Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/WLgul54M5u_xzBJTvbVz2c9-Igs.roa
File: WLgul54M5u_xzBJTvbVz2c9-Igs.roa (raw, json)
Hash identifier: +cm1clyCok5653aqLcKf9uFzHIzQfGXuQRUecl2xaEI=
Subject key identifier: 58:B8:2E:97:9E:0C:E6:EF:F1:CC:12:53:BD:B5:73:D9:CF:7E:22:0B
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 0182F8AA8C30B3CB5A6DEDC38BD788D52EFE
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/WLgul54M5u_xzBJTvbVz2c9-Igs.roa
Signing time: Thu 01 Sep 2022 10:48:22 +0000
ROA not before: Thu 01 Sep 2022 10:48:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50247
IP address blocks: 91.224.143.0/24 maxlen: 24
91.224.142.0/23 maxlen: 23
91.224.142.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:aa:8c:30:b3:cb:5a:6d:ed:c3:8b:d7:88:d5:2e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Sep 1 10:48:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58b82e979e0ce6eff1cc1253bdb573d9cf7e220b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:06:6a:66:bb:80:d8:8f:71:5b:5f:38:0b:0e:
c7:2a:17:b1:76:7a:ec:4f:eb:7a:63:5b:e9:9b:84:
38:93:ff:ff:b5:b6:4e:a0:c6:00:dd:f7:d8:54:fb:
ae:ea:58:1f:3a:69:de:b7:cd:7a:f3:58:a7:55:5e:
66:8c:fe:84:61:a4:8d:70:10:aa:45:36:e0:4b:b5:
b6:1c:0d:d8:0a:c5:70:ae:59:54:79:83:7e:89:40:
3e:72:8f:52:b7:6d:30:d9:82:c8:2f:75:18:cf:72:
5d:31:09:3f:b1:0e:85:df:1e:e0:7c:4d:33:5e:af:
8f:ff:f7:38:8f:17:59:9f:6a:fe:0a:43:9e:65:80:
f7:31:01:37:e7:97:bd:fe:5e:22:5e:28:aa:7e:b7:
66:fd:fe:b5:9c:c8:b8:d1:6e:42:86:bd:e0:e0:f5:
3c:b8:32:8c:af:55:9c:3d:06:27:c8:43:22:33:c1:
85:80:9c:3f:5f:f6:c3:9e:b9:4b:ff:93:fd:22:b4:
5d:89:51:1d:11:d2:59:78:88:91:b6:5f:0c:c2:8a:
f9:da:d9:95:ef:45:23:f1:38:9f:80:3a:2d:8f:11:
a6:f3:4f:21:fa:d2:65:14:bf:67:59:3e:d5:39:fd:
28:e9:e0:6b:ff:11:7a:f4:83:12:f7:72:a4:de:99:
2e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B8:2E:97:9E:0C:E6:EF:F1:CC:12:53:BD:B5:73:D9:CF:7E:22:0B
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/WLgul54M5u_xzBJTvbVz2c9-Igs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.142.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:27:70:8d:4c:c5:af:6d:3e:67:6e:24:df:56:32:1e:43:a1:
28:52:f1:ab:de:13:fa:16:09:7b:76:32:23:09:7c:16:bc:9d:
f8:df:21:b0:34:8f:a7:90:3e:f2:9b:71:3f:35:29:cf:54:3c:
f7:8a:20:3c:fa:7a:91:b3:ac:73:6b:c0:81:55:80:86:98:c7:
cb:1c:3f:05:9c:06:49:c9:b5:85:ba:c0:d7:ed:ef:c4:3f:18:
e8:5d:aa:a7:52:b4:97:49:41:b1:e6:de:65:56:04:e4:d7:2b:
e4:3f:c5:64:f7:fd:e8:29:18:1c:80:7d:e6:1d:05:5d:da:17:
05:a6:8e:15:bc:f0:ef:25:2f:81:5d:5e:da:39:0d:b7:fb:69:
c1:5a:ee:ef:9a:68:02:52:bf:74:d3:ad:20:bd:07:5a:8d:fe:
e4:79:95:7c:b1:11:7e:60:37:2b:5c:63:ad:0f:17:95:2f:4f:
bb:2e:44:1d:4c:d9:92:85:f6:af:db:49:ba:0b:61:42:ac:f6:
68:d4:cd:ca:30:fb:e8:d7:45:07:e6:83:6c:a2:2c:5e:83:59:
08:9c:3e:00:d7:29:60:b3:9b:bd:12:63:c8:59:18:24:46:f7:
fc:c3:7f:50:a4:6c:24:2d:8b:3d:d8:e7:3a:8f:18:5c:c3:51:
85:fa:77:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL4qowws8tabe3Di9eI1S7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjIwOTAxMTA0ODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGI4MmU5NzllMGNlNmVmZjFjYzEyNTNiZGI1NzNkOWNmN2UyMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwZqZruA2I9xW184Cw7HKhexdnrs
T+t6Y1vpm4Q4k///tbZOoMYA3ffYVPuu6lgfOmnet81681inVV5mjP6EYaSNcBCq
RTbgS7W2HA3YCsVwrllUeYN+iUA+co9St20w2YLIL3UYz3JdMQk/sQ6F3x7gfE0z
Xq+P//c4jxdZn2r+CkOeZYD3MQE355e9/l4iXiiqfrdm/f61nMi40W5Chr3g4PU8
uDKMr1WcPQYnyEMiM8GFgJw/X/bDnrlL/5P9IrRdiVEdEdJZeIiRtl8Mwor52tmV
70Uj8TifgDotjxGm808h+tJlFL9nWT7VOf0o6eBr/xF69IMS93Kk3pkuEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFi4LpeeDObv8cwSU721c9nPfiILMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvV0xndWw1NE01dV94ekJKVHZiVnoyYzktSWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+COMA0G
CSqGSIb3DQEBCwUAA4IBAQAvJ3CNTMWvbT5nbiTfVjIeQ6EoUvGr3hP6Fgl7djIj
CXwWvJ343yGwNI+nkD7ym3E/NSnPVDz3iiA8+nqRs6xza8CBVYCGmMfLHD8FnAZJ
ybWFusDX7e/EPxjoXaqnUrSXSUGx5t5lVgTk1yvkP8Vk9/3oKRgcgH3mHQVd2hcF
po4VvPDvJS+BXV7aOQ23+2nBWu7vmmgCUr90060gvQdajf7keZV8sRF+YDcrXGOt
DxeVL0+7LkQdTNmShfav20m6C2FCrPZo1M3KMPvo10UH5oNsoixeg1kInD4A1ylg
s5u9EmPIWRgkRvf8w39QpGwkLYs92Oc6jxhcw1GF+ncZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org