Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/y5bW_TvzKnFCb-tLhyyJgKnZuUc.roa
File: y5bW_TvzKnFCb-tLhyyJgKnZuUc.roa (raw, json)
Hash identifier: RRshtBWJEAFkzXamGC993PDmd7c8NENDoFtNkkZJMH0=
Subject key identifier: CB:96:D6:FD:3B:F3:2A:71:42:6F:EB:4B:87:2C:89:80:A9:D9:B9:47
Certificate issuer: /CN=98241aac9eda7bef69089f647b5d8f774ff43a26
Certificate serial: 018CC9BC70B63A39259883D72749DF4F0586
Authority key identifier: 98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/y5bW_TvzKnFCb-tLhyyJgKnZuUc.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33972
IP address blocks: 87.242.66.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:70:b6:3a:39:25:98:83:d7:27:49:df:4f:05:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98241aac9eda7bef69089f647b5d8f774ff43a26
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb96d6fd3bf32a71426feb4b872c8980a9d9b947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:40:b6:c6:5d:25:d7:74:00:05:49:6f:24:0b:
a8:12:4e:09:f3:e1:46:c7:7b:f1:3b:19:32:fd:14:
10:d1:95:de:a8:31:d9:e3:d1:ad:ec:c9:93:34:28:
cc:ad:3a:60:70:cc:a8:ce:b4:73:0e:bc:4f:9e:88:
7a:f2:76:bd:dc:6d:65:cd:f2:30:27:d9:35:6d:f3:
c9:df:be:bf:c7:9e:cc:1f:ae:28:10:66:d5:11:f4:
92:f2:0a:fe:7e:2d:2d:0b:a8:70:8f:17:a3:50:c2:
e1:8e:9e:49:e3:69:e2:41:a4:16:ac:f8:42:d4:93:
f1:32:6e:13:9a:9d:33:fb:13:cd:67:99:0b:3c:47:
17:fd:50:97:00:23:90:97:47:4c:b9:32:2a:e7:df:
c9:97:ac:b9:c9:44:c6:4d:87:b2:80:33:28:66:4b:
14:59:87:9b:01:fa:b5:49:6a:5b:94:b9:96:79:fb:
04:2e:50:0d:05:8e:fd:ce:53:ce:53:66:e4:18:25:
6d:23:28:9b:e2:bb:f1:90:02:3e:8a:c2:6b:29:93:
14:d2:8e:4b:4b:05:73:04:41:3d:4a:78:7f:9c:bd:
aa:cf:79:8d:64:80:c8:90:6f:0c:7d:cf:fd:49:46:
62:38:5e:10:5b:7e:cd:76:7a:73:a0:49:f9:d4:da:
b2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:96:D6:FD:3B:F3:2A:71:42:6F:EB:4B:87:2C:89:80:A9:D9:B9:47
X509v3 Authority Key Identifier:
keyid:98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/y5bW_TvzKnFCb-tLhyyJgKnZuUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.242.66.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:a7:5b:20:5b:78:d1:e8:6c:2a:9f:90:9f:8f:56:f5:b8:ac:
92:a1:83:d1:6b:4f:b9:0f:16:3e:02:09:ec:2a:e4:89:d9:75:
a3:46:f9:0e:06:b9:10:23:1e:90:83:a4:7e:38:47:2a:1a:60:
09:17:d0:54:a5:a0:79:91:a4:06:57:30:9f:bf:1e:77:fa:a3:
c4:7a:c4:d5:8c:d8:51:18:94:30:40:ab:cd:cd:9a:83:80:33:
b8:3f:85:27:d8:c2:76:f4:ec:d3:f0:c9:d3:a5:12:89:ea:6e:
e4:7a:2b:7e:22:51:c4:f0:f9:ae:03:5f:25:03:2b:88:02:80:
b8:fc:aa:66:55:71:e9:5f:2c:38:e5:59:60:4d:4f:32:fe:af:
e4:93:53:b7:41:74:e2:6b:5f:d3:af:26:75:74:c9:3a:eb:df:
6d:2b:d0:10:ed:80:c9:39:c3:f7:37:3a:89:19:30:5d:70:b9:
d2:fb:03:7d:4e:2b:31:62:0d:e7:92:75:88:d3:2f:ab:24:b0:
c5:8e:68:b5:65:1a:4f:d0:cc:dd:d2:98:5e:ac:ab:35:44:0f:
bc:a6:30:c4:7c:37:4f:c5:49:04:5c:16:dc:1a:41:6c:64:51:
64:e3:d6:2c:41:88:71:fa:29:f4:70:63:87:fb:6a:b3:e4:6c:
24:2a:23:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvHC2OjklmIPXJ0nfTwWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MjQxYWFjOWVkYTdiZWY2OTA4OWY2NDdiNWQ4Zjc3NGZm
NDNhMjYwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk2ZDZmZDNiZjMyYTcxNDI2ZmViNGI4NzJjODk4MGE5ZDliOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0C2xl0l13QABUlvJAuoEk4J8+FG
x3vxOxky/RQQ0ZXeqDHZ49Gt7MmTNCjMrTpgcMyozrRzDrxPnoh68na93G1lzfIw
J9k1bfPJ376/x57MH64oEGbVEfSS8gr+fi0tC6hwjxejUMLhjp5J42niQaQWrPhC
1JPxMm4Tmp0z+xPNZ5kLPEcX/VCXACOQl0dMuTIq59/Jl6y5yUTGTYeygDMoZksU
WYebAfq1SWpblLmWefsELlANBY79zlPOU2bkGCVtIyib4rvxkAI+isJrKZMU0o5L
SwVzBEE9Snh/nL2qz3mNZIDIkG8Mfc/9SUZiOF4QW37NdnpzoEn51Nqy2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuW1v078ypxQm/rS4csiYCp2blHMB8GA1UdIwQY
MBaAFJgkGqye2nvvaQifZHtdj3dP9DomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMt
MzVkZTM4NGMwOTgyLzEveTViV19UdnpLbkZDYi10TGh5eUpnS25adVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMtMzVkZTM4NGMwOTgy
LzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/JCMA0G
CSqGSIb3DQEBCwUAA4IBAQC4p1sgW3jR6Gwqn5Cfj1b1uKySoYPRa0+5DxY+Agns
KuSJ2XWjRvkOBrkQIx6Qg6R+OEcqGmAJF9BUpaB5kaQGVzCfvx53+qPEesTVjNhR
GJQwQKvNzZqDgDO4P4Un2MJ29OzT8MnTpRKJ6m7keit+IlHE8PmuA18lAyuIAoC4
/KpmVXHpXyw45VlgTU8y/q/kk1O3QXTia1/TryZ1dMk6699tK9AQ7YDJOcP3NzqJ
GTBdcLnS+wN9TisxYg3nknWI0y+rJLDFjmi1ZRpP0Mzd0pherKs1RA+8pjDEfDdP
xUkEXBbcGkFsZFFk49YsQYhx+in0cGOH+2qz5GwkKiPG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:59 2024 by rpki-client on console-ams.rpki-client.org