Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/l3q9Vtx5o9sZFtBkZ1XGXjLCOHo.roa
File: l3q9Vtx5o9sZFtBkZ1XGXjLCOHo.roa (raw, json)
Hash identifier: qswn8ogywedO9ZYPv0DqnDveyCz/xcl0p15MHJz1tLg=
Subject key identifier: 97:7A:BD:56:DC:79:A3:DB:19:16:D0:64:67:55:C6:5E:32:C2:38:7A
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 01856E5D620E028AE226F688AD4AE322912A
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/l3q9Vtx5o9sZFtBkZ1XGXjLCOHo.roa
Signing time: Sun 01 Jan 2023 17:24:51 +0000
ROA not before: Sun 01 Jan 2023 17:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 176.116.118.0/24 maxlen: 24
91.239.57.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:62:0e:02:8a:e2:26:f6:88:ad:4a:e3:22:91:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Jan 1 17:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=977abd56dc79a3db1916d0646755c65e32c2387a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:d5:41:d0:8d:59:ff:e3:6e:8b:e7:9f:9a:
19:c8:7c:8a:16:6e:e6:a9:d7:50:8b:88:f9:d9:43:
f5:77:a4:fa:c0:e2:1d:e4:82:da:64:36:16:f1:91:
cb:2d:9e:4e:83:56:f3:46:07:98:87:36:e6:00:bd:
dc:6a:09:2e:00:e5:34:4d:c9:c1:ea:df:f6:a7:56:
1a:f8:6b:d3:c2:f9:0b:1e:8e:ad:f8:29:3f:83:94:
d7:84:8a:cd:14:02:6b:4a:84:4b:66:e9:9d:e4:a1:
ac:a3:10:71:8a:1f:88:23:b2:82:f2:a0:72:e1:44:
e4:60:b4:47:ac:f7:1e:92:78:af:6c:52:e0:97:9b:
fd:bd:ad:ba:74:5d:05:12:b6:fd:72:7b:e5:c7:2c:
06:9d:de:fd:cc:fc:61:48:59:91:18:5f:44:2f:fd:
63:9e:e2:32:76:69:d8:54:3c:d4:c5:58:a3:94:65:
f0:ed:eb:ba:75:61:d1:0c:b2:89:0d:3b:10:ff:05:
de:37:4a:7f:88:40:57:b3:91:f4:1e:73:ff:7d:38:
68:c3:e8:01:e1:12:05:f6:bb:b1:27:62:30:80:a1:
67:ce:35:99:b4:54:fd:3e:ed:ea:09:af:cd:5e:0f:
53:8f:18:a9:e7:4b:a2:40:34:41:70:c6:1a:0a:7a:
56:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7A:BD:56:DC:79:A3:DB:19:16:D0:64:67:55:C6:5E:32:C2:38:7A
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/l3q9Vtx5o9sZFtBkZ1XGXjLCOHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.57.0/24
176.116.118.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a9:02:7a:74:6f:48:a1:d7:c8:2c:d5:cf:51:03:47:5c:16:
ba:14:b6:79:a4:d1:00:de:c7:49:f9:90:06:06:43:8a:08:3b:
f3:97:98:ad:4c:47:7c:f3:5b:d0:aa:2a:21:6b:2c:8d:dd:c0:
bb:b6:20:2e:53:f9:1d:54:71:69:ae:42:86:b0:11:f4:da:f0:
15:79:9a:58:bd:f1:e3:9b:cc:dd:72:fa:9d:ee:ff:bd:d3:81:
df:d5:42:42:c8:d6:7c:85:af:59:b5:12:74:4e:19:4c:11:45:
92:f2:d6:45:e5:39:b5:19:90:d5:d6:94:5b:f5:9e:9f:a6:2d:
e9:3d:dc:4d:9a:23:ce:b7:ca:9b:0c:50:8e:09:df:e9:0d:3f:
19:cd:fe:2d:d5:a3:23:cc:f5:d4:53:ee:5a:72:50:94:f1:24:
39:86:1b:bd:ab:cf:6b:88:34:52:6f:9a:ce:a0:14:3b:3d:6f:
b8:fa:cb:c0:57:90:83:9c:ee:c4:43:ac:b4:b3:2e:0f:7b:31:
95:fd:c4:01:82:ec:67:ae:50:80:3b:2e:a5:98:4b:3e:c6:9d:
0f:77:00:60:b9:e3:a8:32:ea:11:9f:87:9a:d0:29:a2:c0:43:
b7:91:1a:07:00:df:df:68:ba:62:19:49:57:77:22:83:bd:90:
b2:47:06:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXWIOAoriJvaIrUrjIpEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmNmYzEwNzdjZjg3Njg4OGZiNmM3NWIyZTM5NDkyMzIw
NWYzYjUwHhcNMjMwMTAxMTcyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzdhYmQ1NmRjNzlhM2RiMTkxNmQwNjQ2NzU1YzY1ZTMyYzIzODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+7VQdCNWf/jbovnn5oZyHyKFm7m
qddQi4j52UP1d6T6wOId5ILaZDYW8ZHLLZ5Og1bzRgeYhzbmAL3cagkuAOU0TcnB
6t/2p1Ya+GvTwvkLHo6t+Ck/g5TXhIrNFAJrSoRLZumd5KGsoxBxih+II7KC8qBy
4UTkYLRHrPceknivbFLgl5v9va26dF0FErb9cnvlxywGnd79zPxhSFmRGF9EL/1j
nuIydmnYVDzUxVijlGXw7eu6dWHRDLKJDTsQ/wXeN0p/iEBXs5H0HnP/fThow+gB
4RIF9ruxJ2IwgKFnzjWZtFT9Pu3qCa/NXg9Tjxip50uiQDRBcMYaCnpWEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJd6vVbceaPbGRbQZGdVxl4ywjh6MB8GA1UdIwQY
MBaAFOW8/BB3z4doiPtsdbLjlJIyBfO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEt
Y2FkZDExMjljOThkLzEvbDNxOVZ0eDVvOXNaRnRCa1oxWEdYakxDT0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lMDVlNzctMTJhZS00ZjU5LTk0OTEtY2FkZDExMjljOThk
LzEvNWJ6OEVIZlBoMmlJLTJ4MXN1T1VraklGODdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+85AwQA
sHR2MA0GCSqGSIb3DQEBCwUAA4IBAQBpqQJ6dG9IodfILNXPUQNHXBa6FLZ5pNEA
3sdJ+ZAGBkOKCDvzl5itTEd881vQqiohayyN3cC7tiAuU/kdVHFprkKGsBH02vAV
eZpYvfHjm8zdcvqd7v+904Hf1UJCyNZ8ha9ZtRJ0ThlMEUWS8tZF5Tm1GZDV1pRb
9Z6fpi3pPdxNmiPOt8qbDFCOCd/pDT8Zzf4t1aMjzPXUU+5aclCU8SQ5hhu9q89r
iDRSb5rOoBQ7PW+4+svAV5CDnO7EQ6y0sy4PezGV/cQBguxnrlCAOy6lmEs+xp0P
dwBgueOoMuoRn4ea0CmiwEO3kRoHAN/faLpiGUlXdyKDvZCyRwaV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:22 2024 by rpki-client on console-ams.rpki-client.org