Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/N8tMuLY8OR3vqyCM_9wpbtIkUbQ.roa
File: N8tMuLY8OR3vqyCM_9wpbtIkUbQ.roa (raw, json)
Hash identifier: A1cU1UmLZ0M7zBhk2X2XDa9nIgq3VF4B5zfRSTezsRE=
Subject key identifier: 37:CB:4C:B8:B6:3C:39:1D:EF:AB:20:8C:FF:DC:29:6E:D2:24:51:B4
Certificate issuer: /CN=52e41f4806ce48fc398842381f2ffbe04b294818
Certificate serial: ED9FE1
Authority key identifier: 52:E4:1F:48:06:CE:48:FC:39:88:42:38:1F:2F:FB:E0:4B:29:48:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQfSAbOSPw5iEI4Hy_74EspSBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/N8tMuLY8OR3vqyCM_9wpbtIkUbQ.roa
Signing time: Tue 10 May 2022 07:26:29 +0000
ROA not before: Tue 10 May 2022 07:26:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41247
IP address blocks: 91.222.185.0/24 maxlen: 24
91.222.184.0/24 maxlen: 24
91.222.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15572961 (0xed9fe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e41f4806ce48fc398842381f2ffbe04b294818
Validity
Not Before: May 10 07:26:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37cb4cb8b63c391defab208cffdc296ed22451b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:f5:c6:36:10:32:b4:6c:c0:5a:41:40:9d:
cd:13:1b:1b:90:5a:67:75:dc:c7:37:96:5f:ce:49:
3e:5e:40:04:ce:76:ca:56:17:9a:af:53:9e:a2:51:
c6:e6:af:d2:35:fb:d9:c3:bb:95:67:c0:73:b0:28:
a6:1c:dc:6c:61:d9:5d:0c:63:49:02:0b:54:5f:2f:
62:73:a5:e9:af:dd:b7:7d:1d:8d:99:77:01:48:3c:
23:5c:b8:d6:49:ab:ec:ae:86:6c:1d:c7:b5:f3:0c:
0d:bc:ce:2d:db:f0:4d:3e:69:43:ce:a8:54:ac:01:
ae:8e:55:b0:13:c0:99:6c:40:08:5d:f0:8c:cb:08:
6a:03:bb:23:2f:7e:54:3b:5c:a5:99:a1:fd:b7:ab:
90:b5:70:42:12:21:6e:69:e4:69:09:64:c4:45:2b:
9e:df:d7:f3:45:af:6a:26:bb:af:f2:21:96:3a:eb:
b3:37:47:76:d3:64:f5:3c:aa:05:2f:d7:66:17:2b:
40:b6:37:4b:52:1e:3c:00:fa:f3:a6:21:fb:6c:d1:
ec:6c:36:57:ae:80:71:1d:9c:c8:08:1b:2f:4d:78:
8f:99:11:43:f3:ad:de:71:12:64:c3:04:9d:70:63:
fc:5b:02:b9:9b:68:bc:d1:80:8c:c5:8f:14:53:3b:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CB:4C:B8:B6:3C:39:1D:EF:AB:20:8C:FF:DC:29:6E:D2:24:51:B4
X509v3 Authority Key Identifier:
keyid:52:E4:1F:48:06:CE:48:FC:39:88:42:38:1F:2F:FB:E0:4B:29:48:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQfSAbOSPw5iEI4Hy_74EspSBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/N8tMuLY8OR3vqyCM_9wpbtIkUbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/UuQfSAbOSPw5iEI4Hy_74EspSBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.184.0/23
