Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/YFH4vVFsfHGrvYQSPFIc3jJR7wE.roa
File: YFH4vVFsfHGrvYQSPFIc3jJR7wE.roa (raw, json)
Hash identifier: mKCrpIcSlq1FtOytKAobfU+COTmfqOdNv6jek4Tqejc=
Subject key identifier: 60:51:F8:BD:51:6C:7C:71:AB:BD:84:12:3C:52:1C:DE:32:51:EF:01
Certificate issuer: /CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Certificate serial: 0977C6B7
Authority key identifier: 66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/YFH4vVFsfHGrvYQSPFIc3jJR7wE.roa
Signing time: Mon 07 Feb 2022 13:34:30 +0000
ROA not before: Mon 07 Feb 2022 13:34:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 193.160.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158844599 (0x977c6b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Validity
Not Before: Feb 7 13:34:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6051f8bd516c7c71abbd84123c521cde3251ef01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:fd:d7:29:32:63:cf:84:4a:ff:ea:cd:41:
c1:2e:99:a6:26:23:d1:70:27:0d:72:a6:0e:ec:28:
8b:79:ba:1f:cf:6a:9d:0c:fb:be:70:5c:19:aa:5a:
6a:6c:5b:24:ce:3d:de:bb:6a:bc:cd:8a:08:65:16:
de:37:50:82:66:d8:11:5a:35:21:00:38:de:7a:2e:
3d:5e:dc:e1:1c:fc:0d:1c:08:e2:6a:8f:15:c8:4f:
6c:6b:6a:4f:b5:fe:ef:a6:ac:98:ba:b4:2b:b4:74:
41:1f:b5:11:6a:c4:5a:a3:18:05:aa:6d:79:66:97:
ab:6c:fc:d8:14:9d:61:c6:ff:b9:3e:b4:a2:17:d9:
bb:75:e9:a0:a9:e6:db:6f:34:e1:07:df:5a:c6:55:
fc:df:b7:86:1b:ac:2e:e6:77:ae:bf:d5:4b:65:7f:
9e:f8:30:bb:f8:01:0b:df:87:44:be:7b:8c:d4:44:
c1:6b:59:d7:e5:77:06:46:35:65:5a:05:d3:1e:ba:
62:01:f2:f5:b4:1f:71:76:8c:64:71:59:8d:28:4b:
29:94:45:24:e6:02:86:8e:03:1e:65:19:93:db:94:
e4:db:cd:f5:0f:2d:08:14:ac:4d:b7:98:aa:5f:98:
0d:f7:1b:ac:ba:a8:91:7a:13:e4:3f:df:d4:38:31:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:51:F8:BD:51:6C:7C:71:AB:BD:84:12:3C:52:1C:DE:32:51:EF:01
X509v3 Authority Key Identifier:
keyid:66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/YFH4vVFsfHGrvYQSPFIc3jJR7wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Zu8xraxmOFWz3dGTHETPgGTWpus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.154.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:eb:75:16:9f:91:6f:59:20:69:f7:4b:f9:b1:e3:7d:0b:0d:
e5:a5:dd:ca:e1:af:2d:5d:53:d3:bb:d3:a6:c4:1e:9e:88:13:
b3:ff:dc:24:2a:85:9c:5f:bd:f5:d2:cc:77:31:8c:1d:e2:64:
b9:84:14:5e:e3:28:fe:54:20:f3:c4:43:ac:aa:78:ba:17:1b:
d9:31:5a:ac:a9:ab:1b:96:a4:f1:29:83:a4:11:07:d5:f1:9c:
87:4a:6c:ea:d9:08:59:b7:6d:d6:28:fe:e7:4b:f2:b4:6e:3d:
20:6c:6a:df:f8:61:1b:05:4d:e2:22:78:84:2e:6b:3c:34:ad:
e9:07:72:0d:a4:e7:e1:f1:07:17:22:bd:6b:dc:9f:a6:8a:ac:
92:45:52:66:78:5c:cf:54:bb:70:38:a6:7f:c7:52:ef:d1:f3:
e3:ec:d9:d3:e8:d5:97:62:3a:1e:d7:f1:eb:b5:e7:c3:21:2e:
3c:d3:b4:66:36:01:98:6c:b0:7a:2d:a1:85:af:e5:65:aa:92:
e8:65:50:88:da:dc:01:87:9c:ba:a5:b2:e3:b0:e9:7e:8a:f0:
28:f4:47:d2:13:6f:8a:11:93:1d:7d:b5:7b:2a:eb:11:c0:fe:
6d:a1:bd:ca:27:a1:a4:de:41:05:7e:44:34:ae:04:86:1f:b3:
9a:d1:0b:cb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECXfGtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmVmMzFhZGFjNjYzODU1YjNkZGQxOTMxYzQ0Y2Y4MDY0ZDZhNmViMB4XDTIyMDIw
NzEzMzQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA1MWY4YmQ1MTZj
N2M3MWFiYmQ4NDEyM2M1MjFjZGUzMjUxZWYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHp/dcpMmPPhEr/6s1BwS6ZpiYj0XAnDXKmDuwoi3m6H89q
nQz7vnBcGapaamxbJM493rtqvM2KCGUW3jdQgmbYEVo1IQA43nouPV7c4Rz8DRwI
4mqPFchPbGtqT7X+76asmLq0K7R0QR+1EWrEWqMYBapteWaXq2z82BSdYcb/uT60
ohfZu3XpoKnm22804QffWsZV/N+3hhusLuZ3rr/VS2V/nvgwu/gBC9+HRL57jNRE
wWtZ1+V3BkY1ZVoF0x66YgHy9bQfcXaMZHFZjShLKZRFJOYCho4DHmUZk9uU5NvN
9Q8tCBSsTbeYql+YDfcbrLqokXoT5D/f1DgxtTcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgUfi9UWx8cau9hBI8UhzeMlHvATAfBgNVHSMEGDAWgBRm7zGtrGY4VbPd
0ZMcRM+AZNam6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p1OHhyYXhtT0ZXejNkR1RIRVRQZ0dUV3B1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvZWQ0ZGEwLTA2NDctNDQ2Zi1iMDY1LWRiMGRjYzA4ZjQ1Mi8x
L1lGSDR2VkZzZkhHcnZZUVNQRkljM2pKUjd3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ZWQ0ZGEwLTA2NDctNDQ2Zi1iMDY1LWRiMGRjYzA4ZjQ1Mi8xL1p1OHhyYXhtT0ZX
ejNkR1RIRVRQZ0dUV3B1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGgmjANBgkqhkiG9w0BAQsFAAOC
AQEAPut1Fp+Rb1kgafdL+bHjfQsN5aXdyuGvLV1T07vTpsQenogTs//cJCqFnF+9
9dLMdzGMHeJkuYQUXuMo/lQg88RDrKp4uhcb2TFarKmrG5ak8SmDpBEH1fGch0ps
6tkIWbdt1ij+50vytG49IGxq3/hhGwVN4iJ4hC5rPDSt6QdyDaTn4fEHFyK9a9yf
poqskkVSZnhcz1S7cDimf8dS79Hz4+zZ0+jVl2I6Htfx67XnwyEuPNO0ZjYBmGyw
ei2hha/lZaqS6GVQiNrcAYecuqWy47DpforwKPRH0hNvihGTHX21eyrrEcD+baG9
yiehpN5BBX5ENK4Ehh+zmtELyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:24 2025 by rpki-client