Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/YpkuJNGu0HGCoop919FeYhNnx1U.roa
File: YpkuJNGu0HGCoop919FeYhNnx1U.roa (raw, json)
Hash identifier: d659hqQKk3MCl0gjdrYsZMSIHZ4pgOwFPaqDRZXn7wQ=
Subject key identifier: 62:99:2E:24:D1:AE:D0:71:82:A2:8A:7D:D7:D1:5E:62:13:67:C7:55
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0185708CC52CBF6153E5C852E924082F2368
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/YpkuJNGu0HGCoop919FeYhNnx1U.roa
Signing time: Mon 02 Jan 2023 03:35:51 +0000
ROA not before: Mon 02 Jan 2023 03:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 93.115.6.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c5:2c:bf:61:53:e5:c8:52:e9:24:08:2f:23:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 2 03:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62992e24d1aed07182a28a7dd7d15e621367c755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:51:a2:c2:30:2e:d2:e1:90:23:16:c5:2c:b5:
a3:1b:93:f5:ae:97:e4:e6:d8:15:3b:2c:f7:e5:fc:
33:32:7f:15:1d:45:85:a7:13:ab:70:2c:1e:a0:f0:
58:79:7f:90:70:f6:14:e8:e5:61:bc:da:49:6e:41:
7e:d6:0d:21:5a:58:85:a2:57:f7:f3:84:80:c1:56:
42:c0:ef:64:c7:9b:b4:32:02:2f:19:10:60:7e:3a:
b3:ac:f4:eb:01:35:a2:54:98:75:cc:74:4d:a9:0d:
40:4f:14:7b:a2:aa:41:dd:1b:ca:f6:ef:fb:39:b3:
53:04:87:a3:19:1e:24:4e:1e:e4:74:61:62:ab:e0:
b4:21:f2:dc:e6:d3:f3:fa:30:be:91:53:a4:14:41:
40:ba:02:bc:74:b2:17:2e:c3:90:01:95:15:83:82:
dd:bc:91:77:63:bb:22:3c:84:fd:f6:f4:65:dd:db:
1a:5a:81:50:cf:3a:c7:17:67:93:ec:3f:b0:f5:41:
f1:19:7d:89:66:34:c5:c8:e0:3e:84:09:2b:9e:f5:
ff:c6:c1:77:6d:ff:71:83:60:34:e5:a9:4c:89:eb:
66:9c:79:fd:c8:33:a9:0b:41:c0:ad:3f:8b:83:26:
58:24:97:b4:30:3c:2c:b7:31:94:f4:42:fb:40:e5:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:99:2E:24:D1:AE:D0:71:82:A2:8A:7D:D7:D1:5E:62:13:67:C7:55
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/YpkuJNGu0HGCoop919FeYhNnx1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.6.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9d:af:f0:98:a0:43:25:8f:df:db:6b:24:6b:4b:13:6e:c7:
d5:64:c7:4f:be:2b:26:62:83:ca:ce:c7:07:08:20:b9:77:69:
8b:76:ea:e0:63:b0:dd:ae:47:15:c7:74:5e:a0:88:b0:18:89:
67:bb:48:48:1c:dd:d0:ff:3a:72:f0:48:9c:61:92:9c:54:d9:
55:c7:64:d3:00:aa:3e:e4:0d:bd:8f:92:1a:04:75:39:b9:11:
c7:3c:09:b3:aa:1a:cc:60:4b:70:d6:9b:7c:9c:bc:88:f6:cf:
0f:4c:ae:f5:87:9d:5b:ca:7c:20:b0:8c:00:87:90:7b:3b:3c:
e8:66:d7:f8:8f:22:42:07:99:38:19:46:e2:67:2d:71:03:a0:
7a:4a:28:e5:2a:6c:20:ed:e1:5b:9c:d8:61:3e:41:af:53:1b:
92:1d:9e:66:11:06:f9:9d:cd:8f:dc:fd:5a:95:fc:c5:a2:6a:
93:8a:2f:52:9e:91:79:58:a3:db:bb:65:a7:17:b3:e8:d3:7c:
f0:65:75:93:b4:46:f7:28:1b:1b:ac:16:c3:13:1b:8e:69:76:
9d:b4:7b:ad:1c:29:da:d2:f3:87:7a:a1:53:9b:17:21:b8:62:
c6:aa:57:45:c1:35:c6:3a:0e:7c:9b:26:28:fd:44:4c:28:c8:
c1:6c:7a:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjMUsv2FT5chS6SQILyNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMwMTAyMDMzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjk5MmUyNGQxYWVkMDcxODJhMjhhN2RkN2QxNWU2MjEzNjdjNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVGiwjAu0uGQIxbFLLWjG5P1rpfk
5tgVOyz35fwzMn8VHUWFpxOrcCweoPBYeX+QcPYU6OVhvNpJbkF+1g0hWliFolf3
84SAwVZCwO9kx5u0MgIvGRBgfjqzrPTrATWiVJh1zHRNqQ1ATxR7oqpB3RvK9u/7
ObNTBIejGR4kTh7kdGFiq+C0IfLc5tPz+jC+kVOkFEFAugK8dLIXLsOQAZUVg4Ld
vJF3Y7siPIT99vRl3dsaWoFQzzrHF2eT7D+w9UHxGX2JZjTFyOA+hAkrnvX/xsF3
bf9xg2A05alMietmnHn9yDOpC0HArT+LgyZYJJe0MDwstzGU9EL7QOVgRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKZLiTRrtBxgqKKfdfRXmITZ8dVMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvWXBrdUpOR3UwSEdDb29wOTE5RmVZaE5ueDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXMGMA0G
CSqGSIb3DQEBCwUAA4IBAQBEna/wmKBDJY/f22ska0sTbsfVZMdPvismYoPKzscH
CCC5d2mLdurgY7DdrkcVx3ReoIiwGIlnu0hIHN3Q/zpy8EicYZKcVNlVx2TTAKo+
5A29j5IaBHU5uRHHPAmzqhrMYEtw1pt8nLyI9s8PTK71h51bynwgsIwAh5B7Ozzo
Ztf4jyJCB5k4GUbiZy1xA6B6SijlKmwg7eFbnNhhPkGvUxuSHZ5mEQb5nc2P3P1a
lfzFomqTii9SnpF5WKPbu2WnF7Po03zwZXWTtEb3KBsbrBbDExuOaXadtHutHCna
0vOHeqFTmxchuGLGqldFwTXGOg58myYo/URMKMjBbHqf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org