Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3db02b-95f3-49c8-b4ed-d5bf63ec0985/1/NLi8VjAFUuhsHTnCAgq8vrhoZWM.roa
File: NLi8VjAFUuhsHTnCAgq8vrhoZWM.roa (raw, json)
Hash identifier: RCWTpZJH1ZBOp+t80rbpD2fOfRqua6Mz2f9AyQEZ6FY=
Subject key identifier: 34:B8:BC:56:30:05:52:E8:6C:1D:39:C2:02:0A:BC:BE:B8:68:65:63
Certificate issuer: /CN=e645308f7289fc0804c0a6a2461e5e4def2316c1
Certificate serial: 018D5F7AB1A40F786255DDF21B95F54B3DBF
Authority key identifier: E6:45:30:8F:72:89:FC:08:04:C0:A6:A2:46:1E:5E:4D:EF:23:16:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5kUwj3KJ_AgEwKaiRh5eTe8jFsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/3db02b-95f3-49c8-b4ed-d5bf63ec0985/1/NLi8VjAFUuhsHTnCAgq8vrhoZWM.roa
Signing time: Wed 31 Jan 2024 12:24:52 +0000
ROA not before: Wed 31 Jan 2024 12:24:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199995
IP address blocks: 80.91.214.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:7a:b1:a4:0f:78:62:55:dd:f2:1b:95:f5:4b:3d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e645308f7289fc0804c0a6a2461e5e4def2316c1
Validity
Not Before: Jan 31 12:24:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b8bc56300552e86c1d39c2020abcbeb8686563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:48:71:02:53:bd:a6:7a:1d:d2:83:3a:c1:
b4:73:a9:23:d6:98:70:6c:5d:5d:de:fe:02:1d:59:
70:77:45:ab:8a:f6:74:73:49:78:3c:2a:8b:b6:13:
02:44:7f:51:87:7a:20:2a:7f:18:ee:1a:be:3c:6d:
6d:81:eb:4e:03:44:8c:77:f5:88:07:61:5d:c6:59:
0c:e1:3f:8a:09:53:85:06:3c:d7:6e:8f:13:c9:0c:
cd:1b:93:ab:70:65:6d:70:35:73:65:a0:05:fd:dd:
c4:7f:cc:dd:a9:91:94:f9:ae:fe:05:1a:9e:c5:28:
83:67:44:71:50:56:ee:f4:c9:10:e2:fa:d1:6f:7c:
f5:25:c7:6c:16:89:3e:1d:c9:bb:09:65:f2:94:da:
d7:6a:d0:95:e3:13:9e:b6:aa:a4:ef:81:7a:1c:ff:
ef:47:30:c6:ad:7c:df:9e:ec:b2:7b:c1:54:df:68:
01:9e:fc:e3:36:2e:84:b5:52:30:0a:cd:e3:5d:92:
86:a6:c0:8b:a6:3f:e2:c8:f5:89:a6:0b:ad:99:23:
2c:da:b2:37:35:87:fe:10:a1:28:af:84:a7:cc:d9:
8f:9f:3b:33:16:23:ae:22:1e:44:c4:ac:f9:dd:e1:
2f:c6:77:c4:3c:b8:14:d1:e8:a0:38:d9:df:3d:3b:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B8:BC:56:30:05:52:E8:6C:1D:39:C2:02:0A:BC:BE:B8:68:65:63
X509v3 Authority Key Identifier:
keyid:E6:45:30:8F:72:89:FC:08:04:C0:A6:A2:46:1E:5E:4D:EF:23:16:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5kUwj3KJ_AgEwKaiRh5eTe8jFsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3db02b-95f3-49c8-b4ed-d5bf63ec0985/1/NLi8VjAFUuhsHTnCAgq8vrhoZWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3db02b-95f3-49c8-b4ed-d5bf63ec0985/1/5kUwj3KJ_AgEwKaiRh5eTe8jFsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ad:59:e8:05:03:22:aa:78:61:21:d5:74:e0:b3:7d:05:16:
