Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/TGx0YdU2GU4JtwWyYv6qJ1Owi0E.roa
File: TGx0YdU2GU4JtwWyYv6qJ1Owi0E.roa (raw, json)
Hash identifier: tR1vGzZybyHC3319QtqA+zT9cAIIstWufHzFmLo5V7U=
Subject key identifier: 4C:6C:74:61:D5:36:19:4E:09:B7:05:B2:62:FE:AA:27:53:B0:8B:41
Certificate issuer: /CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Certificate serial: 01856EB9028E2556D942DDB89E4C6135F4AD
Authority key identifier: A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/TGx0YdU2GU4JtwWyYv6qJ1Owi0E.roa
Signing time: Sun 01 Jan 2023 19:04:56 +0000
ROA not before: Sun 01 Jan 2023 19:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5610
IP address blocks: 151.236.224.0/20 maxlen: 24
91.191.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:02:8e:25:56:d9:42:dd:b8:9e:4c:61:35:f4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Validity
Not Before: Jan 1 19:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c6c7461d536194e09b705b262feaa2753b08b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:72:b5:31:98:eb:7e:29:21:26:54:52:26:
32:14:48:e0:76:bf:d6:cd:14:31:a7:76:a7:e3:f3:
99:43:16:8f:3d:3a:28:03:eb:b6:b4:5f:83:a9:af:
74:27:2e:7c:22:f0:04:23:f7:80:04:f7:01:19:86:
be:29:b7:31:7a:b5:30:83:5e:e7:95:9d:ca:64:f4:
56:cd:dc:e9:96:44:5f:ae:b5:53:67:08:d7:51:f2:
26:62:8e:6f:15:61:11:9f:33:e3:c0:88:0c:5e:9d:
05:82:9d:d7:b8:f6:1b:98:08:36:ed:80:9a:4d:73:
08:5a:36:fe:8f:1e:f1:0c:35:f8:8a:c3:2c:90:09:
f0:a8:f9:e8:87:55:db:1d:e2:06:6f:a0:d3:8f:3f:
18:d3:2c:a3:38:6d:90:c4:77:97:43:1e:89:9a:ff:
cb:7c:bf:5d:0c:0d:94:df:8d:7d:5a:f7:0b:a9:d9:
e8:86:5c:8d:48:53:b2:e8:a6:f1:5f:a6:86:a9:e2:
61:4f:75:45:52:af:d3:11:95:9b:c3:e5:94:17:42:
2f:4d:dd:6b:bb:d2:db:1b:b9:3a:77:d5:3c:77:b0:
e9:b8:0f:10:1c:09:dd:82:60:83:41:be:be:ef:b0:
31:ef:8b:4e:07:28:35:50:fd:42:05:b1:00:f2:66:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:6C:74:61:D5:36:19:4E:09:B7:05:B2:62:FE:AA:27:53:B0:8B:41
X509v3 Authority Key Identifier:
keyid:A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/TGx0YdU2GU4JtwWyYv6qJ1Owi0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/pX1M_mD4owpND_lLlOut_IjJrBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.64.0/18
151.236.224.0/20
Signature Algorithm: sha256WithRSAEncryption
b8:bd:23:c4:84:a9:c0:0a:7d:d6:07:2d:a9:07:ca:63:d9:04:
3c:ee:e1:ba:41:5f:de:cc:cd:94:31:da:b5:dd:7c:a9:2d:48:
04:7f:ee:8f:40:58:15:6b:76:34:a6:1a:b1:79:db:54:15:29:
84:25:73:cd:b3:0a:91:6c:fe:e5:29:1f:dc:52:58:3a:f0:79:
fa:d3:ac:06:19:f5:1d:6a:bb:5d:e0:20:c3:84:82:e4:5e:68:
30:80:83:5a:dd:4a:58:7e:e7:03:7f:8b:a6:0e:0f:d0:aa:e0:
79:ad:72:b3:5f:09:b5:ef:f9:73:5c:02:da:4f:4c:dc:f8:ee:
54:66:91:ae:ea:85:83:d8:57:f6:31:88:96:9d:e1:1e:b0:f7:
24:db:9f:39:14:ea:a0:25:04:9f:aa:47:d5:4e:a0:4e:f4:49:
7d:b3:e1:52:ab:e9:cd:9c:fd:c5:12:4d:b3:f5:68:2c:ed:f8:
d9:80:a8:49:86:d5:38:4a:f6:2e:bd:1c:ed:57:c3:8a:19:97:
c9:d8:75:93:7f:ec:c0:03:cc:e0:22:79:c2:f0:cb:55:70:d6:
71:54:31:a7:2a:a9:52:8d:1d:af:68:cd:6a:46:33:44:3f:1f:
12:e6:fe:ba:2f:c6:a5:33:73:0f:8e:64:31:60:1d:82:87:63:
5a:31:28:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuuQKOJVbZQt24nkxhNfStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1N2Q0Y2ZlNjBmOGEzMGE0ZDBmZjk0Yjk0ZWJhZGZjODhj
OWFjMTEwHhcNMjMwMTAxMTkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzZjNzQ2MWQ1MzYxOTRlMDliNzA1YjI2MmZlYWEyNzUzYjA4YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhVytTGY634pISZUUiYyFEjgdr/W
zRQxp3an4/OZQxaPPTooA+u2tF+Dqa90Jy58IvAEI/eABPcBGYa+KbcxerUwg17n
lZ3KZPRWzdzplkRfrrVTZwjXUfImYo5vFWERnzPjwIgMXp0Fgp3XuPYbmAg27YCa
TXMIWjb+jx7xDDX4isMskAnwqPnoh1XbHeIGb6DTjz8Y0yyjOG2QxHeXQx6Jmv/L
fL9dDA2U3419WvcLqdnohlyNSFOy6KbxX6aGqeJhT3VFUq/TEZWbw+WUF0IvTd1r
u9LbG7k6d9U8d7DpuA8QHAndgmCDQb6+77Ax74tOByg1UP1CBbEA8mYlNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFExsdGHVNhlOCbcFsmL+qidTsItBMB8GA1UdIwQY
MBaAFKV9TP5g+KMKTQ/5S5TrrfyIyawRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgt
ZTgwZjMyMDczZjNkLzEvVEd4MFlkVTJHVTRKdHdXeVl2NnFKMU93aTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNk
LzEvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGW79AAwQE
l+zgMA0GCSqGSIb3DQEBCwUAA4IBAQC4vSPEhKnACn3WBy2pB8pj2QQ87uG6QV/e
zM2UMdq13XypLUgEf+6PQFgVa3Y0phqxedtUFSmEJXPNswqRbP7lKR/cUlg68Hn6
06wGGfUdartd4CDDhILkXmgwgINa3UpYfucDf4umDg/QquB5rXKzXwm17/lzXALa
T0zc+O5UZpGu6oWD2Ff2MYiWneEesPck2585FOqgJQSfqkfVTqBO9El9s+FSq+nN
nP3FEk2z9Wgs7fjZgKhJhtU4SvYuvRztV8OKGZfJ2HWTf+zAA8zgInnC8MtVcNZx
VDGnKqlSjR2vaM1qRjNEPx8S5v66L8alM3MPjmQxYB2Ch2NaMSjo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org