Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/wECWAh6fEOiRHtMTI-ofFtcDwuo.roa
File: wECWAh6fEOiRHtMTI-ofFtcDwuo.roa (raw, json)
Hash identifier: Q4TQARS3oYhbu9O2QoigLrc67Iv4PfMi6t0KbochIs8=
Subject key identifier: C0:40:96:02:1E:9F:10:E8:91:1E:D3:13:23:EA:1F:16:D7:03:C2:EA
Certificate issuer: /CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
Certificate serial: 215CCB
Authority key identifier: E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/wECWAh6fEOiRHtMTI-ofFtcDwuo.roa
Signing time: Tue 03 May 2022 15:59:15 +0000
ROA not before: Tue 03 May 2022 15:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48314
IP address blocks: 91.214.8.0/22 maxlen: 22
91.214.8.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2186443 (0x215ccb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
Validity
Not Before: May 3 15:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c04096021e9f10e8911ed31323ea1f16d703c2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5e:8c:8d:82:7e:44:20:cb:6e:81:82:99:4f:
7f:75:7f:18:cc:fe:64:73:55:dc:89:29:0b:7a:1e:
b4:b0:1e:bc:c9:5b:24:41:ed:96:fb:62:b1:b0:1c:
82:3d:3f:0c:e8:25:ac:d7:fb:35:5b:49:33:b5:66:
52:d5:c5:06:77:79:af:16:41:95:8a:b1:d9:b7:e6:
e4:11:e2:68:da:ca:b3:4a:2a:f5:37:53:d7:85:b6:
69:f0:1c:40:65:6c:23:c5:b2:3b:98:d3:e7:55:0c:
8f:43:52:85:df:96:4a:48:a5:8d:f3:54:04:7a:1b:
a6:5d:68:fc:74:54:88:ad:3d:ea:af:43:32:5a:68:
0d:13:4e:47:8d:ff:0e:6a:4e:77:9d:51:ee:0f:5c:
6e:60:cf:8a:29:88:fc:23:79:ad:d2:4b:3c:24:92:
8a:16:fe:ac:03:b4:a5:0c:e7:a9:68:d2:bd:1e:ca:
15:e7:e4:93:89:ed:b6:67:f9:bd:8e:43:85:14:5e:
80:31:d8:02:32:19:a3:ec:99:f5:3f:85:cc:4d:6b:
cc:03:39:67:07:0a:d3:23:d8:63:f3:df:8f:98:ad:
55:14:a2:09:e4:c9:05:ca:1f:c6:fa:85:0e:d0:b3:
dd:e6:ec:60:de:2c:46:55:6e:ca:e1:1d:53:32:60:
6c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:40:96:02:1E:9F:10:E8:91:1E:D3:13:23:EA:1F:16:D7:03:C2:EA
X509v3 Authority Key Identifier:
keyid:E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/wECWAh6fEOiRHtMTI-ofFtcDwuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.8.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:ec:e2:76:59:0f:8a:44:5c:63:3f:c2:49:7c:fd:e9:60:6b:
2b:3e:28:09:27:97:8d:24:3b:6b:12:c7:8f:16:91:92:3c:1e:
25:a2:ea:cd:b9:c7:ea:be:61:77:47:a2:77:e7:46:29:9d:5c:
0e:6f:59:72:89:96:20:b8:e5:de:2d:93:3c:44:89:16:c6:82:
54:1b:83:39:b5:db:a9:4b:c3:34:89:38:ac:81:39:54:0c:9c:
8f:98:cb:1d:c9:97:93:3f:46:17:a5:eb:6d:64:a3:e1:39:8d:
5d:b6:68:bf:4c:d3:21:d2:93:b8:6f:df:47:e4:07:06:95:1f:
0e:f9:8b:cc:05:25:29:0d:49:5b:1b:71:84:d5:d4:e5:d6:20:
39:6a:8e:af:ae:58:72:0f:9b:aa:1d:1e:74:2c:e3:a5:0a:30:
51:48:1c:96:b7:db:cb:4d:b6:42:f5:e6:f6:a7:95:5a:2c:54:
95:50:dc:71:74:d4:9d:b7:8c:32:0b:a7:2e:db:7d:27:f3:6b:
b1:80:2b:93:cf:35:35:89:62:9c:0e:a2:d1:87:0b:6a:68:90:
6b:39:4c:64:10:75:23:08:8d:e9:40:be:15:93:01:c3:1b:6c:
9b:eb:e5:9d:1f:09:d0:47:8a:62:58:13:5b:21:3f:5a:09:bd:
03:05:54:aa
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDIVzLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
MTc5OGEzZWU0OWQ1MjNlODhlMWFkMTAzZTYzZTEyMWQ4NGQxYjUwHhcNMjIwNTAz
MTU1OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMDQwOTYwMjFlOWYx
MGU4OTExZWQzMTMyM2VhMWYxNmQ3MDNjMmVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmF6MjYJ+RCDLboGCmU9/dX8YzP5kc1XciSkLeh60sB68yVsk
Qe2W+2KxsByCPT8M6CWs1/s1W0kztWZS1cUGd3mvFkGVirHZt+bkEeJo2sqzSir1
N1PXhbZp8BxAZWwjxbI7mNPnVQyPQ1KF35ZKSKWN81QEehumXWj8dFSIrT3qr0My
WmgNE05Hjf8Oak53nVHuD1xuYM+KKYj8I3mt0ks8JJKKFv6sA7SlDOepaNK9HsoV
5+STie22Z/m9jkOFFF6AMdgCMhmj7Jn1P4XMTWvMAzlnBwrTI9hj89+PmK1VFKIJ
5MkFyh/G+oUO0LPd5uxg3ixGVW7K4R1TMmBsoQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMBAlgIenxDokR7TEyPqHxbXA8LqMB8GA1UdIwQYMBaAFOQXmKPuSdUj6I4a
0QPmPhIdhNG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NUJlWW8tNUoxU1BvamhyUkEtWS1FaDJFMGJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMC8xY2E0NjktMjA4Ni00YzRjLWEwYjgtOGQwODU3YTFhNGQ3LzEv
d0VDV0FoNmZFT2lSSHRNVEktb2ZGdGNEd3VvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8x
Y2E0NjktMjA4Ni00YzRjLWEwYjgtOGQwODU3YTFhNGQ3LzEvNUJlWW8tNUoxU1Bv
amhyUkEtWS1FaDJFMGJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9YIMA0GCSqGSIb3DQEBCwUAA4IB
AQCi7OJ2WQ+KRFxjP8JJfP3pYGsrPigJJ5eNJDtrEsePFpGSPB4lourNucfqvmF3
R6J350YpnVwOb1lyiZYguOXeLZM8RIkWxoJUG4M5tdupS8M0iTisgTlUDJyPmMsd
yZeTP0YXpettZKPhOY1dtmi/TNMh0pO4b99H5AcGlR8O+YvMBSUpDUlbG3GE1dTl
1iA5ao6vrlhyD5uqHR50LOOlCjBRSByWt9vLTbZC9eb2p5VaLFSVUNxxdNSdt4wy
C6cu230n82uxgCuTzzU1iWKcDqLRhwtqaJBrOUxkEHUjCI3pQL4VkwHDG2yb6+Wd
HwnQR4piWBNbIT9aCb0DBVSq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-ams.rpki-client.org