Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/YSFW2uvFKqj36a6jMu9OzBQMGgI.roa
File: YSFW2uvFKqj36a6jMu9OzBQMGgI.roa (raw, json)
Hash identifier: ZN9GS9kGVTruIQ2EuZLoX3vsMH8a+HE2pkbgFY4ugXM=
Subject key identifier: 61:21:56:DA:EB:C5:2A:A8:F7:E9:AE:A3:32:EF:4E:CC:14:0C:1A:02
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 01855EFD60E69D2C82C8F21790CD6779A105
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/YSFW2uvFKqj36a6jMu9OzBQMGgI.roa
Signing time: Thu 29 Dec 2022 17:45:41 +0000
ROA not before: Thu 29 Dec 2022 17:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 176.114.84.0/22 maxlen: 22
176.114.92.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:fd:60:e6:9d:2c:82:c8:f2:17:90:cd:67:79:a1:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Dec 29 17:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=612156daebc52aa8f7e9aea332ef4ecc140c1a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:e9:98:a5:ef:92:53:51:4e:75:bc:b9:bb:
81:f2:e8:3d:79:c6:1c:92:98:e0:14:0c:8c:02:7a:
c1:97:7c:b3:6b:de:5b:81:ea:89:15:2e:fa:37:7e:
54:35:4e:3b:ce:bc:ac:34:6b:d0:b4:bd:12:32:d5:
50:99:75:5f:39:10:49:c8:49:97:27:c3:aa:5a:42:
18:e3:6e:ab:64:7b:7b:26:4d:60:24:50:f5:d8:d4:
99:18:eb:b5:03:b6:b0:17:b7:30:d5:ab:12:f0:00:
9f:1d:b5:ff:e0:0c:0f:92:c0:67:d1:a9:ad:d8:a9:
e6:79:02:10:93:7c:3e:8f:68:08:97:95:f3:db:5b:
f6:36:cb:40:72:19:36:50:a9:7a:d1:13:65:1c:e4:
6e:66:eb:2a:1c:a8:3e:15:ab:a4:68:a4:cc:a1:3a:
9e:df:b1:e1:08:b6:da:9f:1c:38:3b:e7:ae:c4:97:
e6:ed:71:10:ac:70:f7:26:b5:b1:4a:13:cf:ac:b6:
f8:dc:76:e8:00:fb:c5:54:92:6e:ac:57:b5:f8:de:
71:a4:32:20:b0:02:2b:b0:2a:22:02:fc:fe:cc:ca:
0d:0f:03:1b:7d:64:2f:fe:e6:4f:3d:96:e4:a8:21:
8e:67:62:b9:f2:b3:b1:9a:61:4f:1b:1f:65:0d:57:
a2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:21:56:DA:EB:C5:2A:A8:F7:E9:AE:A3:32:EF:4E:CC:14:0C:1A:02
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/YSFW2uvFKqj36a6jMu9OzBQMGgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.84.0/22
176.114.92.0/22
Signature Algorithm: sha256WithRSAEncryption
58:d6:14:6b:ef:05:2c:43:50:19:1e:22:40:fc:b7:14:2f:f1:
c7:96:97:41:c5:79:98:83:3d:51:0e:99:bc:ca:a8:7a:2f:df:
16:07:61:1d:32:42:b6:8f:a9:49:01:f9:92:b5:00:31:f6:72:
d3:44:fa:75:d3:4e:de:f7:2b:ce:61:6b:89:bf:8b:eb:65:89:
30:bc:d2:c5:e7:fb:21:bc:f3:06:84:dd:ac:12:d5:62:9c:c9:
1b:71:c9:85:52:bf:7a:fd:78:66:2d:03:fe:b5:ae:bc:8d:94:
b6:fb:03:7f:c1:08:7a:d4:fd:95:80:1f:39:26:77:a6:c3:24:
48:39:54:73:27:4c:26:86:d2:0c:46:f5:05:b7:6e:ed:53:58:
29:8c:b8:1c:cd:75:c9:7a:5b:9e:7f:b3:55:3a:89:b1:6d:fb:
6e:86:83:f4:49:36:84:0e:87:d9:9e:eb:19:c2:76:10:ff:7d:
e0:54:61:03:54:71:a1:04:7f:d2:fa:01:4a:97:36:0a:99:c4:
f8:c2:67:1a:4f:63:eb:b1:45:e6:c9:6c:48:26:1d:b4:a2:56:
ed:93:4c:22:43:76:d8:4c:0e:1a:d6:64:53:33:23:d0:96:4c:
6d:c2:7f:63:9c:b7:ba:4f:b8:69:a1:6a:6a:8d:98:e0:22:d0:
0c:b4:a6:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVe/WDmnSyCyPIXkM1neaEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjIxMjI5MTc0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIxNTZkYWViYzUyYWE4ZjdlOWFlYTMzMmVmNGVjYzE0MGMxYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+LpmKXvklNRTnW8ubuB8ug9ecYc
kpjgFAyMAnrBl3yza95bgeqJFS76N35UNU47zrysNGvQtL0SMtVQmXVfORBJyEmX
J8OqWkIY426rZHt7Jk1gJFD12NSZGOu1A7awF7cw1asS8ACfHbX/4AwPksBn0amt
2KnmeQIQk3w+j2gIl5Xz21v2NstAchk2UKl60RNlHORuZusqHKg+FaukaKTMoTqe
37HhCLbanxw4O+euxJfm7XEQrHD3JrWxShPPrLb43HboAPvFVJJurFe1+N5xpDIg
sAIrsCoiAvz+zMoNDwMbfWQv/uZPPZbkqCGOZ2K58rOxmmFPGx9lDVeiGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEhVtrrxSqo9+muozLvTswUDBoCMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvWVNGVzJ1dkZLcWozNmE2ak11OU96QlFNR2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHJUAwQC
sHJcMA0GCSqGSIb3DQEBCwUAA4IBAQBY1hRr7wUsQ1AZHiJA/LcUL/HHlpdBxXmY
gz1RDpm8yqh6L98WB2EdMkK2j6lJAfmStQAx9nLTRPp1007e9yvOYWuJv4vrZYkw
vNLF5/shvPMGhN2sEtVinMkbccmFUr96/XhmLQP+ta68jZS2+wN/wQh61P2VgB85
JnemwyRIOVRzJ0wmhtIMRvUFt27tU1gpjLgczXXJeluef7NVOomxbftuhoP0STaE
DofZnusZwnYQ/33gVGEDVHGhBH/S+gFKlzYKmcT4wmcaT2PrsUXmyWxIJh20olbt
k0wiQ3bYTA4a1mRTMyPQlkxtwn9jnLe6T7hpoWpqjZjgItAMtKak
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org