Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/hm2IBjI9NuTlmhwnU1_pNNkmpfo.roa
File: hm2IBjI9NuTlmhwnU1_pNNkmpfo.roa (raw, json)
Hash identifier: xnptcXNpJQaPIu9cD6Xqn1VrKL12uog3CoBG+VJTXcU=
Subject key identifier: 86:6D:88:06:32:3D:36:E4:E5:9A:1C:27:53:5F:E9:34:D9:26:A5:FA
Certificate issuer: /CN=52e41f4806ce48fc398842381f2ffbe04b294818
Certificate serial: 0183C0AB663CE635F17023E2D1159790F647
Authority key identifier: 52:E4:1F:48:06:CE:48:FC:39:88:42:38:1F:2F:FB:E0:4B:29:48:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQfSAbOSPw5iEI4Hy_74EspSBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/hm2IBjI9NuTlmhwnU1_pNNkmpfo.roa
Signing time: Mon 10 Oct 2022 06:53:21 +0000
ROA not before: Mon 10 Oct 2022 06:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202081
IP address blocks: 91.222.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:ab:66:3c:e6:35:f1:70:23:e2:d1:15:97:90:f6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e41f4806ce48fc398842381f2ffbe04b294818
Validity
Not Before: Oct 10 06:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=866d8806323d36e4e59a1c27535fe934d926a5fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:42:a3:63:10:1c:49:84:50:66:5c:76:75:a0:
51:b7:2f:27:4e:1f:36:06:23:bc:06:e1:db:26:be:
9f:e7:4a:09:32:d2:e8:ad:17:b4:4a:1f:99:3e:5c:
4b:40:b3:2c:0d:80:37:45:23:fe:e2:87:fe:c9:12:
0a:6d:18:04:ea:9f:f0:e3:2f:26:c2:7d:e6:dc:58:
3d:06:13:b0:ea:85:7e:0c:4c:da:fd:b0:a1:de:e3:
a1:7f:e0:f0:8b:24:25:ab:87:a3:1b:63:f0:86:d0:
a7:de:f1:c8:12:2d:9a:d5:f7:88:80:b0:3d:f6:bb:
dd:ee:83:e1:85:57:3b:37:3d:db:82:34:e2:c0:b0:
c0:a3:63:7f:77:1a:b7:f7:1d:b3:d0:90:de:c5:74:
93:10:f5:5d:a3:95:e4:44:a0:70:d6:00:10:7e:76:
17:c0:21:7f:8f:1d:42:f5:07:29:58:19:12:1b:3a:
20:20:6a:7d:16:e4:e7:5c:b0:25:b0:71:8c:ba:f9:
49:37:5b:a2:f9:af:32:4a:12:99:00:73:24:30:31:
04:fe:40:12:a5:8e:0c:e2:e4:3c:55:d8:6b:53:d7:
83:6b:33:99:a8:b8:62:14:61:3c:53:49:c7:dd:cf:
c6:ce:3c:90:45:3e:e7:42:21:1e:4a:c3:da:35:5d:
4b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6D:88:06:32:3D:36:E4:E5:9A:1C:27:53:5F:E9:34:D9:26:A5:FA
X509v3 Authority Key Identifier:
keyid:52:E4:1F:48:06:CE:48:FC:39:88:42:38:1F:2F:FB:E0:4B:29:48:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQfSAbOSPw5iEI4Hy_74EspSBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/hm2IBjI9NuTlmhwnU1_pNNkmpfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0408f7-76a2-49c7-a022-deb44b869d19/1/UuQfSAbOSPw5iEI4Hy_74EspSBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.185.0/24
