Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/1fneVo7g3Q6BoP--WU0t7jR6JkQ.roa
File: 1fneVo7g3Q6BoP--WU0t7jR6JkQ.roa (raw, json)
Hash identifier: 3lCVlQI3QK06NtSGd45mEOMbb6AgKFzVPBALtE1W++g=
Subject key identifier: D5:F9:DE:56:8E:E0:DD:0E:81:A0:FF:BE:59:4D:2D:EE:34:7A:26:44
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 018CC9BCFC7EBE14A2048D1E759BD1EDC5F4
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/1fneVo7g3Q6BoP--WU0t7jR6JkQ.roa
Signing time: Tue 02 Jan 2024 10:34:14 +0000
ROA not before: Tue 02 Jan 2024 10:34:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 31.24.251.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fc:7e:be:14:a2:04:8d:1e:75:9b:d1:ed:c5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Jan 2 10:34:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5f9de568ee0dd0e81a0ffbe594d2dee347a2644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:45:0b:e3:a9:32:c5:b9:06:03:5c:0d:91:f0:
74:d1:70:a6:ad:20:f6:97:59:37:cc:cc:c2:5a:ff:
ce:f2:a8:44:b8:65:fd:ab:e2:ee:a4:7c:29:40:3e:
98:2a:71:85:45:5c:65:d0:b9:e4:c5:1f:55:54:bd:
93:4d:94:75:ca:49:2f:b0:35:79:a7:39:db:9e:11:
af:e2:2b:89:48:01:ee:df:0e:d7:ae:0d:78:84:73:
c2:2c:dc:b5:87:ef:eb:e2:6f:51:4a:d5:9b:c8:60:
3e:10:cf:02:2e:d3:a2:52:6c:d8:a5:4c:d5:19:03:
3a:a3:f4:1f:c1:5e:e1:96:33:d5:24:0e:b9:14:3c:
f2:61:47:d9:22:70:5b:dd:db:6c:ff:16:48:9f:41:
c3:03:6b:32:25:b9:e2:d7:ca:3f:75:ec:91:3e:cf:
7a:92:58:cb:94:87:e5:40:c6:04:df:b9:42:5c:13:
39:42:e0:e8:c6:88:45:9e:60:b7:83:bf:ba:07:2a:
e2:8c:50:d4:d1:a8:1e:a9:06:b6:2b:59:e1:38:c3:
61:fa:88:fa:f6:24:3e:fd:d5:f2:40:85:2b:78:90:
e7:b4:fa:12:29:da:40:5e:59:d9:7e:2a:98:b3:cd:
7e:02:e0:11:e8:a9:26:aa:71:59:37:4b:66:29:a4:
31:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F9:DE:56:8E:E0:DD:0E:81:A0:FF:BE:59:4D:2D:EE:34:7A:26:44
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/1fneVo7g3Q6BoP--WU0t7jR6JkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.251.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:48:ba:34:ac:fc:85:b9:ba:dc:31:91:4f:f6:7b:dd:1c:e9:
79:96:99:90:0e:16:d1:bb:70:71:96:cd:96:c1:00:5b:73:8f:
bd:c4:51:f3:4a:dd:94:b7:60:80:8e:e5:af:e7:9c:a7:4c:a1:
cc:15:4d:6e:35:5c:33:55:9f:d5:9c:5c:a9:04:7c:37:c7:16:
aa:34:a1:dd:ac:88:a1:e9:05:17:9f:85:1e:86:db:88:6e:cc:
98:6f:3a:1a:9e:75:63:90:05:34:5a:88:0b:6d:7c:8d:00:e0:
4d:c8:ff:dc:09:50:5c:f9:fa:dc:f1:30:7e:65:78:3d:51:1a:
2a:f4:ff:9d:92:2f:b1:f7:71:43:b6:65:c2:b0:f7:72:6a:dd:
c1:33:ba:fe:b0:9f:96:96:e9:d9:7a:29:0d:c8:68:2f:be:2f:
c1:9e:72:49:22:3c:f7:0d:ec:36:24:3b:75:49:72:b6:68:e7:
2d:3d:17:c4:fc:ea:28:ff:d8:9d:52:c4:8a:2a:52:af:e4:a7:
61:d4:42:6c:14:c8:de:6f:71:bd:85:ad:9b:bd:34:0d:53:bb:
48:2f:30:f4:46:db:37:22:d3:1c:63:eb:54:ab:5d:17:2b:4b:
64:60:e3:b9:4f:60:f6:48:be:ed:b0:f3:66:40:d7:ff:85:ff:
64:4e:64:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvPx+vhSiBI0edZvR7cX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWY5ZGU1NjhlZTBkZDBlODFhMGZmYmU1OTRkMmRlZTM0N2EyNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkUL46kyxbkGA1wNkfB00XCmrSD2
l1k3zMzCWv/O8qhEuGX9q+LupHwpQD6YKnGFRVxl0LnkxR9VVL2TTZR1ykkvsDV5
pznbnhGv4iuJSAHu3w7Xrg14hHPCLNy1h+/r4m9RStWbyGA+EM8CLtOiUmzYpUzV
GQM6o/QfwV7hljPVJA65FDzyYUfZInBb3dts/xZIn0HDA2syJbni18o/deyRPs96
kljLlIflQMYE37lCXBM5QuDoxohFnmC3g7+6ByrijFDU0ageqQa2K1nhOMNh+oj6
9iQ+/dXyQIUreJDntPoSKdpAXlnZfiqYs81+AuAR6KkmqnFZN0tmKaQxjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNX53laO4N0OgaD/vllNLe40eiZEMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvMWZuZVZvN2czUTZCb1AtLVdVMHQ3alI2SmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxj7MA0G
CSqGSIb3DQEBCwUAA4IBAQCrSLo0rPyFubrcMZFP9nvdHOl5lpmQDhbRu3Bxls2W
wQBbc4+9xFHzSt2Ut2CAjuWv55ynTKHMFU1uNVwzVZ/VnFypBHw3xxaqNKHdrIih
6QUXn4UehtuIbsyYbzoannVjkAU0WogLbXyNAOBNyP/cCVBc+frc8TB+ZXg9URoq
9P+dki+x93FDtmXCsPdyat3BM7r+sJ+WlunZeikNyGgvvi/BnnJJIjz3Dew2JDt1
SXK2aOctPRfE/Ooo/9idUsSKKlKv5Kdh1EJsFMjeb3G9ha2bvTQNU7tILzD0Rts3
ItMcY+tUq10XK0tkYOO5T2D2SL7tsPNmQNf/hf9kTmR5
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:38:24 2024 by rpki-client on console-ams.rpki-client.org