Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5hQloeOdiqM_aM9h7F989WCv94Q.roa
File: 5hQloeOdiqM_aM9h7F989WCv94Q.roa (raw, json)
Hash identifier: heDGcmrZuBPoKwveHeNN3NS2K42ciJLW92AUycZxw7o=
Subject key identifier: E6:14:25:A1:E3:9D:8A:A3:3F:68:CF:61:EC:5F:7C:F5:60:AF:F7:84
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01856E2FBEAFE0E8A4B69647C203F42D45D3
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5hQloeOdiqM_aM9h7F989WCv94Q.roa
Signing time: Sun 01 Jan 2023 16:35:00 +0000
ROA not before: Sun 01 Jan 2023 16:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 91.222.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:be:af:e0:e8:a4:b6:96:47:c2:03:f4:2d:45:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 16:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e61425a1e39d8aa33f68cf61ec5f7cf560aff784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:20:fc:09:a5:97:11:83:2c:53:7e:1d:3e:
b7:f9:bb:79:33:2a:c6:c0:ba:22:0a:1e:56:ad:ab:
31:a4:4d:5c:1b:76:85:10:95:ef:73:2b:47:4e:0e:
b5:e6:dd:6a:f7:23:76:cb:c1:94:d8:b7:95:23:50:
09:e9:72:1a:a4:bf:d2:cb:d2:a6:a7:b3:4b:ef:0d:
b5:27:b8:7e:24:79:8e:15:1e:f3:8a:4a:bd:a0:ad:
7e:12:06:b9:0b:a9:af:b9:b1:54:12:6c:6b:7c:6e:
52:78:a2:a2:72:ce:23:9e:c5:97:b2:b3:09:03:d8:
6c:cc:dc:8d:d6:4c:e0:d5:bf:2e:7b:42:e3:68:8b:
ea:07:2e:e6:4c:da:92:d7:6d:8b:d7:cd:53:a8:77:
61:7c:24:e5:fe:52:a3:71:da:bf:63:71:27:36:3c:
bc:7c:e9:21:ea:4c:cb:cf:f0:3c:aa:16:eb:ca:f0:
a3:97:70:a6:8e:b0:7d:21:10:ab:22:63:4a:1c:a7:
2b:5c:8b:18:7a:64:e3:6c:33:2a:f9:8c:45:d5:1e:
96:d4:e7:d2:9b:7d:df:db:f9:15:17:dc:f1:54:29:
0d:19:ec:f9:54:aa:2a:ec:36:67:44:40:dc:8e:9f:
a1:d3:e5:34:7f:a8:8f:06:a2:a4:8e:f7:9f:45:82:
b2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:14:25:A1:E3:9D:8A:A3:3F:68:CF:61:EC:5F:7C:F5:60:AF:F7:84
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/5hQloeOdiqM_aM9h7F989WCv94Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e6:9f:be:f2:e7:60:40:45:bd:42:f1:e6:c4:8c:99:90:24:
1d:29:95:32:02:ba:b6:47:d0:e4:ce:8d:f1:b3:f0:4c:2b:bd:
8f:ad:70:44:31:75:58:82:b0:49:56:03:f6:72:2d:73:6b:3f:
af:95:46:dc:9a:98:63:63:d4:1a:4a:74:44:39:98:2e:4c:c4:
41:ca:79:a4:d4:26:7c:3c:d4:a5:4f:84:e0:33:e9:f0:72:10:
b2:8a:f0:43:ea:4e:98:80:e6:48:90:f4:31:0b:aa:9f:ba:1d:
fa:13:bb:3e:49:8e:9c:2a:70:e4:92:d9:dc:8f:8a:00:0e:04:
ed:8a:7b:1f:0c:2a:e2:eb:cf:b1:d5:c0:7f:f4:5e:aa:91:5a:
31:06:18:6d:90:3d:c7:61:c3:dc:0d:11:0f:74:10:3f:21:df:
26:24:bb:bd:45:bf:e1:a4:f8:d4:46:5d:40:96:1d:30:0d:50:
60:01:5a:04:6b:8f:63:0f:75:68:58:58:ed:8f:14:ca:17:6c:
ac:c1:d4:4e:0e:3f:3a:b7:00:f2:9c:55:60:79:c4:eb:ab:b2:
d7:de:4a:69:a0:46:5d:24:08:7f:c8:64:bc:cf:96:5d:80:e2:
15:f5:6b:52:24:b5:bd:20:26:af:13:67:47:ab:da:eb:13:00:
3b:b4:d8:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL76v4OiktpZHwgP0LUXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE0MjVhMWUzOWQ4YWEzM2Y2OGNmNjFlYzVmN2NmNTYwYWZmNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq84g/AmllxGDLFN+HT63+bt5MyrG
wLoiCh5WrasxpE1cG3aFEJXvcytHTg615t1q9yN2y8GU2LeVI1AJ6XIapL/Sy9Km
p7NL7w21J7h+JHmOFR7zikq9oK1+Ega5C6mvubFUEmxrfG5SeKKics4jnsWXsrMJ
A9hszNyN1kzg1b8ue0LjaIvqBy7mTNqS122L181TqHdhfCTl/lKjcdq/Y3EnNjy8
fOkh6kzLz/A8qhbryvCjl3CmjrB9IRCrImNKHKcrXIsYemTjbDMq+YxF1R6W1OfS
m33f2/kVF9zxVCkNGez5VKoq7DZnREDcjp+h0+U0f6iPBqKkjvefRYKy2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOYUJaHjnYqjP2jPYexffPVgr/eEMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvNWhRbG9lT2RpcU1fYU05aDdGOTg5V0N2OTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW97uMA0G
CSqGSIb3DQEBCwUAA4IBAQCk5p++8udgQEW9QvHmxIyZkCQdKZUyArq2R9Dkzo3x
s/BMK72PrXBEMXVYgrBJVgP2ci1zaz+vlUbcmphjY9QaSnREOZguTMRBynmk1CZ8
PNSlT4TgM+nwchCyivBD6k6YgOZIkPQxC6qfuh36E7s+SY6cKnDkktncj4oADgTt
insfDCri68+x1cB/9F6qkVoxBhhtkD3HYcPcDREPdBA/Id8mJLu9Rb/hpPjURl1A
lh0wDVBgAVoEa49jD3VoWFjtjxTKF2yswdRODj86twDynFVgecTrq7LX3kppoEZd
JAh/yGS8z5ZdgOIV9WtSJLW9ICavE2dHq9rrEwA7tNir
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org