Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/oFoBJph4hoFceJWtoGMaDXpBMWE.roa
File: oFoBJph4hoFceJWtoGMaDXpBMWE.roa (raw, json)
Hash identifier: O6zQM/LxMP7TBNy6JVz3jE6/n3P9dZBrWrgzW2700CU=
Subject key identifier: A0:5A:01:26:98:78:86:81:5C:78:95:AD:A0:63:1A:0D:7A:41:31:61
Certificate issuer: /CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
Certificate serial: 013658
Authority key identifier: E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/oFoBJph4hoFceJWtoGMaDXpBMWE.roa
Signing time: Thu 21 Apr 2022 14:10:26 +0000
ROA not before: Thu 21 Apr 2022 14:10:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48314
IP address blocks: 91.214.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79448 (0x13658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
Validity
Not Before: Apr 21 14:10:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a05a0126987886815c7895ada0631a0d7a413161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:88:c4:05:6e:03:2d:dc:7f:50:92:69:6a:1e:
61:00:fc:74:89:ba:92:d7:3c:68:26:89:2d:45:58:
47:f7:92:1e:f9:72:0c:da:46:96:81:a3:ac:10:ed:
ff:50:3b:db:fc:83:26:ba:c9:86:3d:17:ff:80:13:
d8:c2:a7:f7:54:d8:f4:bb:25:21:e0:b8:3a:37:20:
29:18:54:75:61:17:c6:9a:be:ed:6d:ef:05:a2:6d:
e8:d0:bc:88:ae:34:3b:0c:74:a2:7d:56:b7:2a:f9:
98:a3:f1:79:56:b0:01:76:a5:a4:83:49:59:d0:fd:
39:88:21:a9:80:cb:ad:47:32:50:b6:88:9b:9b:ac:
53:5f:23:cb:69:f4:69:f5:b7:28:01:74:70:0b:c0:
fc:ed:2a:23:93:36:0f:15:be:14:2e:31:97:88:10:
77:40:d1:fc:79:79:a8:b4:96:3d:17:b4:25:ee:87:
8d:38:dc:7a:61:89:0a:bd:4f:17:b6:d6:2a:51:8b:
90:38:59:bc:4c:51:ab:ff:bd:0b:99:b1:d5:be:f8:
18:13:7f:f1:93:73:f2:1b:b6:7f:81:43:8e:38:4c:
4c:db:b8:fb:77:41:8d:c0:92:c5:60:fd:32:42:b2:
c7:2a:8b:fd:7f:a6:6d:12:d5:ed:08:09:85:a6:4c:
f8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5A:01:26:98:78:86:81:5C:78:95:AD:A0:63:1A:0D:7A:41:31:61
X509v3 Authority Key Identifier:
keyid:E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/oFoBJph4hoFceJWtoGMaDXpBMWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.8.0/22
Signature Algorithm: sha256WithRSAEncryption
04:47:6e:27:94:d5:c8:44:34:47:64:47:f4:04:8f:12:43:ef:
9c:a1:ae:fe:91:3a:16:ea:d7:a9:a6:62:69:8f:8c:17:dd:85:
29:5d:3e:e3:9f:15:8f:2f:94:95:94:d0:67:f0:38:44:50:89:
cb:40:a5:85:5c:29:e1:8c:78:73:4f:d5:6a:74:d4:f0:d9:78:
be:13:7b:21:4c:ce:9c:c9:df:00:4e:7b:f6:4f:21:43:89:b7:
31:e3:ca:df:4f:3b:b5:1e:50:8a:18:42:24:bd:88:46:8e:66:
36:ae:89:fc:ee:d3:38:49:ad:bb:6f:c9:7d:98:d9:7d:8b:8b:
97:a3:10:a9:8e:d6:1b:6c:71:78:4b:14:02:96:14:b2:60:d7:
12:3b:67:77:c3:c9:4b:5c:3f:da:d0:73:f2:ca:7b:0a:d8:82:
8c:42:f5:83:d9:a3:5b:ba:fb:4d:c9:9e:c8:1a:c1:8c:09:16:
b0:90:21:67:ee:2b:4a:44:f7:6e:9e:2d:4b:c7:aa:8a:b7:6e:
93:10:93:14:33:d7:1e:68:58:96:7d:73:f2:1f:b8:66:46:20:
a6:42:e3:1a:51:21:de:5b:fe:f1:c6:ef:23:a2:03:19:1e:8a:
26:37:c4:0e:ae:19:cd:c9:d2:d6:86:ec:b3:ab:d6:c0:f7:37:
22:73:67:de
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDATZYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
MTc5OGEzZWU0OWQ1MjNlODhlMWFkMTAzZTYzZTEyMWQ4NGQxYjUwHhcNMjIwNDIx
MTQxMDI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMDVhMDEyNjk4Nzg4
NjgxNWM3ODk1YWRhMDYzMWEwZDdhNDEzMTYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4IjEBW4DLdx/UJJpah5hAPx0ibqS1zxoJoktRVhH95Ie+XIM
2kaWgaOsEO3/UDvb/IMmusmGPRf/gBPYwqf3VNj0uyUh4Lg6NyApGFR1YRfGmr7t
be8Fom3o0LyIrjQ7DHSifVa3KvmYo/F5VrABdqWkg0lZ0P05iCGpgMutRzJQtoib
m6xTXyPLafRp9bcoAXRwC8D87SojkzYPFb4ULjGXiBB3QNH8eXmotJY9F7Ql7oeN
ONx6YYkKvU8XttYqUYuQOFm8TFGr/70LmbHVvvgYE3/xk3PyG7Z/gUOOOExM27j7
d0GNwJLFYP0yQrLHKov9f6ZtEtXtCAmFpkz4kQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKBaASaYeIaBXHiVraBjGg16QTFhMB8GA1UdIwQYMBaAFOQXmKPuSdUj6I4a
0QPmPhIdhNG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NUJlWW8tNUoxU1BvamhyUkEtWS1FaDJFMGJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMC8xY2E0NjktMjA4Ni00YzRjLWEwYjgtOGQwODU3YTFhNGQ3LzEv
b0ZvQkpwaDRob0ZjZUpXdG9HTWFEWHBCTVdFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8x
Y2E0NjktMjA4Ni00YzRjLWEwYjgtOGQwODU3YTFhNGQ3LzEvNUJlWW8tNUoxU1Bv
amhyUkEtWS1FaDJFMGJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9YIMA0GCSqGSIb3DQEBCwUAA4IB
AQAER24nlNXIRDRHZEf0BI8SQ++coa7+kToW6teppmJpj4wX3YUpXT7jnxWPL5SV
lNBn8DhEUInLQKWFXCnhjHhzT9VqdNTw2Xi+E3shTM6cyd8ATnv2TyFDibcx48rf
Tzu1HlCKGEIkvYhGjmY2ron87tM4Sa27b8l9mNl9i4uXoxCpjtYbbHF4SxQClhSy
YNcSO2d3w8lLXD/a0HPyynsK2IKMQvWD2aNbuvtNyZ7IGsGMCRawkCFn7itKRPdu
ni1Lx6qKt26TEJMUM9ceaFiWfXPyH7hmRiCmQuMaUSHeW/7xxu8jogMZHoomN8QO
rhnNydLWhuyzq9bA9zcic2fe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-ams.rpki-client.org