Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/RGCKshIVyNJ8LN4PWo8LvB3-2zM.roa
File: RGCKshIVyNJ8LN4PWo8LvB3-2zM.roa (raw, json)
Hash identifier: Mvrb2QWnKfV1A1zQA6k06MwqJ+OCZK5ZtYQi7yR+KAk=
Subject key identifier: 44:60:8A:B2:12:15:C8:D2:7C:2C:DE:0F:5A:8F:0B:BC:1D:FE:DB:33
Certificate issuer: /CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Certificate serial: 018539AC5C3260E1E80EA82699904EC5BF82
Authority key identifier: 4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/RGCKshIVyNJ8LN4PWo8LvB3-2zM.roa
Signing time: Thu 22 Dec 2022 11:51:15 +0000
ROA not before: Thu 22 Dec 2022 11:51:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57511
IP address blocks: 91.132.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:ac:5c:32:60:e1:e8:0e:a8:26:99:90:4e:c5:bf:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Validity
Not Before: Dec 22 11:51:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44608ab21215c8d27c2cde0f5a8f0bbc1dfedb33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:55:93:1f:49:5e:e5:14:d3:e3:9d:a9:ae:62:
0c:fa:94:a2:f2:1e:86:c8:41:f6:30:52:6d:bd:41:
53:a3:ac:88:42:75:a5:59:bc:d5:62:b0:11:9f:1e:
ae:ca:b4:d2:42:92:2e:f2:cb:11:84:50:09:fb:f4:
a1:7f:34:41:0e:f6:8f:71:1d:bc:fd:86:32:a0:d0:
80:f5:00:b0:13:94:9a:f5:f0:67:17:2d:14:6a:b5:
8e:1c:ab:f0:1c:5b:51:04:b5:d5:70:6b:29:b4:44:
5b:fb:32:c8:68:64:d5:cb:ce:94:ce:b8:5d:88:dd:
fd:03:37:23:df:07:e1:d7:d8:b0:f2:60:b2:5b:02:
35:7c:ad:d3:41:51:b1:82:2d:6b:a0:8d:b0:7c:2a:
d0:9d:65:02:9b:c9:5a:84:95:e4:f1:63:7e:fa:d3:
a5:cf:19:f7:37:9e:b8:53:e2:63:9e:57:c4:0c:cb:
11:84:c6:1d:d3:dd:9b:ca:1b:66:0d:85:3c:f5:ff:
df:24:2a:55:88:f2:74:52:99:e2:1e:4e:da:21:da:
b9:8a:8f:fb:1d:e7:a0:bd:14:2e:eb:d5:37:27:b0:
83:e4:a5:0b:26:72:84:c4:97:de:b3:e7:26:90:cd:
43:0a:b9:2c:c2:25:33:23:ca:8c:89:81:a1:4f:ea:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:60:8A:B2:12:15:C8:D2:7C:2C:DE:0F:5A:8F:0B:BC:1D:FE:DB:33
X509v3 Authority Key Identifier:
keyid:4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/RGCKshIVyNJ8LN4PWo8LvB3-2zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/TfCXBITrJrxZ_Y-o1b98PHIS0BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/22
Signature Algorithm: sha256WithRSAEncryption
70:b0:2c:29:38:63:97:ee:c0:98:0f:9e:d4:49:ba:f0:bb:0e:
61:0f:53:90:10:dc:77:5f:99:98:a4:ed:ec:cb:0b:8a:ac:0d:
53:fb:0c:c2:e7:41:6d:c8:0b:df:b5:1f:ca:ca:15:ab:a8:b8:
b2:b7:e0:30:b1:5f:80:17:53:0d:78:62:58:49:cc:06:6e:5b:
8a:dd:13:ee:65:da:41:b9:01:4d:1d:22:a4:a8:5b:fd:a3:1d:
c9:9f:44:c7:0f:39:9a:1f:2d:4f:05:74:e1:80:00:a0:71:22:
2c:85:c3:45:e2:a2:02:9d:c5:57:84:39:05:58:9f:07:ef:84:
be:98:44:70:d1:26:41:b1:ba:a1:83:5d:1e:e3:01:fb:ff:5f:
63:97:f9:cf:0f:1f:d0:3c:e2:7a:2f:a6:6c:9e:54:1c:6d:d7:
43:b7:6a:7b:4d:72:7f:f1:ad:39:84:f3:52:8f:58:eb:73:ac:
c8:27:67:69:88:27:5d:5c:cd:c1:5f:17:5b:2f:06:a2:e2:43:
80:4f:59:ab:44:1f:ce:67:6c:ee:68:d5:f9:99:a8:fb:88:b8:
d0:2c:33:1c:c7:ef:61:49:ff:a9:e5:89:0a:40:9b:3f:ca:52:
6f:83:43:cf:10:19:9b:12:14:78:f2:20:f5:3a:54:2c:92:1e:
43:48:c0:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU5rFwyYOHoDqgmmZBOxb+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjA5NzA0ODRlYjI2YmM1OWZkOGZhOGQ1YmY3YzNjNzIx
MmQwMTEwHhcNMjIxMjIyMTE1MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDYwOGFiMjEyMTVjOGQyN2MyY2RlMGY1YThmMGJiYzFkZmVkYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1WTH0le5RTT452prmIM+pSi8h6G
yEH2MFJtvUFTo6yIQnWlWbzVYrARnx6uyrTSQpIu8ssRhFAJ+/ShfzRBDvaPcR28
/YYyoNCA9QCwE5Sa9fBnFy0UarWOHKvwHFtRBLXVcGsptERb+zLIaGTVy86Uzrhd
iN39Azcj3wfh19iw8mCyWwI1fK3TQVGxgi1roI2wfCrQnWUCm8lahJXk8WN++tOl
zxn3N564U+JjnlfEDMsRhMYd092byhtmDYU89f/fJCpViPJ0UpniHk7aIdq5io/7
HeegvRQu69U3J7CD5KULJnKExJfes+cmkM1DCrkswiUzI8qMiYGhT+p7VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERgirISFcjSfCzeD1qPC7wd/tszMB8GA1UdIwQY
MBaAFE3wlwSE6ya8Wf2PqNW/fDxyEtARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmIt
MWU5YmZmNWU0MDIxLzEvUkdDS3NoSVZ5Tko4TE40UFdvOEx2QjMtMnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmItMWU5YmZmNWU0MDIx
LzEvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQBwsCwpOGOX7sCYD57USbrwuw5hD1OQENx3X5mYpO3s
ywuKrA1T+wzC50FtyAvftR/KyhWrqLiyt+AwsV+AF1MNeGJYScwGbluK3RPuZdpB
uQFNHSKkqFv9ox3Jn0THDzmaHy1PBXThgACgcSIshcNF4qICncVXhDkFWJ8H74S+
mERw0SZBsbqhg10e4wH7/19jl/nPDx/QPOJ6L6ZsnlQcbddDt2p7TXJ/8a05hPNS
j1jrc6zIJ2dpiCddXM3BXxdbLwai4kOAT1mrRB/OZ2zuaNX5maj7iLjQLDMcx+9h
Sf+p5YkKQJs/ylJvg0PPEBmbEhR48iD1OlQskh5DSMBu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org