Signature Algorithm: sha256WithRSAEncryption
84:05:ec:17:15:65:67:17:56:0f:d9:c4:90:0b:ed:b6:50:8a:
e5:f5:44:4a:a8:e7:95:66:3a:5c:8b:80:22:24:17:f1:7c:96:
57:ce:ee:cf:79:67:1e:64:f3:69:7d:fc:ec:be:15:01:d7:13:
3d:84:6d:67:a7:74:f9:85:16:26:43:a1:b4:89:58:5a:15:6a:
13:85:ea:7e:98:aa:7c:29:a7:f2:5d:e2:49:92:07:f7:b6:14:
2f:2a:e0:1a:57:78:08:b3:90:e9:f6:f4:bc:54:9f:44:37:96:
af:5d:52:f1:e8:65:b9:2b:03:74:01:2b:cb:db:ff:3c:27:13:
1b:32:9d:e6:73:d6:97:0a:14:86:49:9f:c7:3c:e5:84:3d:7e:
cf:b2:c0:aa:a1:10:4b:8d:8b:1b:3c:56:39:8d:36:5f:30:ba:
c4:e7:35:5c:f3:1d:3e:15:52:39:3f:97:4f:5f:5a:99:bb:f0:
f7:39:2e:4d:29:30:5e:ce:7e:7b:7e:bd:33:db:6d:e3:23:bb:
c2:e0:0e:83:da:da:04:ce:fa:6f:78:49:74:cf:5f:46:82:8c:
7d:b3:e8:5f:86:b1:77:ec:20:ca:94:e5:09:b0:ea:9e:29:c3:
67:29:f0:6c:98:60:c9:16:40:a4:4c:81:d5:1b:64:6c:cc:81:
0a:01:1e:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPAq2Y85jXxcCPi0RWXkPZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTQxZjQ4MDZjZTQ4ZmMzOTg4NDIzODFmMmZmYmUwNGIy
OTQ4MTgwHhcNMjIxMDEwMDY1MzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZkODgwNjMyM2QzNmU0ZTU5YTFjMjc1MzVmZTkzNGQ5MjZhNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkKjYxAcSYRQZlx2daBRty8nTh82
BiO8BuHbJr6f50oJMtLorRe0Sh+ZPlxLQLMsDYA3RSP+4of+yRIKbRgE6p/w4y8m
wn3m3Fg9BhOw6oV+DEza/bCh3uOhf+DwiyQlq4ejG2PwhtCn3vHIEi2a1feIgLA9
9rvd7oPhhVc7Nz3bgjTiwLDAo2N/dxq39x2z0JDexXSTEPVdo5XkRKBw1gAQfnYX
wCF/jx1C9QcpWBkSGzogIGp9FuTnXLAlsHGMuvlJN1ui+a8yShKZAHMkMDEE/kAS
pY4M4uQ8VdhrU9eDazOZqLhiFGE8U0nH3c/GzjyQRT7nQiEeSsPaNV1LowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZtiAYyPTbk5ZocJ1Nf6TTZJqX6MB8GA1UdIwQY
MBaAFFLkH0gGzkj8OYhCOB8v++BLKUgYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVRZlNBYk9TUHc1aUVJNEh5Xzc0RXNwU0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wNDA4ZjctNzZhMi00OWM3LWEwMjIt
ZGViNDRiODY5ZDE5LzEvaG0ySUJqSTlOdVRsbWh3blUxX3BOTmttcGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wNDA4ZjctNzZhMi00OWM3LWEwMjItZGViNDRiODY5ZDE5
LzEvVXVRZlNBYk9TUHc1aUVJNEh5Xzc0RXNwU0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW965MA0G
CSqGSIb3DQEBCwUAA4IBAQCEBewXFWVnF1YP2cSQC+22UIrl9URKqOeVZjpci4Ai
JBfxfJZXzu7PeWceZPNpffzsvhUB1xM9hG1np3T5hRYmQ6G0iVhaFWoThep+mKp8
KafyXeJJkgf3thQvKuAaV3gIs5Dp9vS8VJ9EN5avXVLx6GW5KwN0ASvL2/88JxMb
Mp3mc9aXChSGSZ/HPOWEPX7PssCqoRBLjYsbPFY5jTZfMLrE5zVc8x0+FVI5P5dP
X1qZu/D3OS5NKTBezn57fr0z223jI7vC4A6D2toEzvpveEl0z19Ggox9s+hfhrF3
7CDKlOUJsOqeKcNnKfBsmGDJFkCkTIHVG2RszIEKAR4v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org