7c:9a:70:51:a3:fb:89:07:ed:77:b6:24:22:e4:e4:84:13:0c:
3f:3b:ae:10:e1:88:15:14:c9:b5:36:c9:ca:5d:0c:e6:9c:88:
7a:0d:e1:f2:07:f3:3c:a1:c7:0d:13:41:89:41:3c:47:c1:f4:
b9:85:db:4d:1d:99:03:9d:e3:dd:90:2f:86:c8:48:6a:8e:6f:
81:05:1d:70:96:21:b4:85:4b:fc:f1:00:1e:c8:7e:b1:a9:40:
f8:e2:f2:83:c5:34:9a:e9:1d:d4:dd:8c:cd:5b:81:fe:0f:59:
72:1a:85:91:4c:24:8c:53:13:8d:dc:69:2b:2e:84:9c:6c:74:
55:1b:e3:91:9f:6e:44:b9:9e:e2:23:31:e9:f7:45:f9:e2:97:
60:01:b1:bb:d7:8c:75:90:f6:89:6e:71:60:ad:ed:6c:67:af:
60:6d:2f:1f:7c:e3:c4:65:c4:a6:f2:7e:9a:f4:c3:32:10:81:
22:87:99:d1:f2:f3:31:93:16:c9:ff:0d:dc:43:a6:47:96:2b:
a9:92:f6:0a:c3:13:4f:58:79:24:04:6d:1b:f8:cc:98:c1:71:
7b:0d:16:dd:42:ec:88:eb:84:86:d1:0b:c3:c0:bc:6e:e8:e0:
e3:66:65:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ferGkD3hiVd3yG5X1Sz2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NDUzMDhmNzI4OWZjMDgwNGMwYTZhMjQ2MWU1ZTRkZWYy
MzE2YzEwHhcNMjQwMTMxMTIyNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI4YmM1NjMwMDU1MmU4NmMxZDM5YzIwMjBhYmNiZWI4Njg2NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIFIcQJTvaZ6HdKDOsG0c6kj1phw
bF1d3v4CHVlwd0WrivZ0c0l4PCqLthMCRH9Rh3ogKn8Y7hq+PG1tgetOA0SMd/WI
B2FdxlkM4T+KCVOFBjzXbo8TyQzNG5OrcGVtcDVzZaAF/d3Ef8zdqZGU+a7+BRqe
xSiDZ0RxUFbu9MkQ4vrRb3z1JcdsFok+Hcm7CWXylNrXatCV4xOetqqk74F6HP/v
RzDGrXzfnuyye8FU32gBnvzjNi6EtVIwCs3jXZKGpsCLpj/iyPWJpgutmSMs2rI3
NYf+EKEor4SnzNmPnzszFiOuIh5ExKz53eEvxnfEPLgU0eigONnfPTuLKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDS4vFYwBVLobB05wgIKvL64aGVjMB8GA1UdIwQY
MBaAFOZFMI9yifwIBMCmokYeXk3vIxbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWtVd2ozS0pfQWdFd0thaVJoNWVUZThqRnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zZGIwMmItOTVmMy00OWM4LWI0ZWQt
ZDViZjYzZWMwOTg1LzEvTkxpOFZqQUZVdWhzSFRuQ0FncTh2cmhvWldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zZGIwMmItOTVmMy00OWM4LWI0ZWQtZDViZjYzZWMwOTg1
LzEvNWtVd2ozS0pfQWdFd0thaVJoNWVUZThqRnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvWMA0G
CSqGSIb3DQEBCwUAA4IBAQBPrVnoBQMiqnhhIdV04LN9BRZ8mnBRo/uJB+13tiQi
5OSEEww/O64Q4YgVFMm1NsnKXQzmnIh6DeHyB/M8occNE0GJQTxHwfS5hdtNHZkD
nePdkC+GyEhqjm+BBR1wliG0hUv88QAeyH6xqUD44vKDxTSa6R3U3YzNW4H+D1ly
GoWRTCSMUxON3GkrLoScbHRVG+ORn25EuZ7iIzHp90X54pdgAbG714x1kPaJbnFg
re1sZ69gbS8ffOPEZcSm8n6a9MMyEIEih5nR8vMxkxbJ/w3cQ6ZHliupkvYKwxNP
WHkkBG0b+MyYwXF7DRbdQuyI64SG0QvDwLxu6ODjZmVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:38 2024 by rpki-client on console-ams.rpki-client.org