Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/4QB5oKXWqDxWvcB_cw9iw6iXMiE.roa
File: 4QB5oKXWqDxWvcB_cw9iw6iXMiE.roa (raw, json)
Hash identifier: QZX1m4n4uMerIDJq5dR5G5xWcPn7wGVg8NohXWgjreI=
Subject key identifier: E1:00:79:A0:A5:D6:A8:3C:56:BD:C0:7F:73:0F:62:C3:A8:97:32:21
Certificate issuer: /CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Certificate serial: 14A0B440
Authority key identifier: 04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/4QB5oKXWqDxWvcB_cw9iw6iXMiE.roa
Signing time: Mon 21 Feb 2022 17:16:45 +0000
ROA not before: Mon 21 Feb 2022 17:16:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59450
IP address blocks: 91.197.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 346076224 (0x14a0b440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Validity
Not Before: Feb 21 17:16:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e10079a0a5d6a83c56bdc07f730f62c3a8973221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:89:ed:f6:b7:48:57:ed:6c:33:12:db:74:aa:
7e:d6:a0:46:75:59:0f:c2:a7:75:ce:53:37:12:77:
bd:ce:e4:e5:c8:7c:b7:dc:b6:72:9a:3f:17:9f:82:
db:de:9d:9b:64:bf:44:eb:e3:a8:3b:8f:95:c6:8b:
8a:47:03:7f:0d:15:8c:77:d9:59:01:9d:7d:87:01:
45:38:74:2a:c8:1f:9a:9a:34:30:65:a4:0a:74:45:
a8:77:fa:34:85:08:0f:7b:2c:e5:1f:64:0e:ed:bb:
04:1e:23:18:7e:a6:5b:4a:d1:5f:51:f0:66:47:5d:
9c:d1:44:94:36:9c:d2:55:54:3a:15:ed:08:0a:51:
1e:cf:8b:52:40:cb:3f:5e:bb:c5:99:b9:b9:cc:63:
f2:12:47:77:c1:45:f5:aa:26:7d:f5:66:9c:85:b1:
ad:4d:56:44:38:d1:89:7d:1e:b8:94:86:79:92:f8:
3f:9a:05:8b:45:d0:82:ed:50:cd:f5:5a:54:44:3c:
43:b5:d9:82:27:8a:bd:ac:f7:80:7c:2b:6b:cd:7d:
77:3c:f1:bc:9e:33:16:59:a3:b4:1d:00:27:26:fa:
27:f8:e7:26:e7:2b:16:7e:cf:30:6e:54:0f:d9:ed:
dc:e7:c0:d1:d3:42:ee:c2:9f:77:76:fa:94:67:4f:
f9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:00:79:A0:A5:D6:A8:3C:56:BD:C0:7F:73:0F:62:C3:A8:97:32:21
X509v3 Authority Key Identifier:
keyid:04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/4QB5oKXWqDxWvcB_cw9iw6iXMiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/BNm8gopWawavTXZd-12lvB12xyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.32.0/24
Signature Algorithm: sha256WithRSAEncryption
92:04:74:cd:6e:57:53:09:a1:fb:c0:b3:89:82:bc:c4:e6:9d:
ef:0c:45:a4:79:a2:8c:63:1e:e9:1e:d6:ac:14:d9:d5:fc:44:
6b:b3:04:c8:8e:d5:5d:23:16:60:3d:fe:30:62:b4:cb:22:71:
c1:df:d2:a8:75:84:26:de:12:52:5d:c2:18:8c:34:e4:ae:b4:
cd:3f:19:c1:24:01:23:74:9b:e8:6f:e0:df:b7:e4:6f:45:16:
13:34:e6:61:eb:b9:d4:b0:5a:9f:c7:68:cb:93:8a:77:c5:8c:
cc:52:a7:3f:e8:3c:93:28:9d:2f:f4:ea:15:e6:d3:03:02:02:
6a:13:5e:fa:31:d6:1e:57:bb:4b:64:e6:f8:93:64:dc:17:95:
4f:61:85:c0:57:a7:4e:c1:6e:c5:0e:8d:b2:4a:da:98:4a:46:
a7:75:57:42:58:fc:b6:99:66:72:30:8a:8f:09:ea:2d:8f:a5:
82:27:ca:43:7a:40:40:c9:9c:4c:b2:df:9f:b6:56:ab:1b:99:
7d:8a:cc:68:b4:06:e5:34:07:60:f3:9c:4d:1b:5e:a5:68:be:
f0:d0:6b:e2:1a:bf:c1:5a:1e:54:f6:51:dc:01:ca:87:1b:c8:
a6:3b:e1:28:28:56:ab:5c:18:90:c2:e5:cb:b3:28:99:92:f2:
4d:5f:83:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFKC0QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGQ5YmM4MjhhNTY2YjA2YWY0ZDc2NWRmYjVkYTViYzFkNzZjNzI1MB4XDTIyMDIy
MTE3MTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTEwMDc5YTBhNWQ2
YTgzYzU2YmRjMDdmNzMwZjYyYzNhODk3MzIyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyJ7fa3SFftbDMS23SqftagRnVZD8Kndc5TNxJ3vc7k5ch8
t9y2cpo/F5+C296dm2S/ROvjqDuPlcaLikcDfw0VjHfZWQGdfYcBRTh0Ksgfmpo0
MGWkCnRFqHf6NIUID3ss5R9kDu27BB4jGH6mW0rRX1HwZkddnNFElDac0lVUOhXt
CApRHs+LUkDLP167xZm5ucxj8hJHd8FF9aomffVmnIWxrU1WRDjRiX0euJSGeZL4
P5oFi0XQgu1QzfVaVEQ8Q7XZgieKvaz3gHwra819dzzxvJ4zFlmjtB0AJyb6J/jn
JucrFn7PMG5UD9nt3OfA0dNC7sKfd3b6lGdP+QMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThAHmgpdaoPFa9wH9zD2LDqJcyITAfBgNVHSMEGDAWgBQE2byCilZrBq9N
dl37XaW8HXbHJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JObThnb3BXYXdhdlRYWmQtMTJsdkIxMnh5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvNzI0MzViLTdlN2UtNDQ3Yi1hYzI0LTk4MmM0MjlkNDE1Ni8x
LzRRQjVvS1hXcUR4V3ZjQl9jdzlpdzZpWE1pRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
NzI0MzViLTdlN2UtNDQ3Yi1hYzI0LTk4MmM0MjlkNDE1Ni8xL0JObThnb3BXYXdh
dlRYWmQtMTJsdkIxMnh5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvFIDANBgkqhkiG9w0BAQsFAAOC
AQEAkgR0zW5XUwmh+8CziYK8xOad7wxFpHmijGMe6R7WrBTZ1fxEa7MEyI7VXSMW
YD3+MGK0yyJxwd/SqHWEJt4SUl3CGIw05K60zT8ZwSQBI3Sb6G/g37fkb0UWEzTm
Yeu51LBan8doy5OKd8WMzFKnP+g8kyidL/TqFebTAwICahNe+jHWHle7S2Tm+JNk
3BeVT2GFwFenTsFuxQ6NskramEpGp3VXQlj8tplmcjCKjwnqLY+lgifKQ3pAQMmc
TLLfn7ZWqxuZfYrMaLQG5TQHYPOcTRtepWi+8NBr4hq/wVoeVPZR3AHKhxvIpjvh
KChWq1wYkMLly7MomZLyTV+D9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:20 2024 by rpki-client on console-ams.rpki-client.org