Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/wch0tQTC5Z5Vp6Ab_-lMUKg2J-M.roa
File: wch0tQTC5Z5Vp6Ab_-lMUKg2J-M.roa (raw, json)
Hash identifier: w+dzc/lLDqHZn+AXEvOMD/JWK3rEA6MTEu73MYO7zBs=
Subject key identifier: C1:C8:74:B5:04:C2:E5:9E:55:A7:A0:1B:FF:E9:4C:50:A8:36:27:E3
Certificate issuer: /CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Certificate serial: 019131B38061D08B7B7C599F9E40A49F4880
Authority key identifier: 7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/wch0tQTC5Z5Vp6Ab_-lMUKg2J-M.roa
Signing time: Thu 08 Aug 2024 11:15:33 +0000
ROA not before: Thu 08 Aug 2024 11:15:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.209.228.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:b3:80:61:d0:8b:7b:7c:59:9f:9e:40:a4:9f:48:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Validity
Not Before: Aug 8 11:15:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1c874b504c2e59e55a7a01bffe94c50a83627e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4a:e1:2f:d0:ed:50:8d:ef:cd:b2:6c:c5:14:
f2:8f:77:5e:0d:15:3d:6e:64:42:55:eb:ef:fa:da:
ad:24:45:b4:85:fa:1f:7d:c6:ba:67:79:66:11:34:
5c:3f:1e:ec:eb:5a:76:a1:78:b9:f1:29:62:ff:34:
04:71:ee:3c:d9:66:e0:46:a5:ec:09:e5:92:c9:ee:
67:f1:13:65:3f:db:f0:4a:61:69:f0:58:a9:7a:6b:
0c:ab:67:a3:2b:75:12:fe:b4:b9:cd:64:2d:7d:12:
af:08:6c:80:6a:5f:d2:92:bf:ab:28:df:04:fc:94:
98:ac:b2:40:91:39:5e:57:fa:d3:bd:a6:50:17:b6:
51:b7:18:dd:88:38:fc:1d:9e:af:c7:31:c1:7a:ab:
79:7c:f9:f9:59:01:bd:b0:b8:d5:64:67:02:97:70:
da:56:8d:a3:fb:a0:37:79:fd:95:83:54:32:33:96:
85:9d:a6:f5:bf:2c:e5:43:4a:dc:d9:16:79:99:b7:
c6:4a:96:55:66:03:e3:18:d0:84:7d:72:a5:e7:dc:
7a:49:c8:ca:e8:53:af:92:95:8b:b5:7a:8a:51:04:
fb:6f:9d:da:00:53:4f:6c:98:62:2d:5b:ad:a9:03:
c1:5a:30:bf:a5:54:19:2e:65:04:f4:d5:b7:fe:2d:
85:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C8:74:B5:04:C2:E5:9E:55:A7:A0:1B:FF:E9:4C:50:A8:36:27:E3
X509v3 Authority Key Identifier:
keyid:7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/wch0tQTC5Z5Vp6Ab_-lMUKg2J-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
10:03:10:97:e2:d8:13:db:06:74:a9:1d:ae:d6:d1:fc:a2:0c:
1a:3a:00:38:39:cd:4d:33:7e:a9:5f:fc:f5:3f:1f:5c:64:27:
dc:f4:07:02:2c:49:fe:d9:fa:89:44:de:88:c1:66:4e:86:0a:
01:a7:4b:4a:a8:65:66:e0:04:62:98:a6:cb:b1:c0:1e:20:1d:
66:01:ad:ae:b4:c3:dd:a2:a6:17:28:3a:c2:64:4e:ad:a2:39:
6d:71:98:b4:09:c4:26:a5:a1:95:46:13:ed:32:9e:14:d2:7c:
9e:6a:58:80:dc:ba:bc:d5:cb:bf:b5:72:ad:4d:01:76:15:60:
13:e9:ba:ca:1f:62:be:72:7f:47:b4:8d:51:7e:30:bb:2a:83:
1d:00:1f:60:d7:cf:50:21:73:da:e0:92:3c:d9:54:94:93:2b:
ec:91:e3:91:38:fc:d9:69:2a:b9:ad:80:87:4f:21:b0:6d:97:
1b:03:b4:f8:8f:1d:a2:d0:9e:cf:22:bb:49:4d:af:b0:b0:dc:
0e:b5:4c:e4:33:b5:5b:1b:4b:64:e0:59:dd:00:53:0a:81:d0:
50:dd:24:d0:12:4e:d3:e7:87:59:a3:78:41:d8:ee:bc:f4:89:
2f:fd:ef:9f:20:e9:b5:62:80:fb:ed:d6:27:d8:d5:9d:ac:01:
20:57:e3:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZExs4Bh0It7fFmfnkCkn0iAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYTNmOTlkYmE5NGEzMDdiNmNkMmUxZDkwZjY3OGRhYzA1
NjgxZjgwHhcNMjQwODA4MTExNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM4NzRiNTA0YzJlNTllNTVhN2EwMWJmZmU5NGM1MGE4MzYyN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0rhL9DtUI3vzbJsxRTyj3deDRU9
bmRCVevv+tqtJEW0hfoffca6Z3lmETRcPx7s61p2oXi58Sli/zQEce482WbgRqXs
CeWSye5n8RNlP9vwSmFp8FipemsMq2ejK3US/rS5zWQtfRKvCGyAal/Skr+rKN8E
/JSYrLJAkTleV/rTvaZQF7ZRtxjdiDj8HZ6vxzHBeqt5fPn5WQG9sLjVZGcCl3Da
Vo2j+6A3ef2Vg1QyM5aFnab1vyzlQ0rc2RZ5mbfGSpZVZgPjGNCEfXKl59x6ScjK
6FOvkpWLtXqKUQT7b53aAFNPbJhiLVutqQPBWjC/pVQZLmUE9NW3/i2FWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHIdLUEwuWeVaegG//pTFCoNifjMB8GA1UdIwQY
MBaAFH+j+Z26lKMHts0uHZD2eNrAVoH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUt
NGVhNDdjY2UwYzYzLzEvd2NoMHRRVEM1WjVWcDZBYl8tbE1VS2cySi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUtNGVhNDdjY2UwYzYz
LzEvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HkMA0G
CSqGSIb3DQEBCwUAA4IBAQAQAxCX4tgT2wZ0qR2u1tH8ogwaOgA4Oc1NM36pX/z1
Px9cZCfc9AcCLEn+2fqJRN6IwWZOhgoBp0tKqGVm4ARimKbLscAeIB1mAa2utMPd
oqYXKDrCZE6tojltcZi0CcQmpaGVRhPtMp4U0nyealiA3Lq81cu/tXKtTQF2FWAT
6brKH2K+cn9HtI1RfjC7KoMdAB9g189QIXPa4JI82VSUkyvskeOROPzZaSq5rYCH
TyGwbZcbA7T4jx2i0J7PIrtJTa+wsNwOtUzkM7VbG0tk4FndAFMKgdBQ3STQEk7T
54dZo3hB2O689Ikv/e+fIOm1YoD77dYn2NWdrAEgV+MP
-----END CERTIFICATE-----
Generated at Thu Oct 24 15:05:54 2024 by rpki-client on console-fra.rpki-client.org