Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YyyaDW536m53dzaW2LWR_GDK-NY.roa
File: YyyaDW536m53dzaW2LWR_GDK-NY.roa (raw, json)
Hash identifier: t7FwjAtzgA/DPeBquBv9uqi1M8XOm1kD1SHwUbic9a8=
Subject key identifier: 63:2C:9A:0D:6E:77:EA:6E:77:77:36:96:D8:B5:91:FC:60:CA:F8:D6
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0188985F2479CBD0CD63CDD1A72FBC1540FE
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YyyaDW536m53dzaW2LWR_GDK-NY.roa
Signing time: Thu 08 Jun 2023 00:19:12 +0000
ROA not before: Thu 08 Jun 2023 00:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212609
IP address blocks: 89.42.215.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:98:5f:24:79:cb:d0:cd:63:cd:d1:a7:2f:bc:15:40:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 8 00:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=632c9a0d6e77ea6e77773696d8b591fc60caf8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:45:a2:48:42:3c:64:d6:9e:83:cc:7e:99:
8d:c5:10:1b:c6:68:6d:dd:73:b1:94:9a:e0:61:d9:
82:a4:01:cf:03:9d:db:6d:2b:ea:48:7d:00:51:f8:
fe:52:f0:3a:40:6a:e7:65:25:76:29:b7:fc:26:ce:
f2:4b:d9:48:06:de:ac:fd:da:c5:d6:1e:8c:89:55:
e6:ad:95:1e:60:b2:fe:ea:c5:ed:85:ab:a2:f0:b2:
4d:63:c3:6e:1a:21:bf:65:1c:0c:57:3c:6d:4f:e8:
ac:e8:f9:4a:92:3a:24:d6:3b:f7:36:90:69:3e:43:
8b:fd:85:73:e9:65:f9:9c:e6:13:aa:60:67:8d:e0:
a5:32:ed:74:be:c4:76:0f:95:a5:88:e0:52:33:35:
ed:c6:15:c8:f5:2a:67:d2:ec:1b:3d:09:d0:37:2a:
db:71:fb:77:33:79:b7:32:fb:f8:41:be:1d:29:86:
be:7f:44:75:73:9e:81:8d:a2:29:4c:4d:07:3c:fe:
f8:c6:65:62:00:3f:81:ad:06:b7:ef:1c:19:bd:4f:
b6:4e:ab:23:2c:2c:b5:eb:54:8f:bd:80:49:a6:c3:
c6:eb:ef:17:f3:10:62:83:41:b9:20:20:df:9b:0a:
4b:a2:71:20:27:9b:8f:d3:8e:b1:cf:74:ac:75:e4:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2C:9A:0D:6E:77:EA:6E:77:77:36:96:D8:B5:91:FC:60:CA:F8:D6
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YyyaDW536m53dzaW2LWR_GDK-NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
89.42.215.0/24
93.114.69.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b4:03:7e:48:7d:eb:18:1a:42:77:5b:fa:59:bb:78:af:88:
dc:a7:e1:de:dd:80:b9:a7:07:7c:29:95:ee:c3:29:4d:1d:78:
ff:37:28:8e:dc:58:e0:6b:44:e3:bd:24:93:e1:ea:e4:b4:eb:
9c:05:a3:22:4d:9c:13:d5:25:3f:dc:e4:7a:22:52:be:9c:ba:
fb:29:e6:66:d3:6d:e4:48:73:56:20:55:93:ca:ec:66:b1:72:
28:9c:d0:5e:d2:0f:be:ea:3f:51:32:ad:55:3a:10:4f:97:0a:
2b:b8:f8:b6:e2:39:65:c2:09:cd:63:dd:0a:96:70:62:a7:88:
03:b7:9c:b2:e7:5e:6e:b1:fe:e8:62:54:ce:fb:a4:54:ea:57:
4f:3c:bb:ad:ec:56:ff:b9:9f:93:05:f0:6d:68:8f:d3:96:ad:
39:8b:b1:f7:77:63:35:69:af:ae:80:aa:96:49:30:b1:2f:13:
42:4e:cd:66:aa:54:50:33:3d:5b:0d:52:78:0e:6e:85:b3:86:
7f:f9:63:22:40:52:6d:46:7c:51:fd:c4:e2:4b:0f:b9:dd:9c:
04:63:12:97:70:21:fd:91:53:82:30:06:f1:e5:64:02:b2:de:
db:7b:9f:ba:ac:26:9b:aa:3e:11:00:c0:d6:22:58:00:b3:1b:
06:6d:4d:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiYXyR5y9DNY83Rpy+8FUD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjA4MDAxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJjOWEwZDZlNzdlYTZlNzc3NzM2OTZkOGI1OTFmYzYwY2FmOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bBFokhCPGTWnoPMfpmNxRAbxmht
3XOxlJrgYdmCpAHPA53bbSvqSH0AUfj+UvA6QGrnZSV2Kbf8Js7yS9lIBt6s/drF
1h6MiVXmrZUeYLL+6sXthaui8LJNY8NuGiG/ZRwMVzxtT+is6PlKkjok1jv3NpBp
PkOL/YVz6WX5nOYTqmBnjeClMu10vsR2D5WliOBSMzXtxhXI9Spn0uwbPQnQNyrb
cft3M3m3Mvv4Qb4dKYa+f0R1c56BjaIpTE0HPP74xmViAD+BrQa37xwZvU+2Tqsj
LCy161SPvYBJpsPG6+8X8xBig0G5ICDfmwpLonEgJ5uP046xz3SsdeRYWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGMsmg1ud+pud3c2lti1kfxgyvjWMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWXl5YURXNTM2bTUzZHphVzJMV1JfR0RLLU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVEBAwQA
WSrXAwQAXXJFMA0GCSqGSIb3DQEBCwUAA4IBAQAbtAN+SH3rGBpCd1v6Wbt4r4jc
p+He3YC5pwd8KZXuwylNHXj/NyiO3Fjga0TjvSST4erktOucBaMiTZwT1SU/3OR6
IlK+nLr7KeZm023kSHNWIFWTyuxmsXIonNBe0g++6j9RMq1VOhBPlworuPi24jll
wgnNY90KlnBip4gDt5yy515usf7oYlTO+6RU6ldPPLut7Fb/uZ+TBfBtaI/Tlq05
i7H3d2M1aa+ugKqWSTCxLxNCTs1mqlRQMz1bDVJ4Dm6Fs4Z/+WMiQFJtRnxR/cTi
Sw+53ZwEYxKXcCH9kVOCMAbx5WQCst7be5+6rCabqj4RAMDWIlgAsxsGbU27
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org