Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YbKFBle2Lek2iBEnzvMGLYg07hE.roa
File: YbKFBle2Lek2iBEnzvMGLYg07hE.roa (raw, json)
Hash identifier: mUzIguuOHpRsY7dy9CEGCsar/t/4u66NOxifi4J7LUI=
Subject key identifier: 61:B2:85:06:57:B6:2D:E9:36:88:11:27:CE:F3:06:2D:88:34:EE:11
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F032C947469A85044DC490CAF98CD
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YbKFBle2Lek2iBEnzvMGLYg07hE.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212335
IP address blocks: 89.42.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:03:2c:94:74:69:a8:50:44:dc:49:0c:af:98:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b2850657b62de936881127cef3062d8834ee11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:10:31:46:45:01:f6:36:f3:00:02:9a:56:
ba:69:f2:6b:9e:3d:ac:9d:c1:0a:0c:8d:fb:2e:17:
6d:0c:d8:51:52:47:a7:46:df:4c:3e:e7:d6:06:50:
45:dd:00:fc:d1:15:0b:b9:cc:98:2d:4e:01:62:d5:
1a:84:b7:08:a5:f7:8d:35:e1:3c:3a:31:e6:b7:7a:
71:c0:f9:65:e5:c9:a8:55:08:52:8c:0b:52:52:0d:
bc:2b:85:66:1b:8c:f2:e3:a8:31:e7:07:8a:62:60:
e3:b8:3b:30:11:c7:71:ff:88:7d:64:32:a7:6d:4c:
f2:d5:3c:37:8c:81:4f:9d:09:e1:25:56:3a:a0:69:
09:4b:b4:2d:d1:00:a9:d0:4d:0f:05:2c:c7:39:17:
75:68:71:67:9c:78:1f:43:31:f5:27:cd:67:68:e8:
71:66:1e:f6:57:db:0a:e4:7d:39:ad:50:fd:ae:88:
c5:f0:66:49:a2:0f:3d:5a:87:cf:61:68:87:66:5c:
5f:48:7b:6c:9b:bf:5d:b5:5c:d0:76:b5:f5:49:b0:
7a:f5:04:49:f3:52:d2:95:fe:04:39:ed:56:03:d2:
ce:cc:a9:c9:7b:49:d3:42:f2:f6:e3:76:ac:67:b3:
44:14:a2:2a:50:48:5b:c9:4b:f1:91:80:e5:47:08:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B2:85:06:57:B6:2D:E9:36:88:11:27:CE:F3:06:2D:88:34:EE:11
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YbKFBle2Lek2iBEnzvMGLYg07hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:92:b2:be:f5:96:9a:a0:0c:ad:c7:de:b3:60:6f:ca:0f:39:
a9:7c:fb:c1:a6:f2:a6:12:3b:f0:36:80:26:19:ed:5b:1d:6d:
44:65:43:79:d6:28:dc:81:bf:76:bc:b0:87:78:2c:d6:28:27:
a0:21:2d:3b:c3:c7:70:1d:86:fe:e7:7a:87:9c:9f:46:ce:28:
0d:2d:0e:9a:36:a2:3e:d0:20:07:03:08:12:93:39:b0:0e:52:
a3:e1:97:c9:56:36:6d:69:5d:72:18:36:2d:1c:5b:79:c5:3d:
2d:39:b4:45:61:94:89:a7:70:5d:c6:f9:39:61:70:dc:ad:76:
d7:0d:67:f9:d9:83:62:d1:24:ca:36:7f:3e:6f:d6:e4:46:b1:
81:d2:fc:35:7e:22:cd:a8:08:01:4e:a2:21:9d:5d:d6:65:13:
ce:60:01:1f:c6:64:2c:77:f6:db:5b:23:43:f0:b9:98:17:44:
3d:fa:b1:05:4e:55:a5:c8:14:c0:0e:08:92:97:38:99:d9:02:
aa:e0:09:10:8a:33:8e:3c:59:6c:01:d4:fb:88:b4:d4:70:41:
c0:94:d4:b9:3f:cb:d5:8c:0f:d2:b0:8e:66:bd:7c:6a:b3:4d:
a0:7e:e6:61:67:78:90:ef:50:6f:7a:03:11:64:3a:26:a5:8a:
66:f1:d6:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwMslHRpqFBE3EkMr5jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWIyODUwNjU3YjYyZGU5MzY4ODExMjdjZWYzMDYyZDg4MzRlZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eIQMUZFAfY28wACmla6afJrnj2s
ncEKDI37LhdtDNhRUkenRt9MPufWBlBF3QD80RULucyYLU4BYtUahLcIpfeNNeE8
OjHmt3pxwPll5cmoVQhSjAtSUg28K4VmG4zy46gx5weKYmDjuDswEcdx/4h9ZDKn
bUzy1Tw3jIFPnQnhJVY6oGkJS7Qt0QCp0E0PBSzHORd1aHFnnHgfQzH1J81naOhx
Zh72V9sK5H05rVD9rojF8GZJog89WofPYWiHZlxfSHtsm79dtVzQdrX1SbB69QRJ
81LSlf4EOe1WA9LOzKnJe0nTQvL243asZ7NEFKIqUEhbyUvxkYDlRwiFtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGyhQZXti3pNogRJ87zBi2INO4RMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWWJLRkJsZTJMZWsyaUJFbnp2TUdMWWcwN2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G
CSqGSIb3DQEBCwUAA4IBAQBbkrK+9ZaaoAytx96zYG/KDzmpfPvBpvKmEjvwNoAm
Ge1bHW1EZUN51ijcgb92vLCHeCzWKCegIS07w8dwHYb+53qHnJ9GzigNLQ6aNqI+
0CAHAwgSkzmwDlKj4ZfJVjZtaV1yGDYtHFt5xT0tObRFYZSJp3Bdxvk5YXDcrXbX
DWf52YNi0STKNn8+b9bkRrGB0vw1fiLNqAgBTqIhnV3WZRPOYAEfxmQsd/bbWyND
8LmYF0Q9+rEFTlWlyBTADgiSlziZ2QKq4AkQijOOPFlsAdT7iLTUcEHAlNS5P8vV
jA/SsI5mvXxqs02gfuZhZ3iQ71BvegMRZDompYpm8dZh
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org