Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/f84b27-f01c-48ce-a99a-3aa663f828fc/1/YTt3mRK37LzdvVtGFV8ybxwsPpU.roa
File: YTt3mRK37LzdvVtGFV8ybxwsPpU.roa (raw, json)
Hash identifier: r1QuB7U/0cz5M1iKwIsUD7acwTOpDasdMO0am9pA3gQ=
Subject key identifier: 61:3B:77:99:12:B7:EC:BC:DD:BD:5B:46:15:5F:32:6F:1C:2C:3E:95
Certificate issuer: /CN=d880c00d25e5a77e7d334cedf9e0f26a2c5aa328
Certificate serial: 09023F
Authority key identifier: D8:80:C0:0D:25:E5:A7:7E:7D:33:4C:ED:F9:E0:F2:6A:2C:5A:A3:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IDADSXlp359M0zt-eDyaixaoyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/f84b27-f01c-48ce-a99a-3aa663f828fc/1/YTt3mRK37LzdvVtGFV8ybxwsPpU.roa
Signing time: Thu 24 Feb 2022 12:02:11 +0000
ROA not before: Thu 24 Feb 2022 12:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31463
IP address blocks: 87.124.0.0/17 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 590399 (0x9023f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d880c00d25e5a77e7d334cedf9e0f26a2c5aa328
Validity
Not Before: Feb 24 12:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=613b779912b7ecbcddbd5b46155f326f1c2c3e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6e:66:6d:6a:fc:98:b1:78:75:52:4a:48:e3:
4c:09:9b:ed:ef:52:07:21:7f:77:04:11:f5:64:6b:
c9:fa:cf:3c:7f:78:f8:c0:37:57:b2:1b:3a:78:8c:
25:de:31:7b:79:9a:a2:6d:b5:60:7b:97:f7:94:93:
00:35:a4:bd:e0:5d:08:74:4b:05:f3:87:e4:8c:72:
05:1d:3e:a8:d0:a9:1a:2b:f5:1c:7f:93:27:ca:91:
82:1d:45:c3:a1:82:da:c7:20:0f:9b:8c:69:ce:1a:
bd:44:2a:e3:d9:1f:2f:10:04:40:dc:da:3b:1e:66:
3a:02:dd:4b:a4:39:83:c0:42:e0:d4:21:dc:67:01:
6e:7c:bb:f0:a3:79:9b:93:64:c6:4c:a7:2b:e0:64:
37:b3:07:99:18:62:75:4b:fb:62:8a:80:7f:8f:e4:
30:e6:a5:d9:06:02:19:ee:3d:e6:17:43:c9:be:45:
2f:5b:c5:4b:df:e3:0d:be:26:3f:a6:e5:ae:65:8c:
1f:2d:fe:c1:7c:db:5b:86:c0:22:d8:6f:17:10:dc:
87:d7:77:33:de:04:01:8b:87:2c:6d:9e:13:5a:ee:
c8:e0:a8:01:16:21:22:b6:ae:fb:5a:86:1c:90:9e:
10:b1:6c:69:94:ac:d7:b8:a5:2c:25:d4:fb:0b:a4:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3B:77:99:12:B7:EC:BC:DD:BD:5B:46:15:5F:32:6F:1C:2C:3E:95
X509v3 Authority Key Identifier:
keyid:D8:80:C0:0D:25:E5:A7:7E:7D:33:4C:ED:F9:E0:F2:6A:2C:5A:A3:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IDADSXlp359M0zt-eDyaixaoyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f84b27-f01c-48ce-a99a-3aa663f828fc/1/YTt3mRK37LzdvVtGFV8ybxwsPpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f84b27-f01c-48ce-a99a-3aa663f828fc/1/2IDADSXlp359M0zt-eDyaixaoyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.124.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a0:31:5f:87:55:15:00:5d:e2:6c:b6:c1:a7:87:3a:39:bc:70:
