Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/8zPondl_BU3EOqJeD1bdv8Ce598.roa
File: 8zPondl_BU3EOqJeD1bdv8Ce598.roa (raw, json)
Hash identifier: qali6ua4wlEariBgJZEFOPy1nkuKF6p1pKzv/dYYghc=
Subject key identifier: F3:33:E8:9D:D9:7F:05:4D:C4:3A:A2:5E:0F:56:DD:BF:C0:9E:E7:DF
Certificate issuer: /CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Certificate serial: 018571B0E3942E273CDAD25BFD3592F459AD
Authority key identifier: 4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/8zPondl_BU3EOqJeD1bdv8Ce598.roa
Signing time: Mon 02 Jan 2023 08:54:56 +0000
ROA not before: Mon 02 Jan 2023 08:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57511
IP address blocks: 91.132.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e3:94:2e:27:3c:da:d2:5b:fd:35:92:f4:59:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Validity
Not Before: Jan 2 08:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f333e89dd97f054dc43aa25e0f56ddbfc09ee7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:28:26:86:b8:08:b6:bb:a5:91:00:4b:dc:d7:
0d:64:bb:e7:75:68:b9:72:9d:8f:e0:c9:8e:c1:74:
aa:fe:7b:fb:a5:b9:87:6d:f9:dd:54:44:82:10:d1:
ff:41:d7:89:bd:23:cb:3d:14:dd:94:87:04:97:fb:
b5:f5:b1:51:f5:c0:c4:97:79:1e:a1:2a:7c:ac:2c:
cd:3d:25:e4:cc:38:c1:1d:08:fc:ce:e7:5d:39:55:
9c:ff:97:1f:b1:c4:a3:a9:b6:f3:08:16:83:1c:0d:
ef:c7:63:bb:06:ee:81:e4:33:d9:68:a1:90:c8:75:
9d:88:3e:1f:6b:ac:7e:3b:f8:3c:e3:ba:8b:f4:d9:
9b:7d:6a:a4:72:c3:7c:54:c4:b6:d8:82:22:34:b1:
4b:36:a9:67:3e:2b:87:30:f8:74:3f:29:46:db:08:
74:1b:2e:83:50:d2:23:76:a0:e0:d1:68:c1:e3:f6:
f4:f8:04:05:e9:67:da:da:f3:9c:c0:60:9d:b7:3e:
b4:9a:7d:19:05:ba:b5:8b:b6:98:dc:73:19:7f:8b:
b9:4f:ea:0b:fd:4a:60:68:33:0e:3a:9f:48:0a:e1:
d4:11:24:8b:11:b8:e4:b0:be:a8:0b:c6:0a:9b:57:
f2:99:9e:63:8b:44:22:03:bd:5f:43:c1:96:7c:e4:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:33:E8:9D:D9:7F:05:4D:C4:3A:A2:5E:0F:56:DD:BF:C0:9E:E7:DF
X509v3 Authority Key Identifier:
keyid:4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/8zPondl_BU3EOqJeD1bdv8Ce598.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/TfCXBITrJrxZ_Y-o1b98PHIS0BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/22
Signature Algorithm: sha256WithRSAEncryption
88:cb:34:d7:21:82:52:24:15:eb:b2:fb:e2:a3:0c:29:4b:c1:
72:d3:50:99:db:d1:5b:3d:8f:0c:b2:c9:5a:72:f0:9a:af:bf:
61:fd:04:9a:34:bb:00:d3:88:fa:ba:ee:74:bb:12:52:2e:5a:
c5:89:cf:c6:01:09:64:e5:f9:59:72:9e:ff:46:f1:ec:c0:b8:
69:ea:92:52:1a:4d:28:fc:46:3f:10:50:7c:3f:c1:a4:00:26:
96:f4:8c:c0:75:09:11:14:46:2e:78:9b:91:87:9c:f0:79:c4:
1b:b2:13:40:14:b7:a1:74:88:2d:e7:ac:3e:70:ff:b4:5d:b5:
03:fb:c1:6f:32:1b:cf:88:b7:c5:4b:ef:4b:74:74:49:04:de:
e4:c2:ff:fb:f8:75:65:1f:6e:87:0d:f6:f8:e2:0b:62:ac:8b:
82:b8:c0:52:5d:40:44:b3:44:e9:2a:8a:a3:d8:21:3c:86:aa:
fe:a3:bb:a1:56:6e:26:7b:13:40:f3:21:b7:91:9a:e0:ef:74:
d3:ed:a5:55:3b:6f:8f:1b:72:9d:65:b0:d2:02:c6:ff:31:81:
2d:cb:22:91:df:a2:21:8c:b2:ec:84:85:5d:c1:0d:7f:7d:8a:
3d:d4:f5:af:d6:d7:e5:5c:87:80:93:ad:dd:c9:17:70:99:87:
86:dc:45:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOOULic82tJb/TWS9FmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjA5NzA0ODRlYjI2YmM1OWZkOGZhOGQ1YmY3YzNjNzIx
MmQwMTEwHhcNMjMwMTAyMDg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzMzZTg5ZGQ5N2YwNTRkYzQzYWEyNWUwZjU2ZGRiZmMwOWVlN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCgmhrgItrulkQBL3NcNZLvndWi5
cp2P4MmOwXSq/nv7pbmHbfndVESCENH/QdeJvSPLPRTdlIcEl/u19bFR9cDEl3ke
oSp8rCzNPSXkzDjBHQj8zuddOVWc/5cfscSjqbbzCBaDHA3vx2O7Bu6B5DPZaKGQ
yHWdiD4fa6x+O/g847qL9NmbfWqkcsN8VMS22IIiNLFLNqlnPiuHMPh0PylG2wh0
Gy6DUNIjdqDg0WjB4/b0+AQF6Wfa2vOcwGCdtz60mn0ZBbq1i7aY3HMZf4u5T+oL
/UpgaDMOOp9ICuHUESSLEbjksL6oC8YKm1fymZ5ji0QiA71fQ8GWfOS0twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMz6J3ZfwVNxDqiXg9W3b/AnuffMB8GA1UdIwQY
MBaAFE3wlwSE6ya8Wf2PqNW/fDxyEtARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmIt
MWU5YmZmNWU0MDIxLzEvOHpQb25kbF9CVTNFT3FKZUQxYmR2OENlNTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmItMWU5YmZmNWU0MDIx
LzEvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQCIyzTXIYJSJBXrsvviowwpS8Fy01CZ29FbPY8Mssla
cvCar79h/QSaNLsA04j6uu50uxJSLlrFic/GAQlk5flZcp7/RvHswLhp6pJSGk0o
/EY/EFB8P8GkACaW9IzAdQkRFEYueJuRh5zwecQbshNAFLehdIgt56w+cP+0XbUD
+8FvMhvPiLfFS+9LdHRJBN7kwv/7+HVlH26HDfb44gtirIuCuMBSXUBEs0TpKoqj
2CE8hqr+o7uhVm4mexNA8yG3kZrg73TT7aVVO2+PG3KdZbDSAsb/MYEtyyKR36Ih
jLLshIVdwQ1/fYo91PWv1tflXIeAk63dyRdwmYeG3EX0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org