Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/X9j5aPYi1Bjwx6ZGMKfmE0oMdjQ.roa
File: X9j5aPYi1Bjwx6ZGMKfmE0oMdjQ.roa (raw, json)
Hash identifier: qnKNgAJ4VNDxR22kD5P2RBQ1K8SJwb2UEWkWZeEMjNY=
Subject key identifier: 5F:D8:F9:68:F6:22:D4:18:F0:C7:A6:46:30:A7:E6:13:4A:0C:76:34
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 0D0F3F63
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/X9j5aPYi1Bjwx6ZGMKfmE0oMdjQ.roa
Signing time: Wed 15 Jun 2022 15:35:44 +0000
ROA not before: Wed 15 Jun 2022 15:35:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.131.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219103075 (0xd0f3f63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Jun 15 15:35:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fd8f968f622d418f0c7a64630a7e6134a0c7634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:75:d5:f4:05:94:27:9d:1c:c4:dc:02:87:
fb:7b:ce:a7:b0:6a:75:43:b5:fe:ef:ac:39:72:15:
3d:50:2f:b5:40:ec:fb:ea:c9:54:c6:f7:10:9e:6c:
70:b0:5e:80:49:1e:b9:ad:c1:69:ca:5e:55:dc:0b:
75:ca:3b:bc:43:4b:ff:59:6c:11:7c:e3:d2:ff:08:
12:a2:8b:b6:aa:0f:3a:66:52:24:35:3b:97:f9:22:
86:7d:c0:7c:64:dd:4e:ff:9d:8b:f4:15:cc:07:31:
27:2d:bf:f9:b8:54:e1:59:44:96:43:0e:f9:3b:d3:
eb:23:ff:70:04:42:b0:8d:73:d3:ca:f6:3f:27:6a:
06:78:67:27:ec:f4:5d:e5:d2:a1:ed:d3:1f:75:73:
49:8a:4e:20:8c:ea:0e:dd:a1:dd:9a:84:72:d1:c2:
00:24:20:2e:4e:37:78:83:48:60:6b:4c:27:a6:92:
35:5c:7c:d4:a0:e4:61:9f:54:b6:dc:5b:a4:b5:43:
a1:89:e7:bf:fa:29:4a:93:aa:8d:32:30:4a:78:17:
f4:d9:a2:d0:c2:e4:7f:48:ff:78:93:af:bd:61:27:
0d:df:79:d7:57:03:a6:c2:b3:de:55:6c:12:44:23:
54:15:29:ad:17:94:e3:99:82:a9:69:5a:b2:40:d8:
94:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D8:F9:68:F6:22:D4:18:F0:C7:A6:46:30:A7:E6:13:4A:0C:76:34
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/X9j5aPYi1Bjwx6ZGMKfmE0oMdjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.145.255
109.104.153.0-109.104.159.255
Signature Algorithm: sha256WithRSAEncryption
a6:2d:ae:a5:bc:69:68:0e:4b:02:3f:77:7c:54:c4:87:1f:b5:
a0:10:09:9f:e7:e5:97:e8:f1:9f:94:53:8c:12:73:f3:14:c3:
0e:f5:c2:82:db:a6:79:34:2b:2d:c2:24:0e:92:b3:6f:f8:72:
04:6d:16:d3:03:83:3a:66:90:c2:ca:ce:b2:87:78:7b:2a:ae:
72:99:d4:fa:62:b1:c2:a6:83:fb:00:e5:e9:f7:aa:1e:90:7f:
1e:32:d6:8d:61:32:c4:fc:65:5c:29:0d:85:ee:69:0e:25:ba:
c8:94:23:7b:d6:5e:47:b1:ba:e0:4c:1f:45:48:03:fb:1c:5c:
93:5c:fc:6b:a5:a7:23:69:8e:31:52:28:c1:60:27:6e:4d:12:
01:aa:85:b3:02:ac:44:d8:1f:61:71:79:13:58:26:5a:02:f2:
9b:8a:c8:25:0a:a2:50:c9:eb:1b:9c:45:60:4c:9d:83:9b:12:
ee:cf:43:77:fe:91:4a:ae:27:e2:2d:55:f5:91:fa:5e:0a:6b:
28:f5:dd:b9:63:06:6e:58:e9:72:bc:0e:46:e4:3e:90:8f:89:
12:87:9f:0b:91:96:74:85:0f:3b:68:7d:f6:f2:c4:b9:63:27:
ce:ef:83:e4:f9:88:ce:86:77:15:13:a6:87:61:56:06:22:77:
4e:7b:48:1e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEDQ8/YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmY2MmY3NjA2MjczZjQxYTZjY2M4ZTI5NTYwNzZmM2MwYTFlYjU0MB4XDTIyMDYx
NTE1MzU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkOGY5NjhmNjIy
ZDQxOGYwYzdhNjQ2MzBhN2U2MTM0YTBjNzYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsNddX0BZQnnRzE3AKH+3vOp7BqdUO1/u+sOXIVPVAvtUDs
++rJVMb3EJ5scLBegEkeua3BacpeVdwLdco7vENL/1lsEXzj0v8IEqKLtqoPOmZS
JDU7l/kihn3AfGTdTv+di/QVzAcxJy2/+bhU4VlElkMO+TvT6yP/cARCsI1z08r2
PydqBnhnJ+z0XeXSoe3TH3VzSYpOIIzqDt2h3ZqEctHCACQgLk43eINIYGtMJ6aS
NVx81KDkYZ9UttxbpLVDoYnnv/opSpOqjTIwSngX9Nmi0MLkf0j/eJOvvWEnDd95
11cDpsKz3lVsEkQjVBUprReU45mCqWlaskDYlMMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRf2Plo9iLUGPDHpkYwp+YTSgx2NDAfBgNVHSMEGDAWgBT79i92Bic/QabM
yOKVYHbzwKHrVDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzIzLzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIv
MS9YOWo1YVBZaTFCand4NlpHTUtmbUUwb01kalEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIz
Lzk1ZWViYi0wYTlkLTRmNzEtYjNmOS01NjQ5ZTFiMTkyYmIvMS8xLV9ZdmRnWW5Q
MEdtek1qaWxXQjI4OENoNjFRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCW9KIMAwDBAdtaIADBAFtaJAw
DAMEAG1omQMEBW1ogDANBgkqhkiG9w0BAQsFAAOCAQEApi2upbxpaA5LAj93fFTE
hx+1oBAJn+fll+jxn5RTjBJz8xTDDvXCgtumeTQrLcIkDpKzb/hyBG0W0wODOmaQ
wsrOsod4eyqucpnU+mKxwqaD+wDl6feqHpB/HjLWjWEyxPxlXCkNhe5pDiW6yJQj
e9ZeR7G64EwfRUgD+xxck1z8a6WnI2mOMVIowWAnbk0SAaqFswKsRNgfYXF5E1gm
WgLym4rIJQqiUMnrG5xFYEydg5sS7s9Dd/6RSq4n4i1V9ZH6XgprKPXduWMGbljp
crwORuQ+kI+JEoefC5GWdIUPO2h99vLEuWMnzu+D5PmIzoZ3FROmh2FWBiJ3TntI
Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:14 2024 by rpki-client on console-ams.rpki-client.org