Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/DC_Ishy18rvznWpTt-e5IXJXGHU.roa
File: DC_Ishy18rvznWpTt-e5IXJXGHU.roa (raw, json)
Hash identifier: +cT5gmjYVTVuSOxHok4pgPtw2tWR1TsVkjvt0PuySUs=
Subject key identifier: 0C:2F:C8:B2:1C:B5:F2:BB:F3:9D:6A:53:B7:E7:B9:21:72:57:18:75
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3D535344
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/DC_Ishy18rvznWpTt-e5IXJXGHU.roa
Signing time: Sat 01 Jan 2022 06:55:15 +0000
ROA not before: Sat 01 Jan 2022 06:55:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39779
IP address blocks: 91.189.168.0/24 maxlen: 24
2a01:488:bb06::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1028870980 (0x3d535344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 06:55:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c2fc8b21cb5f2bbf39d6a53b7e7b92172571875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4c:3d:f2:1e:9d:f0:14:c6:11:33:9d:bc:b5:
4d:21:5d:b0:7e:84:da:a1:c5:aa:50:b7:97:a7:f0:
cb:44:77:46:27:f9:76:84:d3:ea:61:ea:73:fc:dc:
b9:55:ee:59:b6:4c:05:c2:1c:07:d8:ba:a1:0b:c5:
9f:02:cc:6b:9a:1c:3e:b2:f0:3d:e9:2b:31:ae:5f:
8d:32:da:d8:f1:22:e5:1c:6b:66:ca:b5:2c:bf:f9:
40:03:25:91:11:7c:3d:9f:f1:a7:06:ec:96:4a:d9:
4c:f7:87:ca:44:f8:e3:4f:f9:e7:a1:a7:5b:55:10:
33:53:d7:3c:bf:d7:72:97:d3:b8:38:b0:ae:84:db:
47:45:79:82:ec:d4:d7:71:95:03:ac:54:e5:a9:17:
eb:1c:a4:ee:a2:db:51:2a:3b:8f:ee:1c:17:a7:b8:
dc:a7:ca:2f:77:bc:98:42:d7:0f:10:a4:b9:56:56:
66:89:75:dd:80:ac:53:4e:7b:57:25:7f:19:f9:15:
2f:1a:1a:3d:44:27:6f:11:9e:44:90:d3:a5:c4:12:
22:1b:ea:a4:59:f6:f0:9f:cf:0f:e9:96:1e:23:39:
19:d7:18:04:c0:28:ab:f7:bf:86:18:76:a6:a6:07:
6e:95:20:68:c0:79:48:94:49:e1:1e:a6:d0:eb:bb:
a4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2F:C8:B2:1C:B5:F2:BB:F3:9D:6A:53:B7:E7:B9:21:72:57:18:75
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/DC_Ishy18rvznWpTt-e5IXJXGHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.168.0/24
IPv6:
2a01:488:bb06::/48
Signature Algorithm: sha256WithRSAEncryption
04:1a:e8:10:7a:4f:f3:b4:84:4d:67:b8:4c:97:a5:18:57:14:
7f:7c:ac:03:67:e2:87:04:88:b9:2a:9e:33:ed:ca:63:5c:dc:
aa:35:75:1a:bc:f0:8e:28:3d:f6:72:96:46:ef:e6:e8:ff:db:
96:cd:6e:65:d6:54:d3:6b:6d:25:1f:2d:19:6d:93:23:3b:49:
cb:32:18:67:72:b2:c2:43:af:06:24:5b:93:1b:c3:56:3d:8d:
e1:c1:1c:dd:f9:d3:09:d7:99:71:a9:40:59:1d:0d:12:a7:25:
59:8d:2d:cb:cb:7b:9b:86:09:15:58:e8:4c:e5:23:e7:d1:f5:
b3:7d:d8:55:bc:53:e5:a8:56:ea:e3:92:6f:20:4c:82:e1:49:
1a:84:fc:91:5a:f7:4a:a1:57:5d:f1:ce:48:e2:17:ac:22:d5:
2a:bf:b3:0e:ac:0b:d8:39:a1:0c:fc:fe:c0:b5:56:32:85:1c:
50:19:66:cc:11:ca:e7:2c:8e:74:f6:01:de:f2:02:af:bd:20:
5f:17:c3:92:f3:20:7d:44:a0:ed:e5:7f:f8:b1:d5:eb:39:5b:
b5:59:8d:81:82:a3:2d:1c:eb:b5:19:d7:8b:7c:92:5e:0b:01:
e4:5b:69:ff:76:9a:d5:4f:53:75:dc:37:62:e8:cf:76:7a:ca:
c4:b6:23:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEPVNTRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDEw
MTA2NTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMyZmM4YjIxY2I1
ZjJiYmYzOWQ2YTUzYjdlN2I5MjE3MjU3MTg3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPhMPfIenfAUxhEznby1TSFdsH6E2qHFqlC3l6fwy0R3Rif5
doTT6mHqc/zcuVXuWbZMBcIcB9i6oQvFnwLMa5ocPrLwPekrMa5fjTLa2PEi5Rxr
Zsq1LL/5QAMlkRF8PZ/xpwbslkrZTPeHykT440/556GnW1UQM1PXPL/XcpfTuDiw
roTbR0V5guzU13GVA6xU5akX6xyk7qLbUSo7j+4cF6e43KfKL3e8mELXDxCkuVZW
Zol13YCsU057VyV/GfkVLxoaPUQnbxGeRJDTpcQSIhvqpFn28J/PD+mWHiM5GdcY
BMAoq/e/hhh2pqYHbpUgaMB5SJRJ4R6m0Ou7pAcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQML8iyHLXyu/OdalO357khclcYdTAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L0RDX0lzaHkxOHJ2em5XcFR0LWU1SVhKWEdIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFu9qDAPBAIAAjAJAwcAKgEEiLsG
MA0GCSqGSIb3DQEBCwUAA4IBAQAEGugQek/ztIRNZ7hMl6UYVxR/fKwDZ+KHBIi5
Kp4z7cpjXNyqNXUavPCOKD32cpZG7+bo/9uWzW5l1lTTa20lHy0ZbZMjO0nLMhhn
crLCQ68GJFuTG8NWPY3hwRzd+dMJ15lxqUBZHQ0SpyVZjS3Ly3ubhgkVWOhM5SPn
0fWzfdhVvFPlqFbq45JvIEyC4UkahPyRWvdKoVdd8c5I4hesItUqv7MOrAvYOaEM
/P7AtVYyhRxQGWbMEcrnLI509gHe8gKvvSBfF8OS8yB9RKDt5X/4sdXrOVu1WY2B
gqMtHOu1GdeLfJJeCwHkW2n/dprVT1N13Ddi6M92esrEtiOc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org