apr 2024 20:28:32 +0000
ROA not before: Mon 08 Apr 2024 20:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15855
IP address blocks: 31.1.0.0/16 maxlen: 16
31.2.0.0/17 maxlen: 17
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:65:ef:a7:c1:0f:8f:ed:f3:4f:fa:e5:4e:a5:44:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Apr 8 20:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=867784238ca59e47f92e0f85e4564a33954664ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:22:9c:4a:86:94:5f:06:a1:ea:8d:af:db:
66:ac:c7:62:d6:e4:90:53:30:51:21:65:03:b6:83:
39:64:11:e1:9f:2b:59:aa:bc:a6:c1:5f:ee:8a:23:
46:fb:c7:de:9a:ff:05:dd:b0:32:92:ee:6c:71:22:
ed:8b:a7:d9:13:1b:e0:2f:ce:79:1b:5a:20:bb:6b:
ac:3b:cc:10:1c:07:e5:ca:df:1e:09:ee:29:1c:5d:
24:db:21:ac:bf:79:cf:63:02:e5:95:f6:bb:9c:f9:
7f:51:57:e0:91:1c:c5:0a:83:5e:71:74:66:ab:7c:
35:f6:63:f8:ab:3c:ae:7f:aa:38:c0:89:cb:f4:46:
4c:60:30:e1:bf:3c:81:4f:40:e3:a4:d8:93:cd:9e:
3b:16:68:6d:a6:f7:ef:54:4d:e7:21:e0:47:d2:2a:
bb:18:ab:2a:20:e1:bc:9a:fd:e9:65:2e:fb:23:03:
77:3d:6b:ce:8c:22:4e:24:30:15:0c:05:14:8c:c7:
30:f4:73:18:67:fe:b6:7e:da:42:76:a5:89:de:53:
e1:b1:4d:64:4b:37:df:bf:71:2e:9f:86:43:b5:d1:
5a:41:03:e6:ab:22:fc:c7:91:96:53:02:37:03:56:
26:99:68:ca:70:fe:3d:d3:f1:be:e5:0b:de:00:bd:
4e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:77:84:23:8C:A5:9E:47:F9:2E:0F:85:E4:56:4A:33:95:46:64:EE
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/hneEI4ylnkf5Lg-F5FZKM5VGZO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.1.0.0-31.2.127.255
Signature Algorithm: sha256WithRSAEncryption
90:1b:c6:b7:61:33:43:e4:63:52:a6:8e:b4:8e:3e:4d:3e:04:
8c:e3:ed:23:bc:bf:4b:e4:8c:34:00:b2:79:7c:8f:fb:27:5b:
be:e6:03:f2:c5:b7:3a:e3:1d:5c:82:a5:55:26:78:a1:51:f2:
b7:a1:31:9a:f2:0c:1e:4c:80:71:ef:8d:ca:f9:b9:4b:6d:25:
d2:a2:0d:22:31:4e:84:5d:7a:b2:ba:d8:ee:86:40:c9:0c:0f:
89:42:6c:d8:e3:cb:d6:4d:c7:36:20:ef:a1:1a:24:1b:9a:34:
6e:2b:1e:4a:ee:0d:31:59:9b:39:b0:f5:86:e7:09:e0:66:5b:
4a:e1:8d:b3:f1:81:09:4c:6f:91:d2:55:2a:2e:0e:58:49:90:
38:dc:43:a5:6b:55:c9:77:ae:20:b7:84:0b:d4:c8:70:1c:b4:
f3:9d:55:28:eb:ed:18:3a:5a:cd:4e:bf:0a:b4:3a:69:5e:38:
2b:55:46:2a:31:2a:5c:e3:43:82:51:50:fb:d8:6f:17:91:89:
67:15:40:50:66:a2:4a:45:04:b5:06:28:73:3a:50:f7:61:bb:
a6:29:4c:11:d4:c1:2a:3d:87:76:56:d7:ef:a7:b7:41:cb:b7:
6a:36:66:c6:fc:d8:49:6f:01:c2:7c:a5:69:e0:36:e2:11:81:
16:66:e7:f5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY6/Ze+nwQ+P7fNP+uVOpUQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNDA4MjAyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njc3ODQyMzhjYTU5ZTQ3ZjkyZTBmODVlNDU2NGEzMzk1NDY2NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytoinEqGlF8GoeqNr9tmrMdi1uSQ
UzBRIWUDtoM5ZBHhnytZqrymwV/uiiNG+8femv8F3bAyku5scSLti6fZExvgL855
G1ogu2usO8wQHAflyt8eCe4pHF0k2yGsv3nPYwLllfa7nPl/UVfgkRzFCoNecXRm
q3w19mP4qzyuf6o4wInL9EZMYDDhvzyBT0DjpNiTzZ47FmhtpvfvVE3nIeBH0iq7
GKsqIOG8mv3pZS77IwN3PWvOjCJOJDAVDAUUjMcw9HMYZ/62ftpCdqWJ3lPhsU1k
Szffv3Eun4ZDtdFaQQPmqyL8x5GWUwI3A1YmmWjKcP490/G+5QveAL1OTQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFIZ3hCOMpZ5H+S4PheRWSjOVRmTuMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvaG5lRUk0eWxua2Y1TGctRjVGWktNNVZHWk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwAfAQME
Bx8CADANBgkqhkiG9w0BAQsFAAOCAQEAkBvGt2EzQ+RjUqaOtI4+TT4EjOPtI7y/
S+SMNACyeXyP+ydbvuYD8sW3OuMdXIKlVSZ4oVHyt6ExmvIMHkyAce+Nyvm5S20l
0qINIjFOhF16srrY7oZAyQwPiUJs2OPL1k3HNiDvoRokG5o0biseSu4NMVmbObD1
hucJ4GZbSuGNs/GBCUxvkdJVKi4OWEmQONxDpWtVyXeuILeEC9TIcBy0851VKOvt
GDpazU6/CrQ6aV44K1VGKjEqXONDglFQ+9hvF5GJZxVAUGaiSkUEtQYoczpQ92G7
pilMEdTBKj2HdlbX76e3Qcu3ajZmxvzYSW8BwnylaeA24hGBFmbn9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:00 2024 by rpki-client on console-ams.rpki-client.org