Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/tjP7IgHV-QqKRlEyX3Q8KUdjhX4.roa
File: tjP7IgHV-QqKRlEyX3Q8KUdjhX4.roa (raw, json)
Hash identifier: 5otX+HcAgX7NWYYS1+ySRKHY3W7GcLBp6DCXwITHVwo=
Subject key identifier: B6:33:FB:22:01:D5:F9:0A:8A:46:51:32:5F:74:3C:29:47:63:85:7E
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 01852910F7A80553204BCE6EC3640745CD1A
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/tjP7IgHV-QqKRlEyX3Q8KUdjhX4.roa
Signing time: Mon 19 Dec 2022 06:27:35 +0000
ROA not before: Mon 19 Dec 2022 06:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.131.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:10:f7:a8:05:53:20:4b:ce:6e:c3:64:07:45:cd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Dec 19 06:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b633fb2201d5f90a8a4651325f743c294763857e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:49:0e:b4:4d:8b:54:e2:ab:da:d1:d1:2e:3c:
3a:c1:1e:75:f6:2e:39:01:be:b4:30:e8:3e:f6:91:
78:93:73:35:e9:2f:81:dd:03:1e:bc:30:5a:30:18:
50:34:6b:c2:6a:b9:57:ec:b8:8e:ed:67:a6:23:8e:
05:20:ea:20:9d:4b:8b:a4:9b:37:f8:f1:e5:08:00:
b3:c2:70:cf:c6:4c:9d:18:f7:b6:f8:cc:38:59:de:
7a:3c:be:63:92:ab:a9:30:48:5c:e6:4e:19:fe:4e:
e3:72:bf:36:eb:eb:bf:fe:60:7c:b6:93:1d:f2:87:
69:68:5f:20:f4:d5:22:01:59:69:ab:94:ea:ef:fc:
d7:62:e9:e1:d5:76:77:cb:2c:11:33:38:95:6b:ae:
92:c2:df:6f:1d:fe:a0:cb:84:41:76:5a:62:62:fb:
b4:bc:ab:95:5e:fb:38:fe:2d:c4:d8:2b:01:b2:9a:
ce:43:ae:e4:ea:4e:1d:5b:b5:e2:f2:d2:cb:b2:ab:
9a:3b:87:34:3f:2e:15:5b:ee:f8:ff:07:36:aa:94:
76:ab:c4:d4:a3:c4:82:50:26:46:52:ea:f8:3f:03:
8a:d0:ed:63:43:e7:16:e1:df:47:2e:7f:d5:3f:64:
51:8a:72:f5:28:5d:11:e1:b7:12:54:9c:38:6b:ab:
6b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:33:FB:22:01:D5:F9:0A:8A:46:51:32:5F:74:3C:29:47:63:85:7E
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/tjP7IgHV-QqKRlEyX3Q8KUdjhX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.145.255
109.104.157.0-109.104.159.255
Signature Algorithm: sha256WithRSAEncryption
c6:e1:02:d0:6e:5f:b2:5c:fa:bc:30:37:bb:6d:7f:8c:ff:d4:
59:b6:78:2f:44:27:e8:55:82:d3:7b:e4:84:74:82:8f:b3:57:
32:39:d4:39:7f:40:46:b6:67:cb:a1:e8:dc:31:f4:e5:7b:04:
71:ee:d7:3c:08:59:30:37:e2:b5:af:bd:92:49:e4:ab:49:79:
e7:76:99:73:6e:df:a3:8e:a0:1f:c9:96:ac:37:ef:81:c9:c8:
69:b7:b8:0f:21:1f:3c:f8:4a:ee:bb:0d:6a:74:f8:4a:87:e9:
e3:31:ad:ba:0a:b3:02:67:ad:fb:62:6f:5c:d1:95:e1:2b:79:
5c:23:9a:11:54:f0:10:3f:38:13:d6:2b:22:d4:e8:25:7b:56:
fa:18:4a:10:21:46:6e:17:fa:bc:92:74:cd:6e:31:ae:2e:7d:
0b:82:b0:95:4e:40:23:ae:13:fc:cb:50:e9:4b:3f:af:bb:98:
6b:99:ef:40:cd:f6:08:f5:f6:80:f0:8b:b7:35:0e:20:43:59:
60:5f:27:f2:c2:11:25:99:f3:1d:a6:d5:c4:0b:45:98:c3:3d:
e0:54:bd:85:51:3b:9e:01:ca:e0:7b:6a:2f:8c:ef:45:83:32:
7e:1d:c6:05:14:5e:b3:11:01:ff:1b:dd:4e:df:b7:ce:e5:60:
16:bc:d7:75
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUpEPeoBVMgS85uw2QHRc0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMjE5MDYyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMzZmIyMjAxZDVmOTBhOGE0NjUxMzI1Zjc0M2MyOTQ3NjM4NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0kOtE2LVOKr2tHRLjw6wR519i45
Ab60MOg+9pF4k3M16S+B3QMevDBaMBhQNGvCarlX7LiO7WemI44FIOognUuLpJs3
+PHlCACzwnDPxkydGPe2+Mw4Wd56PL5jkqupMEhc5k4Z/k7jcr826+u//mB8tpMd
8odpaF8g9NUiAVlpq5Tq7/zXYunh1XZ3yywRMziVa66Swt9vHf6gy4RBdlpiYvu0
vKuVXvs4/i3E2CsBsprOQ67k6k4dW7Xi8tLLsquaO4c0Py4VW+74/wc2qpR2q8TU
o8SCUCZGUur4PwOK0O1jQ+cW4d9HLn/VP2RRinL1KF0R4bcSVJw4a6trGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLYz+yIB1fkKikZRMl90PClHY4V+MB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL3RqUDdJZ0hWLVFxS1JsRXlYM1E4S1VkamhYNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIDBAJb0ogw
DAMEB21ogAMEAW1okDAMAwQAbWidAwQFbWiAMA0GCSqGSIb3DQEBCwUAA4IBAQDG
4QLQbl+yXPq8MDe7bX+M/9RZtngvRCfoVYLTe+SEdIKPs1cyOdQ5f0BGtmfLoejc
MfTlewRx7tc8CFkwN+K1r72SSeSrSXnndplzbt+jjqAfyZasN++Bychpt7gPIR88
+Eruuw1qdPhKh+njMa26CrMCZ637Ym9c0ZXhK3lcI5oRVPAQPzgT1isi1Ogle1b6
GEoQIUZuF/q8knTNbjGuLn0LgrCVTkAjrhP8y1DpSz+vu5hrme9AzfYI9faA8Iu3
NQ4gQ1lgXyfywhElmfMdptXEC0WYwz3gVL2FUTueAcrge2ovjO9FgzJ+HcYFFF6z
EQH/G91O37fO5WAWvNd1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org