Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/KUpjKr-QP4tX8DTxgIbToJl4Peo.roa
File: KUpjKr-QP4tX8DTxgIbToJl4Peo.roa (raw, json)
Hash identifier: rQTJhyUY7l9yIh0cSXYYp/vBKaxCVEWsgCUgpi/T90Q=
Subject key identifier: 29:4A:63:2A:BF:90:3F:8B:57:F0:34:F1:80:86:D3:A0:99:78:3D:EA
Certificate issuer: /CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Certificate serial: 018571B0E3294C70FA055C5A1090D8E23E9D
Authority key identifier: 4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/KUpjKr-QP4tX8DTxgIbToJl4Peo.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49832
IP address blocks: 91.132.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e3:29:4c:70:fa:05:5c:5a:10:90:d8:e2:3e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=294a632abf903f8b57f034f18086d3a099783dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:1a:4f:88:5f:0c:fc:7f:52:3c:ec:3f:99:
15:1c:da:3b:c4:8d:1c:9d:46:e6:97:77:45:cb:73:
23:bf:06:fb:e7:68:eb:b2:5f:c9:7b:a5:61:d9:01:
47:47:2a:c8:2e:2a:08:94:3a:e2:45:d1:f5:f9:68:
0a:4d:46:65:3f:6c:28:df:e5:9a:6c:d3:44:7e:6c:
83:d2:9f:70:8f:5b:21:bf:3b:45:6c:54:3c:66:17:
65:61:0f:ae:58:38:1b:eb:ee:1e:08:6d:46:52:b4:
88:c0:24:65:70:d8:1f:f5:90:51:72:4f:91:01:9c:
88:a5:df:69:ee:b0:42:fb:c0:0c:f3:89:22:67:a3:
16:23:da:f9:3f:ad:74:13:26:f6:c4:d0:c8:2b:bd:
22:97:bd:f2:a7:08:ab:7f:9b:dd:9c:5c:21:e0:b1:
a3:56:f4:50:af:0e:21:05:2c:ae:ef:e7:4c:31:99:
9f:d4:78:6a:c0:71:23:c9:a5:a5:d7:72:6f:a4:b9:
76:ce:7c:4d:41:cc:1a:de:ed:cc:81:0f:eb:b2:04:
5d:aa:12:fd:12:df:a4:84:b6:6b:8c:dc:11:78:34:
e5:3b:fc:43:97:bf:27:e5:f3:d0:e3:e2:18:d6:2d:
49:e2:bb:d5:2b:9f:b1:c4:41:7c:2a:30:66:3c:fc:
a2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4A:63:2A:BF:90:3F:8B:57:F0:34:F1:80:86:D3:A0:99:78:3D:EA
X509v3 Authority Key Identifier:
keyid:4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/KUpjKr-QP4tX8DTxgIbToJl4Peo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/TfCXBITrJrxZ_Y-o1b98PHIS0BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:4b:f3:83:23:bb:ff:1d:fc:0f:89:26:08:80:e4:30:4d:92:
86:f3:52:06:6b:43:55:b2:ad:27:6a:ac:95:3a:93:7c:7d:59:
13:3a:2a:35:5c:e1:5b:3e:fa:56:76:08:63:25:75:86:3d:9d:
02:c6:6d:e4:e8:53:a4:22:00:77:a9:82:ad:1e:da:ab:24:b6:
9d:ae:ea:40:ec:ce:c0:ba:5b:57:8a:11:41:a8:c5:11:94:2d:
72:27:f5:80:ba:45:c7:39:6c:b2:26:3e:82:38:99:9b:29:29:
cc:ec:fd:c2:a5:43:a9:24:99:3e:42:71:ea:c1:87:5b:01:e9:
8c:aa:13:af:6c:02:5a:dd:dc:ef:89:1b:8d:cb:31:5e:5a:7c:
25:1a:36:a9:6e:24:59:c9:3e:35:86:c4:85:4d:1c:28:52:b1:
26:25:f1:b8:6f:0c:cb:ce:1a:95:fe:d8:86:49:37:85:a9:46:
f6:73:42:98:37:26:54:24:48:24:b5:77:62:41:47:98:12:2e:
92:e8:a3:2b:0f:e5:c7:6c:59:94:63:20:0e:b6:75:2d:97:74:
02:d5:95:1b:ad:1e:e8:17:78:b0:7f:64:28:bf:da:57:d7:72:
96:db:05:ca:2b:71:0a:2a:78:0b:90:8e:5d:d1:63:f4:21:cc:
bc:61:0e:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOMpTHD6BVxaEJDY4j6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjA5NzA0ODRlYjI2YmM1OWZkOGZhOGQ1YmY3YzNjNzIx
MmQwMTEwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRhNjMyYWJmOTAzZjhiNTdmMDM0ZjE4MDg2ZDNhMDk5NzgzZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuysaT4hfDPx/UjzsP5kVHNo7xI0c
nUbml3dFy3Mjvwb752jrsl/Je6Vh2QFHRyrILioIlDriRdH1+WgKTUZlP2wo3+Wa
bNNEfmyD0p9wj1shvztFbFQ8ZhdlYQ+uWDgb6+4eCG1GUrSIwCRlcNgf9ZBRck+R
AZyIpd9p7rBC+8AM84kiZ6MWI9r5P610Eyb2xNDIK70il73ypwirf5vdnFwh4LGj
VvRQrw4hBSyu7+dMMZmf1HhqwHEjyaWl13JvpLl2znxNQcwa3u3MgQ/rsgRdqhL9
Et+khLZrjNwReDTlO/xDl78n5fPQ4+IY1i1J4rvVK5+xxEF8KjBmPPyipQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClKYyq/kD+LV/A08YCG06CZeD3qMB8GA1UdIwQY
MBaAFE3wlwSE6ya8Wf2PqNW/fDxyEtARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmIt
MWU5YmZmNWU0MDIxLzEvS1VwaktyLVFQNHRYOERUeGdJYlRvSmw0UGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmItMWU5YmZmNWU0MDIx
LzEvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQB7S/ODI7v/HfwPiSYIgOQwTZKG81IGa0NVsq0naqyV
OpN8fVkTOio1XOFbPvpWdghjJXWGPZ0Cxm3k6FOkIgB3qYKtHtqrJLadrupA7M7A
ultXihFBqMURlC1yJ/WAukXHOWyyJj6COJmbKSnM7P3CpUOpJJk+QnHqwYdbAemM
qhOvbAJa3dzviRuNyzFeWnwlGjapbiRZyT41hsSFTRwoUrEmJfG4bwzLzhqV/tiG
STeFqUb2c0KYNyZUJEgktXdiQUeYEi6S6KMrD+XHbFmUYyAOtnUtl3QC1ZUbrR7o
F3iwf2Qov9pX13KW2wXKK3EKKngLkI5d0WP0Icy8YQ6r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org