Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/2LseGhsjQNZ7zAj62-w_ADOC28w.roa
File: 2LseGhsjQNZ7zAj62-w_ADOC28w.roa (raw, json)
Hash identifier: Po7K6YTeqLOm4SayTnXhAaBhObcNq1j3zrFlVJOcET8=
Subject key identifier: D8:BB:1E:1A:1B:23:40:D6:7B:CC:08:FA:DB:EC:3F:00:33:82:DB:CC
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018ECC45E7EB30A020B59490568217F85F36
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/2LseGhsjQNZ7zAj62-w_ADOC28w.roa
Signing time: Thu 11 Apr 2024 08:28:37 +0000
ROA not before: Thu 11 Apr 2024 08:28:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 91.242.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:45:e7:eb:30:a0:20:b5:94:90:56:82:17:f8:5f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Apr 11 08:28:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8bb1e1a1b2340d67bcc08fadbec3f003382dbcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8d:e4:b1:83:ff:df:ae:d1:e2:63:a2:2d:89:
64:93:1a:d0:ab:63:f4:44:a6:0e:a6:30:f5:3c:35:
e6:fb:54:f9:ec:6b:b1:d7:bf:3a:67:fd:61:5b:dd:
54:3d:80:af:bd:e1:f9:eb:e9:46:0d:ab:2b:9c:c6:
bb:a7:2f:65:46:af:d2:4f:3a:53:46:14:fe:60:fc:
bb:87:16:03:bc:67:3c:ba:a2:a6:dd:97:f5:72:96:
72:38:f7:ce:3e:02:22:bd:64:5f:14:f6:df:65:f1:
78:f1:f5:92:6c:1a:be:8e:a9:e0:93:d4:53:98:39:
e1:ce:24:b9:48:7c:94:72:8c:1b:7e:b2:ac:e2:44:
9b:a2:44:e4:a8:a0:26:f0:91:be:43:4d:1f:c8:5a:
b1:23:ff:97:9c:20:65:6c:a8:1e:f3:13:7a:ba:91:
14:44:a7:23:32:38:0b:14:b0:36:05:04:2c:f5:f1:
02:1f:97:c5:c3:e8:16:ad:f1:4e:bf:d8:c5:af:25:
61:ec:41:f6:87:6b:88:62:a8:d0:1b:63:20:eb:b9:
cd:53:fe:f1:bb:4f:f8:49:74:c5:ea:03:fd:41:b1:
be:eb:03:2e:62:e4:80:47:f9:f4:4f:d2:aa:40:9d:
23:03:26:ec:d2:7f:17:ed:83:65:58:75:f4:ee:2f:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BB:1E:1A:1B:23:40:D6:7B:CC:08:FA:DB:EC:3F:00:33:82:DB:CC
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/2LseGhsjQNZ7zAj62-w_ADOC28w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.227.0/24
Signature Algorithm: sha256WithRSAEncryption
47:31:71:05:ff:5e:f9:26:cf:3d:04:69:a5:ca:64:94:a7:15:
72:23:65:83:0f:f7:76:8a:40:b8:73:97:31:1e:4e:3c:5b:72:
56:06:d1:38:20:6e:ce:87:20:fb:30:b8:4d:c6:31:12:63:86:
6f:94:7e:4c:c1:5a:b5:ee:81:61:04:ea:f9:d7:50:9b:31:44:
e2:df:77:87:9f:93:31:9b:3d:85:09:c7:61:4d:ff:f7:90:29:
2a:cc:cd:a2:52:fd:06:ed:65:02:ae:4b:f7:fa:6f:09:a0:d4:
a6:66:16:f5:79:7e:47:79:ca:b0:cd:28:ad:41:46:93:04:4e:
6c:fc:28:02:ce:bb:8d:92:35:86:df:fd:52:5c:39:c4:46:23:
4b:c1:2d:da:09:b8:e4:e8:7c:ca:5e:c3:6c:bb:78:85:69:7d:
05:22:c5:4a:9a:45:32:7d:e7:09:df:cb:0c:61:f5:b2:f7:57:
1d:b7:48:5d:b0:bd:36:98:7d:f4:98:13:e5:bf:f3:2f:80:5c:
94:62:a3:be:aa:d6:93:97:03:77:21:25:6b:47:7e:09:ad:c1:
87:d4:1e:f7:58:0d:af:ac:d9:69:42:cf:fd:59:7c:87:1c:cf:
a9:b0:1e:81:b5:fa:80:83:00:13:58:4e:4a:15:f5:7d:5b:cf:
27:2d:0c:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7MRefrMKAgtZSQVoIX+F82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwNDExMDgyODM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJiMWUxYTFiMjM0MGQ2N2JjYzA4ZmFkYmVjM2YwMDMzODJkYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg43ksYP/367R4mOiLYlkkxrQq2P0
RKYOpjD1PDXm+1T57Gux1786Z/1hW91UPYCvveH56+lGDasrnMa7py9lRq/STzpT
RhT+YPy7hxYDvGc8uqKm3Zf1cpZyOPfOPgIivWRfFPbfZfF48fWSbBq+jqngk9RT
mDnhziS5SHyUcowbfrKs4kSbokTkqKAm8JG+Q00fyFqxI/+XnCBlbKge8xN6upEU
RKcjMjgLFLA2BQQs9fECH5fFw+gWrfFOv9jFryVh7EH2h2uIYqjQG2Mg67nNU/7x
u0/4SXTF6gP9QbG+6wMuYuSAR/n0T9KqQJ0jAybs0n8X7YNlWHX07i/YAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNi7HhobI0DWe8wI+tvsPwAzgtvMMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvMkxzZUdoc2pRTlo3ekFqNjItd19BRE9DMjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/LjMA0G
CSqGSIb3DQEBCwUAA4IBAQBHMXEF/175Js89BGmlymSUpxVyI2WDD/d2ikC4c5cx
Hk48W3JWBtE4IG7OhyD7MLhNxjESY4ZvlH5MwVq17oFhBOr511CbMUTi33eHn5Mx
mz2FCcdhTf/3kCkqzM2iUv0G7WUCrkv3+m8JoNSmZhb1eX5HecqwzSitQUaTBE5s
/CgCzruNkjWG3/1SXDnERiNLwS3aCbjk6HzKXsNsu3iFaX0FIsVKmkUyfecJ38sM
YfWy91cdt0hdsL02mH30mBPlv/MvgFyUYqO+qtaTlwN3ISVrR34JrcGH1B73WA2v
rNlpQs/9WXyHHM+psB6BtfqAgwATWE5KFfV9W88nLQyV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org