Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/fyKzWdQht4X0MSoL-OPYL3ivhoY.roa
File: fyKzWdQht4X0MSoL-OPYL3ivhoY.roa (raw, json)
Hash identifier: J5u2E72XbOY1JIpXK8I053AYc3LvCl7e+G4PQEYzVs4=
Subject key identifier: 7F:22:B3:59:D4:21:B7:85:F4:31:2A:0B:F8:E3:D8:2F:78:AF:86:86
Certificate issuer: /CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Certificate serial: 640254
Authority key identifier: A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/fyKzWdQht4X0MSoL-OPYL3ivhoY.roa
Signing time: Wed 15 Jun 2022 04:46:44 +0000
ROA not before: Wed 15 Jun 2022 04:46:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5610
IP address blocks: 151.236.224.0/20 maxlen: 24
91.191.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6554196 (0x640254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Validity
Not Before: Jun 15 04:46:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f22b359d421b785f4312a0bf8e3d82f78af8686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ba:75:c8:a6:56:4b:af:35:d5:65:6c:0a:c1:
70:e9:26:c8:55:0e:32:86:0f:d5:b8:ea:0c:fc:6c:
d4:6d:6f:e0:59:da:a9:3f:e6:03:9f:08:05:22:5b:
e8:3c:14:4a:89:5f:8e:3b:c5:09:e6:bc:64:3d:a8:
c4:17:2e:e9:ba:36:61:35:8e:e8:58:b5:46:04:15:
8b:82:4a:d8:aa:74:68:74:94:cc:4a:1c:b6:5d:a1:
09:ab:88:92:d2:e0:fb:0a:8f:18:0e:8a:c8:39:93:
1b:e1:3b:8a:e1:92:35:91:cc:a4:7f:5f:c7:2b:23:
ca:a5:57:41:36:12:1e:2b:f7:07:69:6b:60:65:c6:
9c:cc:ad:7e:fa:b3:4e:a3:52:94:15:eb:ec:07:e8:
2b:50:ef:53:a1:47:ad:78:80:da:a0:4c:37:40:b1:
4f:80:ab:cd:ce:44:c2:84:74:a6:a0:78:60:a3:12:
89:50:f7:c1:49:a0:32:fe:23:45:5b:64:1e:14:d5:
93:89:75:66:26:b2:6b:a1:ac:37:54:6d:00:db:d3:
45:ad:6e:b0:9c:68:1a:dd:6c:ae:c0:29:11:82:0c:
7f:90:49:71:c8:69:99:58:71:50:72:9c:9f:28:46:
ce:40:20:49:39:a8:39:e4:73:c8:ad:71:d3:47:57:
cb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:22:B3:59:D4:21:B7:85:F4:31:2A:0B:F8:E3:D8:2F:78:AF:86:86
X509v3 Authority Key Identifier:
keyid:A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/fyKzWdQht4X0MSoL-OPYL3ivhoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/pX1M_mD4owpND_lLlOut_IjJrBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.64.0/18
151.236.224.0/20
Signature Algorithm: sha256WithRSAEncryption
55:e8:e5:e7:96:23:40:75:99:93:65:5b:d6:97:26:17:c3:11:
00:71:a7:89:96:f4:12:d6:26:b0:22:04:7f:9e:e1:ea:54:cb:
7b:7b:64:1e:a9:23:3c:ed:23:01:24:40:99:de:21:be:18:69:
42:a0:2c:5c:6d:4b:7b:0e:a1:26:96:04:5f:f6:06:0f:f7:c2:
68:16:77:5d:58:99:76:4f:20:74:5b:41:b6:6d:e3:36:d8:e9:
41:fb:77:5b:ba:e9:c8:82:3c:97:f9:9e:07:82:80:c8:4a:13:
48:eb:ac:85:21:e4:45:af:fb:e8:70:5b:f7:11:76:da:ff:57:
01:8a:df:71:71:c3:16:4c:dc:d2:53:44:81:0c:aa:5d:4a:21:
14:e8:03:6f:59:91:3f:93:b0:5e:0e:7a:29:34:a5:47:3b:23:
ca:ef:b2:e7:de:07:e8:59:4e:8b:fc:64:02:7b:ae:e5:f3:8a:
b1:ae:d2:33:b8:40:4a:e6:15:25:59:7b:64:8e:a3:59:69:84:
19:b6:c5:da:e7:1d:78:8d:03:ef:71:c8:e9:da:a7:5c:0a:76:
ed:80:a9:d1:c1:e1:1d:0f:a1:b3:8c:1b:82:ac:99:3b:e2:90:
b5:31:29:ec:da:4d:3f:ff:c2:a9:d2:32:d5:78:07:3f:25:ec:
29:6f:78:9c
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDZAJUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
N2Q0Y2ZlNjBmOGEzMGE0ZDBmZjk0Yjk0ZWJhZGZjODhjOWFjMTEwHhcNMjIwNjE1
MDQ0NjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZjIyYjM1OWQ0MjFi
Nzg1ZjQzMTJhMGJmOGUzZDgyZjc4YWY4Njg2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtbp1yKZWS6811WVsCsFw6SbIVQ4yhg/VuOoM/GzUbW/gWdqp
P+YDnwgFIlvoPBRKiV+OO8UJ5rxkPajEFy7pujZhNY7oWLVGBBWLgkrYqnRodJTM
Shy2XaEJq4iS0uD7Co8YDorIOZMb4TuK4ZI1kcykf1/HKyPKpVdBNhIeK/cHaWtg
ZcaczK1++rNOo1KUFevsB+grUO9ToUeteIDaoEw3QLFPgKvNzkTChHSmoHhgoxKJ
UPfBSaAy/iNFW2QeFNWTiXVmJrJroaw3VG0A29NFrW6wnGga3WyuwCkRggx/kElx
yGmZWHFQcpyfKEbOQCBJOag55HPIrXHTR1fLOwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFH8is1nUIbeF9DEqC/jj2C94r4aGMB8GA1UdIwQYMBaAFKV9TP5g+KMKTQ/5
S5TrrfyIyawRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNkLzEv
ZnlLeldkUWh0NFgwTVNvTC1PUFlMM2l2aG9ZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80
OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNkLzEvcFgxTV9tRDRvd3BO
RF9sTGxPdXRfSWpKckJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGW79AAwQEl+zgMA0GCSqGSIb3DQEB
CwUAA4IBAQBV6OXnliNAdZmTZVvWlyYXwxEAcaeJlvQS1iawIgR/nuHqVMt7e2Qe
qSM87SMBJECZ3iG+GGlCoCxcbUt7DqEmlgRf9gYP98JoFnddWJl2TyB0W0G2beM2
2OlB+3dbuunIgjyX+Z4HgoDIShNI66yFIeRFr/vocFv3EXba/1cBit9xccMWTNzS
U0SBDKpdSiEU6ANvWZE/k7BeDnopNKVHOyPK77Ln3gfoWU6L/GQCe67l84qxrtIz
uEBK5hUlWXtkjqNZaYQZtsXa5x14jQPvccjp2qdcCnbtgKnRweEdD6GzjBuCrJk7
4pC1MSns2k0//8Kp0jLVeAc/Jewpb3ic
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org