Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e9S8o7qkLAPq6MvdrVgW_86g6jI.roa
File: e9S8o7qkLAPq6MvdrVgW_86g6jI.roa (raw, json)
Hash identifier: SRI/FDJS6uw+KPXZ2169xYqvA8wzRDFRf2jqqR5r/WA=
Subject key identifier: 7B:D4:BC:A3:BA:A4:2C:03:EA:E8:CB:DD:AD:58:16:FF:CE:A0:EA:32
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 11AE22F2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e9S8o7qkLAPq6MvdrVgW_86g6jI.roa
Signing time: Tue 01 Feb 2022 11:35:41 +0000
ROA not before: Tue 01 Feb 2022 11:35:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 91.222.239.0/24 maxlen: 24
91.222.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296624882 (0x11ae22f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 1 11:35:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bd4bca3baa42c03eae8cbddad5816ffcea0ea32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:90:03:46:bb:95:bf:ed:a8:d1:83:ff:e2:
bc:30:09:72:49:2a:7e:b4:ea:75:b7:d0:38:95:35:
b8:90:6e:4f:cd:dc:41:45:05:b3:bf:f5:29:4a:00:
d6:f6:5e:b6:c0:bf:55:68:c8:dc:68:b7:c2:27:35:
d0:53:16:23:0a:9f:7c:82:e8:89:49:ba:1f:04:05:
9a:00:c2:b4:35:98:78:79:4e:7e:fe:2b:f6:92:ea:
30:58:c6:50:76:46:41:06:d1:63:05:55:b6:85:6e:
07:a6:e1:74:11:cb:ab:7b:70:e6:17:cb:2b:d4:af:
8a:58:50:99:04:d0:58:a5:1c:60:70:4b:ee:4c:a8:
09:57:10:35:30:76:ad:46:ad:71:e9:78:b0:ce:90:
2b:28:d7:07:72:ce:43:df:51:44:a1:51:94:4e:f6:
8d:ff:92:0e:5b:ae:b7:bd:18:3e:54:f1:2d:3d:de:
c0:e3:26:27:b0:02:f3:67:eb:80:d0:93:5d:9d:d8:
48:a8:fe:ea:ed:ca:78:7b:7f:11:c9:6b:86:20:02:
db:91:8e:8f:d5:b7:bd:42:dd:b5:bf:19:14:97:a0:
61:74:04:da:98:cf:da:42:4d:7c:24:93:c0:4e:57:
86:5d:2a:bb:70:63:d9:c8:0a:d8:77:14:9d:27:0d:
88:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D4:BC:A3:BA:A4:2C:03:EA:E8:CB:DD:AD:58:16:FF:CE:A0:EA:32
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e9S8o7qkLAPq6MvdrVgW_86g6jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.236.0/24
91.222.239.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:18:55:c8:23:b4:e9:31:23:20:96:0e:eb:f7:57:a0:19:26:
63:ca:14:69:d5:37:7a:1a:4c:9f:e8:43:7f:91:f9:83:14:7b:
52:47:68:71:2d:3f:94:0f:79:58:13:2e:b3:04:ab:a5:09:7c:
ea:5a:22:89:8f:8c:72:cb:b2:21:6e:0b:3e:8f:5b:40:f7:e8:
17:b4:21:a6:a3:38:b4:ab:f4:bb:40:94:8f:a4:9d:12:9c:63:
14:cb:8d:ae:6e:13:13:b5:5e:13:9e:51:16:85:da:d2:8b:f9:
de:0a:ca:07:0d:97:19:24:af:fb:52:be:1a:be:8f:d3:38:24:
a7:a7:ba:81:d2:51:18:b3:5e:d3:d8:d5:1a:4a:28:8f:b4:c6:
64:a3:bb:e2:55:ad:db:75:c0:e5:8c:dd:ca:35:0a:c5:62:b4:
02:0f:28:dc:6f:5b:18:31:02:3e:f9:cd:40:ad:73:9f:b9:1e:
50:35:d4:ce:0d:e8:ac:6d:14:5c:d3:79:30:8c:58:80:78:08:
4a:5e:bb:a1:41:f0:63:6b:df:6d:70:2e:8b:40:bf:1f:57:15:
28:ac:2a:69:8c:42:60:44:d7:57:d5:5a:ff:c2:f9:ab:2a:19:
bb:d4:f1:60:d4:5a:92:46:5b:0f:58:8e:81:cf:6c:69:b9:ae:
bb:2e:7d:ae
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEa4i8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDIw
MTExMzU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JkNGJjYTNiYWE0
MmMwM2VhZThjYmRkYWQ1ODE2ZmZjZWEwZWEzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3TkANGu5W/7ajRg//ivDAJckkqfrTqdbfQOJU1uJBuT83c
QUUFs7/1KUoA1vZetsC/VWjI3Gi3wic10FMWIwqffILoiUm6HwQFmgDCtDWYeHlO
fv4r9pLqMFjGUHZGQQbRYwVVtoVuB6bhdBHLq3tw5hfLK9SvilhQmQTQWKUcYHBL
7kyoCVcQNTB2rUatcel4sM6QKyjXB3LOQ99RRKFRlE72jf+SDluut70YPlTxLT3e
wOMmJ7AC82frgNCTXZ3YSKj+6u3KeHt/EclrhiAC25GOj9W3vULdtb8ZFJegYXQE
2pjP2kJNfCSTwE5Xhl0qu3Bj2cgK2HcUnScNiH8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR71LyjuqQsA+roy92tWBb/zqDqMjAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L2U5UzhvN3FrTEFQcTZNdmRyVmdXXzg2ZzZqSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFve7AMEAFve7zANBgkqhkiG9w0B
AQsFAAOCAQEAPhhVyCO06TEjIJYO6/dXoBkmY8oUadU3ehpMn+hDf5H5gxR7Ukdo
cS0/lA95WBMuswSrpQl86loiiY+McsuyIW4LPo9bQPfoF7QhpqM4tKv0u0CUj6Sd
EpxjFMuNrm4TE7VeE55RFoXa0ov53grKBw2XGSSv+1K+Gr6P0zgkp6e6gdJRGLNe
09jVGkooj7TGZKO74lWt23XA5YzdyjUKxWK0Ag8o3G9bGDECPvnNQK1zn7keUDXU
zg3orG0UXNN5MIxYgHgISl67oUHwY2vfbXAui0C/H1cVKKwqaYxCYETXV9Va/8L5
qyoZu9TxYNRakkZbD1iOgc9sabmuuy59rg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org