Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YYid5hq7Rw6Ufdhn62mOOwhka0E.roa
File: YYid5hq7Rw6Ufdhn62mOOwhka0E.roa (raw, json)
Hash identifier: 7gDT5zzL4KnPdw24o/Xvo97bsU+iet+KVIgt3FutxqE=
Subject key identifier: 61:88:9D:E6:1A:BB:47:0E:94:7D:D8:67:EB:69:8E:3B:08:64:6B:41
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F0253C23E21C0F91D43A898454E55
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YYid5hq7Rw6Ufdhn62mOOwhka0E.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 84.247.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:02:53:c2:3e:21:c0:f9:1d:43:a8:98:45:4e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61889de61abb470e947dd867eb698e3b08646b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c7:3b:34:e8:f9:3f:4a:68:57:5f:70:bc:ab:
a5:43:7b:7b:53:f4:5d:5a:fe:fd:16:fb:e1:81:20:
a1:d3:1c:db:f3:7f:0c:aa:6a:84:7a:2e:97:69:47:
bd:e1:43:9e:31:bd:71:98:80:d3:4e:c5:31:b9:d2:
33:1b:ce:f2:d6:d6:9e:50:72:23:1c:22:a9:2c:f1:
8a:54:2b:ef:5c:c8:73:47:69:1d:69:0e:07:18:e0:
b3:a8:a0:1c:66:ee:18:c5:43:9f:66:06:da:46:9c:
ba:c0:12:c0:05:61:f7:d8:fe:f4:9d:72:db:4c:59:
6b:46:91:57:ab:cc:05:b4:b2:a5:ac:a1:70:23:80:
c8:06:f2:36:d7:24:94:9f:da:0d:36:5c:50:ac:c8:
c3:5b:89:56:ab:ac:42:bb:18:cb:f6:66:d2:a9:c6:
dd:e4:48:b5:a8:08:22:3f:29:be:d9:34:2d:df:68:
d6:df:4b:c6:a2:ca:eb:e8:6f:15:a4:43:74:3a:3e:
50:2f:38:5e:76:fe:a4:52:c8:b2:d1:0a:f5:b4:b3:
65:0c:62:42:67:e2:8f:ff:68:cb:d9:b8:a0:da:0e:
24:3a:85:f8:d6:ee:30:c6:b9:b9:85:8c:4d:fc:64:
b2:1b:a5:59:fb:bf:9f:6a:c6:9b:3e:04:ed:1d:6a:
46:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:88:9D:E6:1A:BB:47:0E:94:7D:D8:67:EB:69:8E:3B:08:64:6B:41
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YYid5hq7Rw6Ufdhn62mOOwhka0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
61:4f:c0:a3:89:4d:29:6f:8a:a6:ed:d4:f3:d8:4f:75:a2:ad:
de:d0:c9:25:81:3e:be:4e:20:0e:88:63:27:d9:e9:36:1a:5a:
1c:f2:f4:87:f3:f2:64:2d:67:40:96:2d:23:25:80:bf:96:be:
71:f8:2e:f9:c4:b1:e7:3d:db:d0:a3:3d:63:45:a4:3e:39:eb:
6f:c0:48:8a:e5:90:86:f3:18:00:cf:29:fc:a1:66:de:74:f6:
e1:1e:e1:50:55:af:e5:23:92:12:69:57:4d:33:4f:24:69:b2:
92:31:91:d3:dc:b9:e6:60:05:4d:e2:2c:87:4e:9f:d8:6a:b0:
e8:51:e8:70:ea:b0:71:0d:1c:28:35:dd:5e:f7:14:2d:07:9f:
30:69:bc:fc:96:af:b1:3d:0e:18:26:c2:de:44:d9:66:40:8e:
1f:69:33:1a:73:63:55:21:27:39:d1:c3:84:b5:f4:25:d1:de:
1b:eb:11:7d:38:6d:61:ba:ef:71:bc:33:d7:19:96:d2:9e:a8:
a7:42:bd:da:90:b3:2f:38:23:4b:d3:87:25:c5:73:44:ec:c2:
94:2c:e2:8e:69:1a:d4:3a:9e:86:d6:d2:64:cf:f5:e0:eb:05:
27:a2:88:4f:b2:94:4f:f7:8e:d3:8b:a9:c2:d8:e2:02:ab:3e:
7b:9b:15:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwJTwj4hwPkdQ6iYRU5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg4OWRlNjFhYmI0NzBlOTQ3ZGQ4NjdlYjY5OGUzYjA4NjQ2YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8c7NOj5P0poV19wvKulQ3t7U/Rd
Wv79FvvhgSCh0xzb838MqmqEei6XaUe94UOeMb1xmIDTTsUxudIzG87y1taeUHIj
HCKpLPGKVCvvXMhzR2kdaQ4HGOCzqKAcZu4YxUOfZgbaRpy6wBLABWH32P70nXLb
TFlrRpFXq8wFtLKlrKFwI4DIBvI21ySUn9oNNlxQrMjDW4lWq6xCuxjL9mbSqcbd
5Ei1qAgiPym+2TQt32jW30vGosrr6G8VpEN0Oj5QLzhedv6kUsiy0Qr1tLNlDGJC
Z+KP/2jL2big2g4kOoX41u4wxrm5hYxN/GSyG6VZ+7+fasabPgTtHWpGoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGIneYau0cOlH3YZ+tpjjsIZGtBMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWVlpZDVocTdSdzZVZmRobjYybU9Pd2hrYTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPc7MA0G
CSqGSIb3DQEBCwUAA4IBAQBhT8CjiU0pb4qm7dTz2E91oq3e0MklgT6+TiAOiGMn
2ek2Gloc8vSH8/JkLWdAli0jJYC/lr5x+C75xLHnPdvQoz1jRaQ+OetvwEiK5ZCG
8xgAzyn8oWbedPbhHuFQVa/lI5ISaVdNM08kabKSMZHT3LnmYAVN4iyHTp/YarDo
Uehw6rBxDRwoNd1e9xQtB58wabz8lq+xPQ4YJsLeRNlmQI4faTMac2NVISc50cOE
tfQl0d4b6xF9OG1huu9xvDPXGZbSnqinQr3akLMvOCNL04clxXNE7MKULOKOaRrU
Op6G1tJkz/Xg6wUnoohPspRP947Ti6nC2OICqz57mxVF
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org