91.222.187.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5c:55:d2:71:4b:5a:9c:41:c7:82:8d:b7:5a:e3:fc:3d:b9:
2c:41:c7:d6:62:5f:ac:b7:78:11:2f:3c:f8:44:8b:f5:92:6b:
41:34:fb:07:fb:32:a0:03:20:cb:8e:6d:a5:8d:02:68:21:de:
4c:9d:a6:6a:c4:93:d0:d2:c2:1c:75:80:95:87:d6:0a:6e:57:
bb:69:8f:33:c7:94:24:d0:7f:0f:da:45:bf:36:65:e4:30:e5:
18:65:fa:a6:56:8d:0f:4b:7f:56:b2:43:61:63:f9:61:97:cc:
31:c5:8e:2b:11:ea:39:1d:32:1d:c0:92:53:d0:23:b8:f0:72:
8b:f7:de:72:8a:74:b9:13:62:17:a8:fb:ac:29:6d:5a:ac:0e:
85:45:26:e7:3b:c5:fd:4c:e1:82:4b:32:50:89:9b:6a:b9:5e:
71:8c:78:97:d6:3f:26:f5:2a:71:12:17:c2:df:f2:5b:da:89:
c7:25:b9:4a:ef:ae:11:4a:8a:1c:37:79:2f:e1:5f:c1:2b:70:
af:53:7d:a5:dc:52:a7:ef:62:e2:c8:28:77:8a:7b:0a:4b:53:
4f:4f:2a:c4:50:f9:d1:60:18:db:30:00:97:c0:ca:70:f0:b9:
4f:e9:cd:5d:64:37:67:d1:4b:28:26:37:e8:e7:93:c7:08:c0:
ed:40:ce:1c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAO2f4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmU0MWY0ODA2Y2U0OGZjMzk4ODQyMzgxZjJmZmJlMDRiMjk0ODE4MB4XDTIyMDUx
MDA3MjYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdjYjRjYjhiNjNj
MzkxZGVmYWIyMDhjZmZkYzI5NmVkMjI0NTFiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2a9cY2EDK0bMBaQUCdzRMbG5BaZ3XcxzeWX85JPl5ABM52
ylYXmq9TnqJRxuav0jX72cO7lWfAc7AophzcbGHZXQxjSQILVF8vYnOl6a/dt30d
jZl3AUg8I1y41kmr7K6GbB3HtfMMDbzOLdvwTT5pQ86oVKwBro5VsBPAmWxACF3w
jMsIagO7Iy9+VDtcpZmh/berkLVwQhIhbmnkaQlkxEUrnt/X80Wvaia7r/Ihljrr
szdHdtNk9TyqBS/XZhcrQLY3S1IePAD686Yh+2zR7Gw2V66AcR2cyAgbL014j5kR
Q/Ot3nESZMMEnXBj/FsCuZtovNGAjMWPFFM7eJsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ3y0y4tjw5He+rIIz/3Clu0iRRtDAfBgNVHSMEGDAWgBRS5B9IBs5I/DmI
QjgfL/vgSylIGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V1UWZTQWJPU1B3NWlFSTRIeV83NEVzcFNCZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvMDQwOGY3LTc2YTItNDljNy1hMDIyLWRlYjQ0Yjg2OWQxOS8x
L044dE11TFk4T1IzdnF5Q01fOXdwYnRJa1ViUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
MDQwOGY3LTc2YTItNDljNy1hMDIyLWRlYjQ0Yjg2OWQxOS8xL1V1UWZTQWJPU1B3
NWlFSTRIeV83NEVzcFNCZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVveuAMEAFveuzANBgkqhkiG9w0B
AQsFAAOCAQEAtlxV0nFLWpxBx4KNt1rj/D25LEHH1mJfrLd4ES88+ESL9ZJrQTT7
B/syoAMgy45tpY0CaCHeTJ2masST0NLCHHWAlYfWCm5Xu2mPM8eUJNB/D9pFvzZl
5DDlGGX6plaND0t/VrJDYWP5YZfMMcWOKxHqOR0yHcCSU9AjuPByi/fecop0uRNi
F6j7rCltWqwOhUUm5zvF/UzhgksyUImbarlecYx4l9Y/JvUqcRIXwt/yW9qJxyW5
Su+uEUqKHDd5L+FfwStwr1N9pdxSp+9i4sgod4p7CktTT08qxFD50WAY2zAAl8DK
cPC5T+nNXWQ3Z9FLKCY36OeTxwjA7UDOHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org