Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/thWob1Q75ll92_5eVW9p_PewwxY.roa
File: thWob1Q75ll92_5eVW9p_PewwxY.roa (raw, json)
Hash identifier: q+s3+3BD0k9w37fkDh0yQOvl+X8Zu/FbrK4bL3tGWnU=
Subject key identifier: B6:15:A8:6F:54:3B:E6:59:7D:DB:FE:5E:55:6F:69:FC:F7:B0:C3:16
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018D3BDFFDA62A800DA74EB183DBEDAB9A29
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/thWob1Q75ll92_5eVW9p_PewwxY.roa
Signing time: Wed 24 Jan 2024 14:29:11 +0000
ROA not before: Wed 24 Jan 2024 14:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 91.247.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:df:fd:a6:2a:80:0d:a7:4e:b1:83:db:ed:ab:9a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Jan 24 14:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b615a86f543be6597ddbfe5e556f69fcf7b0c316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e2:d7:c2:cf:02:ae:b0:a9:73:9c:95:d8:a2:
f2:9e:9e:bb:35:b0:67:b2:df:c5:5f:87:f8:4b:67:
58:19:06:40:46:9b:b9:51:3a:70:ec:84:ab:84:32:
53:72:00:ec:d5:bc:be:f7:10:85:f9:06:ed:73:38:
0e:09:65:a8:d6:e7:5d:3d:e3:b6:97:19:2e:70:e4:
15:31:9c:69:90:35:95:11:d2:a3:63:83:41:ef:73:
cd:08:dc:ee:38:28:b9:6c:71:80:27:84:f3:d0:52:
7e:6e:f5:a6:fd:b6:2e:7d:ec:c0:14:77:65:d2:ac:
7d:a4:74:7f:e3:86:8f:9d:a1:f9:06:6a:3b:ce:f2:
01:b1:fd:95:b7:51:e8:9c:98:b2:3d:76:8d:a3:e2:
6e:d5:27:c9:fe:63:09:46:44:92:bd:d8:a4:76:45:
bd:8f:7b:28:cd:b9:77:7b:b6:29:6c:ab:81:3a:8a:
31:f2:a7:87:e0:79:e0:6c:39:66:54:51:dd:1d:cf:
a3:fb:26:a0:92:40:4d:dd:f1:c8:42:3d:27:e9:6e:
36:71:e5:50:d1:50:80:47:32:2d:47:41:17:c1:d5:
2b:03:66:cc:68:db:ee:98:16:12:31:7d:79:45:bd:
b3:4b:a2:1b:33:51:7e:eb:cc:38:c0:13:b6:2a:1e:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:15:A8:6F:54:3B:E6:59:7D:DB:FE:5E:55:6F:69:FC:F7:B0:C3:16
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/thWob1Q75ll92_5eVW9p_PewwxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.77.0/24
Signature Algorithm: sha256WithRSAEncryption
40:21:87:8b:b6:49:8c:05:2a:34:46:db:15:c9:ba:e3:76:63:
df:bc:fc:a7:90:a5:6b:b3:09:3e:33:87:2d:34:be:f3:2a:1e:
6e:9e:15:03:9f:c7:8a:bf:c3:3a:f9:ab:3a:4f:cd:61:02:34:
98:ae:07:dd:4a:e1:e5:20:2c:10:12:0a:0d:dd:6a:4d:90:ce:
06:a2:98:19:17:dd:6b:34:f1:43:40:ae:f8:c7:17:80:bb:04:
24:3d:40:db:66:33:5f:19:6f:11:65:c3:9c:38:5c:c5:af:5c:
65:1c:7a:89:16:42:3c:6c:84:e1:c1:05:65:05:2c:51:eb:90:
f1:1e:ef:fc:37:22:b9:7c:35:95:84:19:8c:67:40:0d:a4:10:
0d:cf:b3:50:28:71:09:29:01:91:04:b3:9a:81:b2:d6:69:b2:
eb:30:4b:25:22:77:c2:af:09:73:cc:a1:01:e5:af:3f:88:db:
c8:2f:54:c9:f1:ea:08:36:a9:c1:8b:f4:82:02:de:05:11:b1:
a1:ab:66:8b:93:ad:dc:98:d0:6a:44:dd:94:64:da:84:56:b8:
9c:41:55:1f:07:68:b6:6d:3c:44:1f:68:ea:de:20:e7:b4:7e:
22:3a:83:6d:55:af:2a:35:10:61:11:d6:41:95:91:70:85:f2:
6d:b5:eb:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY073/2mKoANp06xg9vtq5opMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMTI0MTQyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjE1YTg2ZjU0M2JlNjU5N2RkYmZlNWU1NTZmNjlmY2Y3YjBjMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeLXws8CrrCpc5yV2KLynp67NbBn
st/FX4f4S2dYGQZARpu5UTpw7ISrhDJTcgDs1by+9xCF+QbtczgOCWWo1uddPeO2
lxkucOQVMZxpkDWVEdKjY4NB73PNCNzuOCi5bHGAJ4Tz0FJ+bvWm/bYufezAFHdl
0qx9pHR/44aPnaH5Bmo7zvIBsf2Vt1HonJiyPXaNo+Ju1SfJ/mMJRkSSvdikdkW9
j3sozbl3e7YpbKuBOoox8qeH4HngbDlmVFHdHc+j+yagkkBN3fHIQj0n6W42ceVQ
0VCARzItR0EXwdUrA2bMaNvumBYSMX15Rb2zS6IbM1F+68w4wBO2Kh7sKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYVqG9UO+ZZfdv+XlVvafz3sMMWMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvdGhXb2IxUTc1bGw5Ml81ZVZXOXBfUGV3d3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/dNMA0G
CSqGSIb3DQEBCwUAA4IBAQBAIYeLtkmMBSo0RtsVybrjdmPfvPynkKVrswk+M4ct
NL7zKh5unhUDn8eKv8M6+as6T81hAjSYrgfdSuHlICwQEgoN3WpNkM4GopgZF91r
NPFDQK74xxeAuwQkPUDbZjNfGW8RZcOcOFzFr1xlHHqJFkI8bIThwQVlBSxR65Dx
Hu/8NyK5fDWVhBmMZ0ANpBANz7NQKHEJKQGRBLOagbLWabLrMEslInfCrwlzzKEB
5a8/iNvIL1TJ8eoINqnBi/SCAt4FEbGhq2aLk63cmNBqRN2UZNqEVricQVUfB2i2
bTxEH2jq3iDntH4iOoNtVa8qNRBhEdZBlZFwhfJttetq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org