Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/4syG91V-IqDoBItVgyhMFrfMDpA.roa
File: 4syG91V-IqDoBItVgyhMFrfMDpA.roa (raw, json)
Hash identifier: QAoZmCRVYtpIPGv/FMV567ZzLo3F29GB0WPrZ6bCZ+M=
Subject key identifier: E2:CC:86:F7:55:7E:22:A0:E8:04:8B:55:83:28:4C:16:B7:CC:0E:90
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 151F694C
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/4syG91V-IqDoBItVgyhMFrfMDpA.roa
Signing time: Sat 01 Jan 2022 09:58:12 +0000
ROA not before: Sat 01 Jan 2022 09:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34494
IP address blocks: 195.225.120.0/22 maxlen: 22
91.211.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354380108 (0x151f694c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 09:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2cc86f7557e22a0e8048b5583284c16b7cc0e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:98:33:e5:9d:01:c4:7d:bd:d6:93:ef:fd:
13:65:d6:c5:84:92:f6:76:ad:dc:11:2c:c9:06:88:
7c:3a:ca:b8:52:c1:13:01:88:a0:f9:f7:64:46:ee:
f3:ce:9b:4b:8f:b2:80:92:24:25:02:38:b7:0d:77:
62:79:5c:5a:d3:37:cd:e2:e1:64:17:72:69:a3:89:
6a:8f:d1:10:1d:f4:53:7f:a7:65:42:88:c6:a5:0c:
40:30:40:07:d7:d5:40:83:85:c1:fb:34:68:77:19:
3d:9d:6f:19:63:7f:1f:ea:df:7a:0b:c2:68:f0:f2:
e5:30:b7:2d:fa:ad:91:ea:23:5b:b9:5a:68:59:be:
e0:32:81:c4:3c:87:e4:09:a9:bc:0b:90:f9:08:3a:
b8:59:a1:5f:bf:87:fb:b4:dd:c9:3d:3b:c3:cb:6a:
20:85:c7:90:e0:2e:e1:90:0d:de:7d:86:96:23:20:
33:37:c1:2b:82:eb:6c:cf:9f:27:9f:eb:2a:0c:3b:
3f:a7:90:68:e4:49:06:a9:01:fc:c0:c9:d2:ec:15:
6e:3f:36:1d:a3:a6:15:1e:c1:eb:b6:70:4f:7e:74:
1d:63:85:65:d4:f2:4b:a2:ce:bd:bb:fe:e6:cf:ef:
95:36:b4:a6:64:16:07:7b:4f:f7:9f:86:fc:c4:33:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CC:86:F7:55:7E:22:A0:E8:04:8B:55:83:28:4C:16:B7:CC:0E:90
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/4syG91V-IqDoBItVgyhMFrfMDpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.100.0/22
195.225.120.0/22
Signature Algorithm: sha256WithRSAEncryption
25:83:a7:21:26:9d:6c:56:c5:68:43:23:b0:92:03:d0:cb:51:
d8:7e:e3:85:5d:eb:d8:d3:d9:9c:c3:62:b2:ea:72:a1:39:21:
5d:a6:d1:47:34:f2:6e:c2:fe:2e:a8:59:24:b2:10:35:30:99:
6f:7e:35:69:b6:f5:11:d6:cd:57:42:6d:d0:3e:dc:ed:65:a8:
ac:9c:57:33:8e:76:50:0a:1d:dc:c0:ff:99:52:9a:cd:0b:de:
bb:c5:68:90:07:b2:ca:df:74:53:fe:85:15:81:74:1f:3c:90:
31:b6:53:c6:50:6d:49:14:fa:04:e0:b1:db:44:b9:8e:4b:84:
36:be:98:7c:a6:45:6a:cf:39:91:0c:9c:7e:7a:91:0d:58:ec:
82:f3:7d:46:fe:c4:3f:3e:f1:13:b4:23:f1:43:01:19:eb:d9:
63:7f:43:86:a9:38:38:6a:79:11:94:c1:5f:b5:0f:49:1b:5a:
1b:3c:b8:94:25:27:77:76:47:19:85:b9:0e:b7:60:74:34:df:
d4:3c:ef:37:0c:1c:c3:1b:97:a2:87:5c:0f:a9:ca:08:3b:90:
51:32:f2:a1:ae:67:c1:38:a2:ba:e4:8d:4f:b6:bb:87:65:0b:
af:bd:12:d2:93:6e:8c:7e:bf:f6:59:2d:a4:18:77:95:54:61:
18:17:49:3c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFR9pTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDEw
MTA5NTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjYzg2Zjc1NTdl
MjJhMGU4MDQ4YjU1ODMyODRjMTZiN2NjMGU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqXmDPlnQHEfb3Wk+/9E2XWxYSS9nat3BEsyQaIfDrKuFLB
EwGIoPn3ZEbu886bS4+ygJIkJQI4tw13YnlcWtM3zeLhZBdyaaOJao/REB30U3+n
ZUKIxqUMQDBAB9fVQIOFwfs0aHcZPZ1vGWN/H+rfegvCaPDy5TC3LfqtkeojW7la
aFm+4DKBxDyH5AmpvAuQ+Qg6uFmhX7+H+7TdyT07w8tqIIXHkOAu4ZAN3n2GliMg
MzfBK4LrbM+fJ5/rKgw7P6eQaORJBqkB/MDJ0uwVbj82HaOmFR7B67ZwT350HWOF
ZdTyS6LOvbv+5s/vlTa0pmQWB3tP95+G/MQzuJECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTizIb3VX4ioOgEi1WDKEwWt8wOkDAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
LzRzeUc5MVYtSXFEb0JJdFZneWhNRnJmTURwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
Y2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8xL05Sb3YxdlhscjRm
VnpxQ1ZCbS04dzlQbFJxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvTZAMEAsPheDANBgkqhkiG9w0B
AQsFAAOCAQEAJYOnISadbFbFaEMjsJID0MtR2H7jhV3r2NPZnMNisupyoTkhXabR
RzTybsL+LqhZJLIQNTCZb341abb1EdbNV0Jt0D7c7WWorJxXM452UAod3MD/mVKa
zQveu8VokAeyyt90U/6FFYF0HzyQMbZTxlBtSRT6BOCx20S5jkuENr6YfKZFas85
kQycfnqRDVjsgvN9Rv7EPz7xE7Qj8UMBGevZY39Dhqk4OGp5EZTBX7UPSRtaGzy4
lCUnd3ZHGYW5DrdgdDTf1DzvNwwcwxuXoodcD6nKCDuQUTLyoa5nwTiiuuSNT7a7
h2ULr70S0pNujH6/9lktpBh3lVRhGBdJPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org