Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/e-9GGh0TsXnObUn0S8LD4ggIZ5c.roa
File: e-9GGh0TsXnObUn0S8LD4ggIZ5c.roa (raw, json)
Hash identifier: NIsv9HLFA2puLX2IUKoF2Nys537mGpjYTRn7LS5FvKg=
Subject key identifier: 7B:EF:46:1A:1D:13:B1:79:CE:6D:49:F4:4B:C2:C3:E2:08:08:67:97
Certificate issuer: /CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Certificate serial: 0182A7AE511B6A0E92354F003D11B96B6AF9
Authority key identifier: 4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/e-9GGh0TsXnObUn0S8LD4ggIZ5c.roa
Signing time: Tue 16 Aug 2022 17:23:15 +0000
ROA not before: Tue 16 Aug 2022 17:23:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205692
IP address blocks: 91.132.164.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a7:ae:51:1b:6a:0e:92:35:4f:00:3d:11:b9:6b:6a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df0970484eb26bc59fd8fa8d5bf7c3c7212d011
Validity
Not Before: Aug 16 17:23:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bef461a1d13b179ce6d49f44bc2c3e208086797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:86:8a:f0:19:37:a0:d2:46:59:27:76:72:
cb:e8:25:e3:36:08:f8:02:10:d2:de:fb:dd:c9:07:
f9:9d:87:c1:29:01:64:4f:75:83:4e:72:13:11:f0:
29:67:90:22:98:50:4b:10:14:2c:06:e9:1b:c5:60:
cb:cf:c9:0d:28:eb:e0:42:2e:7e:df:99:74:f3:53:
b7:18:0f:13:00:b5:de:72:30:b6:98:45:b8:6d:43:
5a:a1:6b:8a:c4:f7:0f:6c:41:47:a4:88:a0:4b:6c:
a6:26:49:26:2d:81:18:c2:d2:f8:ee:70:e3:ef:b9:
ea:d6:d8:d5:84:1c:01:12:cb:17:c8:80:7c:27:b4:
80:2e:eb:27:f5:06:88:a1:6c:d7:bb:d1:67:2d:53:
e5:97:92:86:51:26:56:98:d4:3f:c3:e8:f3:88:5d:
ff:a7:e1:bc:83:1a:a0:ed:c7:ff:0a:d0:69:84:a1:
b3:47:55:f6:91:46:66:21:21:d4:f4:99:b9:f5:7d:
94:43:d5:4b:92:9b:6b:7a:c2:5d:9a:7a:e2:69:ca:
57:c3:bb:89:3f:de:e0:65:19:5a:ed:73:87:02:5c:
f6:6b:14:55:88:d1:38:70:b3:ca:4a:55:88:c1:df:
57:13:6d:cb:90:2c:ad:48:a9:f5:41:31:22:d7:bf:
05:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EF:46:1A:1D:13:B1:79:CE:6D:49:F4:4B:C2:C3:E2:08:08:67:97
X509v3 Authority Key Identifier:
keyid:4D:F0:97:04:84:EB:26:BC:59:FD:8F:A8:D5:BF:7C:3C:72:12:D0:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfCXBITrJrxZ_Y-o1b98PHIS0BE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/e-9GGh0TsXnObUn0S8LD4ggIZ5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8e1198-e50f-416f-9d6b-1e9bff5e4021/1/TfCXBITrJrxZ_Y-o1b98PHIS0BE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:ee:45:22:b9:4b:69:74:0b:09:3b:82:c5:50:9e:b7:48:74:
4e:96:1b:5f:2b:8e:39:eb:a0:f4:3b:81:f7:b7:e9:c5:50:37:
9b:68:3f:d1:08:73:2d:f8:7a:c8:39:76:06:da:f5:31:33:cb:
07:3e:88:4b:09:9a:bf:f9:ce:e2:3c:f5:63:6f:bb:51:3a:6a:
87:4b:1c:43:34:46:52:fc:9a:c3:1f:1b:40:d9:ec:be:8f:26:
57:d2:58:67:fa:d8:bf:9a:d4:38:5e:8e:e5:45:ba:da:e4:c7:
16:a2:ce:2c:0f:e7:11:65:ba:bc:87:5d:e2:b2:27:67:be:8c:
d3:28:bb:f5:a9:c0:86:37:4e:b9:2a:cf:c7:da:e8:4d:75:fb:
4f:b3:3e:b9:6d:57:74:60:84:5d:1a:40:9c:95:96:28:37:86:
c6:27:5f:e5:70:63:c9:f9:17:ab:76:e2:a9:8b:7b:21:f7:ae:
bb:97:71:72:a3:93:06:3c:97:28:8a:2c:5f:c9:26:88:a2:6b:
2f:7f:cc:bf:7f:ec:c5:73:b4:84:5c:3b:15:f8:b3:ee:a6:03:
97:8f:60:03:a4:7f:b7:39:31:13:8b:75:db:c7:3f:6d:c2:24:
df:a8:84:d2:1b:72:97:e3:a0:54:79:4e:43:30:1b:0f:be:cc:
95:cb:3c:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKnrlEbag6SNU8APRG5a2r5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjA5NzA0ODRlYjI2YmM1OWZkOGZhOGQ1YmY3YzNjNzIx
MmQwMTEwHhcNMjIwODE2MTcyMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVmNDYxYTFkMTNiMTc5Y2U2ZDQ5ZjQ0YmMyYzNlMjA4MDg2Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtaGivAZN6DSRlkndnLL6CXjNgj4
AhDS3vvdyQf5nYfBKQFkT3WDTnITEfApZ5AimFBLEBQsBukbxWDLz8kNKOvgQi5+
35l081O3GA8TALXecjC2mEW4bUNaoWuKxPcPbEFHpIigS2ymJkkmLYEYwtL47nDj
77nq1tjVhBwBEssXyIB8J7SALusn9QaIoWzXu9FnLVPll5KGUSZWmNQ/w+jziF3/
p+G8gxqg7cf/CtBphKGzR1X2kUZmISHU9Jm59X2UQ9VLkptresJdmnriacpXw7uJ
P97gZRla7XOHAlz2axRViNE4cLPKSlWIwd9XE23LkCytSKn1QTEi178FtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvvRhodE7F5zm1J9EvCw+IICGeXMB8GA1UdIwQY
MBaAFE3wlwSE6ya8Wf2PqNW/fDxyEtARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmIt
MWU5YmZmNWU0MDIxLzEvZS05R0doMFRzWG5PYlVuMFM4TEQ0Z2dJWjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84ZTExOTgtZTUwZi00MTZmLTlkNmItMWU5YmZmNWU0MDIx
LzEvVGZDWEJJVHJKcnhaX1ktbzFiOThQSElTMEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQCM7kUiuUtpdAsJO4LFUJ63SHROlhtfK44566D0O4H3
t+nFUDebaD/RCHMt+HrIOXYG2vUxM8sHPohLCZq/+c7iPPVjb7tROmqHSxxDNEZS
/JrDHxtA2ey+jyZX0lhn+ti/mtQ4Xo7lRbra5McWos4sD+cRZbq8h13isidnvozT
KLv1qcCGN065Ks/H2uhNdftPsz65bVd0YIRdGkCclZYoN4bGJ1/lcGPJ+RerduKp
i3sh9667l3Fyo5MGPJcoiixfySaIomsvf8y/f+zFc7SEXDsV+LPupgOXj2ADpH+3
OTETi3Xbxz9twiTfqITSG3KX46BUeU5DMBsPvsyVyzwH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:31 2024 by rpki-client on console-ams.rpki-client.org