Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Btp0OxfJkntpVAxcyUq7ScYJLHU.roa
File: Btp0OxfJkntpVAxcyUq7ScYJLHU.roa (raw, json)
Hash identifier: gCRhQW60dYpdby4r34j5edmTIBRnmNY/hQjFRfQy1g4=
Subject key identifier: 06:DA:74:3B:17:C9:92:7B:69:54:0C:5C:C9:4A:BB:49:C6:09:2C:75
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 11659CC1
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Btp0OxfJkntpVAxcyUq7ScYJLHU.roa
Signing time: Sat 01 Jan 2022 05:57:07 +0000
ROA not before: Sat 01 Jan 2022 05:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 91.222.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291871937 (0x11659cc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 05:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06da743b17c9927b69540c5cc94abb49c6092c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:e6:5e:3f:37:ee:63:95:bb:bb:ee:ef:cd:
3c:6f:c8:0d:20:b8:a5:85:69:dc:c6:75:06:e5:9a:
77:2b:4d:de:63:98:42:8a:6e:08:49:3c:be:61:8f:
d6:4b:21:be:5e:53:a7:2c:92:bd:a9:4d:62:68:2a:
9c:3e:7c:24:9d:10:d6:e7:e3:e8:71:74:09:f6:41:
71:3a:f8:4d:e0:f8:59:e0:92:1c:2e:b7:ea:46:73:
75:4f:ad:f5:c9:c1:ea:42:5e:92:cd:11:f3:ff:3b:
bb:54:21:69:13:5f:d6:29:2f:68:11:ea:7b:4b:16:
47:54:a8:32:31:75:81:1f:95:6c:ea:76:8f:54:0e:
49:08:6f:c5:06:db:f9:62:c4:22:f8:e5:3a:31:6f:
72:89:9b:b0:70:20:b5:1e:6d:c5:2b:72:98:9f:26:
ef:85:6a:3d:48:9c:72:2a:c2:78:39:ec:66:51:86:
2c:ac:9d:82:cd:6f:a3:2b:f2:d4:68:8b:eb:2e:56:
1e:8b:f2:b2:d6:31:7b:0e:52:0e:3e:cd:4e:44:4d:
6d:67:0a:11:6c:b5:e4:20:1a:a7:49:9f:95:b0:0c:
3a:5a:16:9d:86:29:46:4a:d9:d7:0c:b2:2b:11:86:
42:6b:14:80:5d:ad:3b:ec:4b:b2:fc:74:d9:cb:9e:
51:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:DA:74:3B:17:C9:92:7B:69:54:0C:5C:C9:4A:BB:49:C6:09:2C:75
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Btp0OxfJkntpVAxcyUq7ScYJLHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.238.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4c:16:7c:86:c0:cc:59:7d:cf:37:ee:cb:59:ee:09:09:11:
ef:72:87:ca:dd:e5:6b:48:8a:75:b0:26:df:9b:a6:6d:36:21:
51:cf:75:b2:8f:59:ff:99:68:84:b1:a0:0e:3e:c0:00:56:d7:
fb:30:96:80:e3:74:50:2e:01:45:37:72:2d:7a:56:d8:3a:ed:
d7:af:a0:fd:94:31:cb:8d:2a:f1:ed:3d:07:c2:08:08:4a:d3:
88:40:6e:63:91:51:ef:e4:71:73:38:61:a1:03:bf:c1:ef:a8:
ad:99:97:74:38:0d:54:c1:2a:49:2f:a6:6d:22:6a:88:e7:90:
45:6a:e8:c8:d1:5d:86:08:6d:10:bf:4b:f7:80:29:9d:7d:ce:
92:e4:5c:6d:47:b7:18:94:c9:49:c0:be:e5:51:55:17:1e:2a:
b2:46:5a:5a:33:bf:76:57:f6:6a:fc:5c:c9:55:64:6a:0f:ea:
ba:c1:15:1b:3b:a6:11:53:6b:a0:df:c8:39:70:d7:cd:9a:43:
f5:73:7d:c7:8e:dc:26:9c:ee:a5:f4:cc:ed:f5:ff:0f:3b:4d:
ac:d1:20:85:da:f8:cf:42:35:bb:1d:90:48:bd:42:02:d8:ef:
48:f7:7d:cf:0a:23:f8:f8:db:fa:86:4d:cc:31:0f:27:d8:36:
c4:3f:20:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEWWcwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDEw
MTA1NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZkYTc0M2IxN2M5
OTI3YjY5NTQwYzVjYzk0YWJiNDljNjA5MmM3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxo5l4/N+5jlbu77u/NPG/IDSC4pYVp3MZ1BuWadytN3mOY
QopuCEk8vmGP1kshvl5TpyySvalNYmgqnD58JJ0Q1ufj6HF0CfZBcTr4TeD4WeCS
HC636kZzdU+t9cnB6kJeks0R8/87u1QhaRNf1ikvaBHqe0sWR1SoMjF1gR+VbOp2
j1QOSQhvxQbb+WLEIvjlOjFvcombsHAgtR5txStymJ8m74VqPUiccirCeDnsZlGG
LKydgs1voyvy1GiL6y5WHovystYxew5SDj7NTkRNbWcKEWy15CAap0mflbAMOloW
nYYpRkrZ1wyyKxGGQmsUgF2tO+xLsvx02cueUU8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQG2nQ7F8mSe2lUDFzJSrtJxgksdTAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L0J0cDBPeGZKa250cFZBeGN5VXE3U2NZSkxIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFve7jANBgkqhkiG9w0BAQsFAAOC
AQEADUwWfIbAzFl9zzfuy1nuCQkR73KHyt3la0iKdbAm35umbTYhUc91so9Z/5lo
hLGgDj7AAFbX+zCWgON0UC4BRTdyLXpW2Drt16+g/ZQxy40q8e09B8IICErTiEBu
Y5FR7+RxczhhoQO/we+orZmXdDgNVMEqSS+mbSJqiOeQRWroyNFdhghtEL9L94Ap
nX3OkuRcbUe3GJTJScC+5VFVFx4qskZaWjO/dlf2avxcyVVkag/qusEVGzumEVNr
oN/IOXDXzZpD9XN9x47cJpzupfTM7fX/DztNrNEghdr4z0I1ux2QSL1CAtjvSPd9
zwoj+Pjb+oZNzDEPJ9g2xD8gUA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org