25:e8:11:26:cb:72:77:28:59:d9:42:d1:a8:d9:01:dc:a4:6d:
e9:aa:4e:d5:1a:20:46:db:92:2f:e2:fb:0a:2e:69:16:70:e9:
e1:f7:f5:f7:de:d9:18:b6:46:87:6c:68:97:fb:d4:12:32:df:
44:1a:3a:a6:d3:e1:38:56:c3:fc:b7:27:f4:af:4a:14:e2:c2:
c0:79:88:d2:6d:83:92:10:a9:70:23:81:c8:b2:a0:7f:13:93:
9f:81:04:47:20:79:ec:43:19:7c:03:06:b6:cd:38:c0:31:8d:
5d:e3:eb:ef:66:63:f3:de:9b:b6:c4:47:26:36:fd:3d:35:99:
0f:75:c8:f4:e0:4b:48:4d:11:c4:ac:7c:91:3b:71:bb:eb:e1:
0f:37:1e:73:7a:83:8b:e7:36:8d:32:cb:65:19:e0:2f:d9:aa:
a7:d8:4d:1a:46:69:50:01:24:3e:e1:d1:9e:6b:50:39:b8:f1:
bd:af:0b:f2:8a:a8:0f:0c:ba:de:03:9f:a8:de:3f:9f:83:3a:
58:cd:a6:68:b5:8b:34:91:65:55:6e:a5:18:b1:6f:23:0e:35:
e9:14:01:b0:8f:98:d1:8e:18:4a:72:88:2d:eb:b3:63:82:22:
68:da:d2:6f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCQI/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ODBjMDBkMjVlNWE3N2U3ZDMzNGNlZGY5ZTBmMjZhMmM1YWEzMjgwHhcNMjIwMjI0
MTIwMjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MTNiNzc5OTEyYjdl
Y2JjZGRiZDViNDYxNTVmMzI2ZjFjMmMzZTk1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2m5mbWr8mLF4dVJKSONMCZvt71IHIX93BBH1ZGvJ+s88f3j4
wDdXshs6eIwl3jF7eZqibbVge5f3lJMANaS94F0IdEsF84fkjHIFHT6o0KkaK/Uc
f5MnypGCHUXDoYLaxyAPm4xpzhq9RCrj2R8vEARA3No7HmY6At1LpDmDwELg1CHc
ZwFufLvwo3mbk2TGTKcr4GQ3sweZGGJ1S/tiioB/j+Qw5qXZBgIZ7j3mF0PJvkUv
W8VL3+MNviY/puWuZYwfLf7BfNtbhsAi2G8XENyH13cz3gQBi4csbZ4TWu7I4KgB
FiEitq77WoYckJ4QsWxplKzXuKUsJdT7C6S1wQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFGE7d5kSt+y83b1bRhVfMm8cLD6VMB8GA1UdIwQYMBaAFNiAwA0l5ad+fTNM
7fng8mosWqMoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MklEQURTWGxwMzU5TTB6dC1lRHlhaXhhb3lnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9mODRiMjctZjAxYy00OGNlLWE5OWEtM2FhNjYzZjgyOGZjLzEv
WVR0M21SSzM3THpkdlZ0R0ZWOHlieHdzUHBVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9m
ODRiMjctZjAxYy00OGNlLWE5OWEtM2FhNjYzZjgyOGZjLzEvMklEQURTWGxwMzU5
TTB6dC1lRHlhaXhhb3lnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHV3wAMA0GCSqGSIb3DQEBCwUAA4IB
AQCgMV+HVRUAXeJstsGnhzo5vHAl6BEmy3J3KFnZQtGo2QHcpG3pqk7VGiBG25Iv
4vsKLmkWcOnh9/X33tkYtkaHbGiX+9QSMt9EGjqm0+E4VsP8tyf0r0oU4sLAeYjS
bYOSEKlwI4HIsqB/E5OfgQRHIHnsQxl8Awa2zTjAMY1d4+vvZmPz3pu2xEcmNv09
NZkPdcj04EtITRHErHyRO3G76+EPNx5zeoOL5zaNMstlGeAv2aqn2E0aRmlQASQ+
4dGea1A5uPG9rwvyiqgPDLreA5+o3j+fgzpYzaZotYs0kWVVbqUYsW8jDjXpFAGw
j5jRjhhKcogt67NjgiJo2tJv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org