Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/27tnkZGa8j579G2rarmbHNZS7Ro.roa
File: 27tnkZGa8j579G2rarmbHNZS7Ro.roa (raw, json)
Hash identifier: dC6zACaIwJ/ZAkU4i+vD/oqq8Tp8C9CRvD4vESRAUi4=
Subject key identifier: DB:BB:67:91:91:9A:F2:3E:7B:F4:6D:AB:6A:B9:9B:1C:D6:52:ED:1A
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 1648D901
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/27tnkZGa8j579G2rarmbHNZS7Ro.roa
Signing time: Wed 04 May 2022 12:56:00 +0000
ROA not before: Wed 04 May 2022 12:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.216.0/21 maxlen: 21
91.106.29.0/24 maxlen: 24
2a01:6e80:fffe::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 373872897 (0x1648d901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: May 4 12:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbbb6791919af23e7bf46dab6ab99b1cd652ed1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4f:93:bd:94:5f:60:31:d0:e8:05:f8:21:68:
b8:76:0f:23:d7:1e:41:fb:dc:ec:a3:81:68:21:c2:
3b:04:f5:90:d7:57:0c:68:5a:87:dc:92:fa:1d:0f:
2c:95:f1:f1:c3:4f:f4:8c:41:29:f9:f5:21:84:2d:
25:70:f4:05:15:c9:1e:49:5a:d2:6b:41:1c:40:47:
c5:e2:97:d6:1d:9d:0a:76:37:38:56:ab:90:78:56:
a1:d4:c8:c9:4b:22:73:c4:aa:ce:7c:a7:8f:bd:09:
e5:44:10:9a:ac:c9:d2:07:8e:9d:5d:89:33:a1:f7:
5c:25:0b:67:21:5a:0d:4e:87:32:b3:50:9e:f7:61:
5b:29:4e:e8:ef:00:60:7e:b0:c9:a3:8d:6b:3e:f7:
4a:9f:28:a3:60:d8:ee:84:d8:ed:95:42:57:05:72:
8a:b5:ad:4a:9e:b7:87:da:66:41:7a:21:93:6c:62:
78:33:78:74:9a:b8:33:0e:71:e9:51:5f:0d:c5:6b:
c8:3c:f8:0e:18:2d:8c:75:11:32:5c:ef:81:13:3a:
bb:bd:d5:9b:06:eb:6e:a3:dc:5e:f1:ca:a0:bc:fa:
37:42:67:db:2f:70:9c:d7:10:7f:29:ba:aa:72:1a:
60:14:23:96:93:ed:4f:93:9f:5b:c8:a7:df:d7:84:
b9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BB:67:91:91:9A:F2:3E:7B:F4:6D:AB:6A:B9:9B:1C:D6:52:ED:1A
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/27tnkZGa8j579G2rarmbHNZS7Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.29.0/24
212.7.216.0/21
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
53:12:06:ac:e9:75:63:d6:1a:33:e6:16:21:66:b8:ba:86:1b:
c3:09:b8:67:d2:f2:cc:d3:7f:c0:4d:3d:73:e7:2e:f4:ae:88:
27:77:23:70:dc:28:27:39:87:b3:9b:6f:73:fa:fd:08:68:c2:
a0:95:c1:bd:f8:46:7c:b4:f9:1e:1e:9d:e4:51:48:8d:f8:84:
b9:33:25:fb:40:f9:5e:ee:b7:bb:e8:0c:63:f5:ac:e6:c5:1a:
32:a0:1f:90:66:93:40:be:8c:fe:9d:7f:1e:10:e5:3f:06:25:
d1:99:54:33:8a:4b:65:d4:6e:c2:84:92:e2:4e:f1:b1:e1:e5:
4a:ba:28:57:d0:ca:77:a7:1c:0c:4e:66:84:cb:2f:60:9a:67:
f6:c1:7e:84:59:b7:14:76:98:77:23:eb:62:9f:83:2a:37:d4:
e6:2a:0b:78:22:5f:02:2c:96:49:d5:5c:8f:b7:5d:8c:f7:ac:
3b:6e:41:58:7b:9d:95:fb:cf:e5:ef:be:21:86:63:bc:ec:35:
b1:f6:e6:67:a4:16:64:6f:0a:64:d9:02:45:34:97:88:77:6a:
b0:aa:09:d0:71:b8:ae:ea:bb:bc:be:29:20:c1:4a:af:20:dc:
ad:a9:80:58:6d:fd:20:bd:30:87:cf:0f:a2:e4:40:b6:44:50:
a7:4b:d1:a1
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEFkjZATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDUw
NDEyNTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJiYjY3OTE5MTlh
ZjIzZTdiZjQ2ZGFiNmFiOTliMWNkNjUyZWQxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpPk72UX2Ax0OgF+CFouHYPI9ceQfvc7KOBaCHCOwT1kNdX
DGhah9yS+h0PLJXx8cNP9IxBKfn1IYQtJXD0BRXJHkla0mtBHEBHxeKX1h2dCnY3
OFarkHhWodTIyUsic8Sqznynj70J5UQQmqzJ0geOnV2JM6H3XCULZyFaDU6HMrNQ
nvdhWylO6O8AYH6wyaONaz73Sp8oo2DY7oTY7ZVCVwVyirWtSp63h9pmQXohk2xi
eDN4dJq4Mw5x6VFfDcVryDz4DhgtjHURMlzvgRM6u73VmwbrbqPcXvHKoLz6N0Jn
2y9wnNcQfym6qnIaYBQjlpPtT5OfW8in39eEuVkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTbu2eRkZryPnv0batquZsc1lLtGjAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
LzI3dG5rWkdhOGo1NzlHMnJhcm1iSE5aUzdSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
Y2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8xL05Sb3YxdlhscjRm
VnpxQ1ZCbS04dzlQbFJxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAFtqHQMEA9QH2DAPBAIAAjAJAwcA
KgFugP/+MA0GCSqGSIb3DQEBCwUAA4IBAQBTEgas6XVj1hoz5hYhZri6hhvDCbhn
0vLM03/ATT1z5y70rogndyNw3CgnOYezm29z+v0IaMKglcG9+EZ8tPkeHp3kUUiN
+IS5MyX7QPle7re76Axj9azmxRoyoB+QZpNAvoz+nX8eEOU/BiXRmVQziktl1G7C
hJLiTvGx4eVKuihX0Mp3pxwMTmaEyy9gmmf2wX6EWbcUdph3I+tin4MqN9TmKgt4
Il8CLJZJ1VyPt12M96w7bkFYe52V+8/l774hhmO87DWx9uZnpBZkbwpk2QJFNJeI
d2qwqgnQcbiu6ru8vikgwUqvINytqYBYbf0gvTCHzw+i5EC2RFCnS9Gh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org