Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jijfyb5rEggHN_YsvE5lYa6hmko.roa
File: jijfyb5rEggHN_YsvE5lYa6hmko.roa (raw, json)
Hash identifier: npRlYMeBkZJ+ddtQeLPy0D6ENiA9muf6xMsBk2K3c9k=
Subject key identifier: 8E:28:DF:C9:BE:6B:12:08:07:37:F6:2C:BC:4E:65:61:AE:A1:9A:4A
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018FB46E5D0A343080C6B38C2CE6C15E8819
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jijfyb5rEggHN_YsvE5lYa6hmko.roa
Signing time: Sun 26 May 2024 10:24:42 +0000
ROA not before: Sun 26 May 2024 10:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215480
IP address blocks: 217.60.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b4:6e:5d:0a:34:30:80:c6:b3:8c:2c:e6:c1:5e:88:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 26 10:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e28dfc9be6b12080737f62cbc4e6561aea19a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2c:c1:af:d5:ed:c2:33:04:cb:f5:1b:82:cd:
28:c2:3a:69:13:3f:ad:91:64:68:27:f1:6a:e5:c3:
6c:64:49:99:c2:0c:99:25:a5:25:f9:81:e2:26:27:
c6:63:b1:7d:62:f7:bd:33:80:d7:7d:b7:77:a0:7c:
c6:24:78:d9:7f:7a:30:a7:71:10:bb:0f:b9:dd:68:
cd:80:ca:8a:b4:b5:f6:64:48:bb:87:0d:e6:d7:5a:
b8:a7:d5:2e:34:44:3b:ec:c3:1a:c0:30:35:b3:d7:
fe:4a:b4:95:ea:f1:64:96:b2:e5:e4:de:b1:ad:9e:
ae:ab:df:9a:60:82:d9:22:9e:09:3d:eb:2f:cd:7e:
33:e3:d5:94:28:b9:96:ce:72:23:e3:f6:a7:4a:92:
3d:e8:d1:48:ba:6a:37:cc:3c:04:df:6e:48:c0:96:
d7:fb:91:fe:19:73:0d:90:c5:74:83:57:09:f1:eb:
2d:8e:92:5c:ad:89:f8:5c:94:20:fd:84:cc:0a:05:
be:50:d6:dd:d5:dd:9b:0e:ee:21:fd:75:e7:dc:3f:
06:20:8f:2d:18:38:a9:da:c1:dc:3d:93:c2:9a:2b:
f4:d7:0e:62:25:ae:50:92:13:41:e7:7f:b0:96:24:
f4:b6:61:4d:3d:30:00:28:18:3b:03:f1:8e:a3:47:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:28:DF:C9:BE:6B:12:08:07:37:F6:2C:BC:4E:65:61:AE:A1:9A:4A
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jijfyb5rEggHN_YsvE5lYa6hmko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.238.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:86:5f:a3:b2:86:bb:53:e5:56:32:76:8a:c8:8f:45:8f:b3:
eb:d2:b4:73:2a:98:b0:74:1e:3e:06:f9:48:75:67:20:4c:ab:
8e:f1:54:ab:ec:23:c2:13:9e:a9:f9:ba:4f:e9:04:29:c4:f8:
d2:99:41:3e:3b:ca:03:4e:c8:76:f6:80:b5:08:18:93:0c:84:
c2:da:02:2f:f5:48:74:c0:17:9a:24:a8:a3:43:ed:1e:1d:ca:
d7:4a:6a:08:79:05:c2:56:6c:bc:1e:02:fb:36:8a:49:df:55:
13:99:0f:5b:6f:f7:82:89:66:d7:1e:f1:ac:22:b3:8c:68:62:
0b:32:05:81:73:dc:78:b2:14:26:7b:35:bc:26:a9:c0:e2:88:
cf:88:a8:ee:df:cd:cc:f6:ad:96:40:88:e6:51:a6:aa:ff:b3:
74:04:4d:8f:1f:e4:51:01:6f:9a:0f:0d:a8:81:72:aa:f1:b1:
32:d9:3e:c8:0c:dd:1d:d0:8c:d1:b4:a2:a8:f5:32:c5:d1:a9:
dc:2a:0d:e5:30:a9:0f:cb:07:a4:e2:73:db:e6:dc:bd:c1:41:
e4:a0:56:47:17:f2:56:14:13:f7:50:e9:54:2d:c4:31:b4:14:
2e:00:db:6b:2e:d7:22:1f:c6:5c:a0:e2:3e:d2:39:b3:90:33:
23:ef:53:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+0bl0KNDCAxrOMLObBXogZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNTI2MTAyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI4ZGZjOWJlNmIxMjA4MDczN2Y2MmNiYzRlNjU2MWFlYTE5YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yzBr9XtwjMEy/Ubgs0owjppEz+t
kWRoJ/Fq5cNsZEmZwgyZJaUl+YHiJifGY7F9Yve9M4DXfbd3oHzGJHjZf3owp3EQ
uw+53WjNgMqKtLX2ZEi7hw3m11q4p9UuNEQ77MMawDA1s9f+SrSV6vFklrLl5N6x
rZ6uq9+aYILZIp4JPesvzX4z49WUKLmWznIj4/anSpI96NFIumo3zDwE325IwJbX
+5H+GXMNkMV0g1cJ8estjpJcrYn4XJQg/YTMCgW+UNbd1d2bDu4h/XXn3D8GII8t
GDip2sHcPZPCmiv01w5iJa5QkhNB53+wliT0tmFNPTAAKBg7A/GOo0fXAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4o38m+axIIBzf2LLxOZWGuoZpKMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvamlqZnliNXJFZ2dITl9Zc3ZFNWxZYTZobWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2TzuMA0G
CSqGSIb3DQEBCwUAA4IBAQAuhl+jsoa7U+VWMnaKyI9Fj7Pr0rRzKpiwdB4+BvlI
dWcgTKuO8VSr7CPCE56p+bpP6QQpxPjSmUE+O8oDTsh29oC1CBiTDITC2gIv9Uh0
wBeaJKijQ+0eHcrXSmoIeQXCVmy8HgL7NopJ31UTmQ9bb/eCiWbXHvGsIrOMaGIL
MgWBc9x4shQmezW8JqnA4ojPiKju383M9q2WQIjmUaaq/7N0BE2PH+RRAW+aDw2o
gXKq8bEy2T7IDN0d0IzRtKKo9TLF0ancKg3lMKkPywek4nPb5ty9wUHkoFZHF/JW
FBP3UOlULcQxtBQuANtrLtciH8ZcoOI+0jmzkDMj71M7
-----END CERTIFICATE-----
Generated at Sun May 11 13:25:44 2025 by rpki-client