Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/7H3rayCkvEJUnu3s6WFMqc48WcU.roa
File: 7H3rayCkvEJUnu3s6WFMqc48WcU.roa (raw, json)
Hash identifier: /Lj2oPwI0omaoJyRp2rhlCtemCO+Zjv0SGctZb07VLI=
Subject key identifier: EC:7D:EB:6B:20:A4:BC:42:54:9E:ED:EC:E9:61:4C:A9:CE:3C:59:C5
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 097A030B
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/7H3rayCkvEJUnu3s6WFMqc48WcU.roa
Signing time: Sat 01 Jan 2022 13:07:17 +0000
ROA not before: Sat 01 Jan 2022 13:07:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57899
IP address blocks: 91.236.134.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158991115 (0x97a030b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Jan 1 13:07:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec7deb6b20a4bc42549eedece9614ca9ce3c59c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:56:d8:14:13:c0:db:da:01:db:d6:aa:68:
04:a1:0a:d3:64:1a:b8:4e:8d:47:e5:9d:a1:dc:3f:
e0:03:0f:e8:24:2b:3b:58:47:43:8b:4b:de:ed:bd:
eb:3c:35:31:8d:63:93:6c:4b:26:db:3c:63:79:5f:
91:73:b3:6a:eb:54:e5:99:fc:ec:20:bc:07:1e:58:
bf:7a:a4:6f:8f:2e:30:be:f6:00:b4:a4:a6:f5:61:
3a:b9:04:46:76:5b:5a:50:e3:0c:eb:b8:93:a7:a1:
63:d9:36:44:cb:16:08:7a:57:23:68:27:77:21:23:
29:b5:7d:bc:c4:5a:f1:71:bd:b2:e4:ad:77:9c:1c:
01:2b:d9:8b:98:c4:48:35:c9:bd:98:d9:77:93:84:
44:8c:64:8d:ef:28:40:cb:ee:04:6b:1e:70:ce:86:
83:a1:b7:d4:37:6e:14:b4:82:ca:b0:22:a0:99:f2:
f2:21:fe:0b:f2:b2:dd:3b:0d:83:41:d2:be:75:6b:
2d:20:f6:b9:69:fd:b1:fb:15:fc:35:68:16:90:9c:
f1:8a:a6:fc:aa:3e:fb:8f:55:06:38:6e:97:df:00:
5b:02:ef:7d:97:80:7f:9a:ad:b3:26:bd:0d:ee:5a:
97:6a:e6:48:ca:01:aa:1f:ff:7c:6d:7c:80:33:b4:
ca:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7D:EB:6B:20:A4:BC:42:54:9E:ED:EC:E9:61:4C:A9:CE:3C:59:C5
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/7H3rayCkvEJUnu3s6WFMqc48WcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.134.0/23
Signature Algorithm: sha256WithRSAEncryption
10:14:ae:08:9a:3d:5f:82:f8:81:df:f6:ae:4c:c6:18:af:d8:
6c:03:d8:24:46:c5:f3:f4:de:08:03:a5:34:20:44:ee:e0:cf:
79:b3:a9:7a:06:c2:74:ae:dc:28:9e:94:66:63:0f:24:5a:6a:
97:43:0d:59:3c:02:9a:85:cc:2f:94:1d:30:01:bc:50:99:aa:
95:3e:d0:a7:2c:ed:2a:af:e0:a8:3d:04:55:c8:7e:b8:09:09:
bf:af:98:b3:d5:69:36:89:e0:47:8e:89:01:74:b3:98:ef:98:
f8:c9:e3:c1:25:6e:3a:35:47:19:b6:80:c5:c0:07:24:9e:9b:
1c:8b:bc:77:64:bb:ae:51:66:18:82:46:8c:4e:b4:ea:b0:ef:
17:ea:52:4c:5c:dd:88:a6:78:44:c2:f2:be:ed:32:e2:94:bf:
ee:d2:83:99:fd:9d:b9:a3:56:0e:4e:9b:94:66:05:c6:37:80:
44:43:5a:4e:d7:99:c1:eb:9b:8b:ef:12:42:24:ab:31:e2:81:
26:ba:2e:df:f6:01:ed:92:f6:8f:80:38:6c:b7:e6:11:e1:3a:
9e:f3:23:40:3e:a1:f0:87:fd:b6:12:48:74:ee:3d:8e:30:51:
5a:29:db:88:cc:d8:d5:71:ec:1f:66:86:ab:c4:9a:8f:e9:9e:
9e:38:d3:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECXoDCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTJlY2U5YzlhMzI0ZDQ1YzM1Zjk1NTlmMzI5ZDg4NjlkYWI1M2JhMB4XDTIyMDEw
MTEzMDcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM3ZGViNmIyMGE0
YmM0MjU0OWVlZGVjZTk2MTRjYTljZTNjNTljNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM36VtgUE8Db2gHb1qpoBKEK02QauE6NR+Wdodw/4AMP6CQr
O1hHQ4tL3u296zw1MY1jk2xLJts8Y3lfkXOzautU5Zn87CC8Bx5Yv3qkb48uML72
ALSkpvVhOrkERnZbWlDjDOu4k6ehY9k2RMsWCHpXI2gndyEjKbV9vMRa8XG9suSt
d5wcASvZi5jESDXJvZjZd5OERIxkje8oQMvuBGsecM6Gg6G31DduFLSCyrAioJny
8iH+C/Ky3TsNg0HSvnVrLSD2uWn9sfsV/DVoFpCc8Yqm/Ko++49VBjhul98AWwLv
fZeAf5qtsya9De5al2rmSMoBqh//fG18gDO0ysMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsfetrIKS8QlSe7ezpYUypzjxZxTAfBgNVHSMEGDAWgBSFLs6cmjJNRcNf
lVnzKdiGnatTujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hTN09uSm95VFVYRFg1Vlo4eW5ZaHAyclU3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvZDNjY2U2LWI0N2ItNGQwNi1hMzBmLWViMjQxMWQyMTJhYi8x
LzdIM3JheUNrdkVKVW51M3M2V0ZNcWM0OFdjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
ZDNjY2U2LWI0N2ItNGQwNi1hMzBmLWViMjQxMWQyMTJhYi8xL2hTN09uSm95VFVY
RFg1Vlo4eW5ZaHAyclU3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvshjANBgkqhkiG9w0BAQsFAAOC
AQEAEBSuCJo9X4L4gd/2rkzGGK/YbAPYJEbF8/TeCAOlNCBE7uDPebOpegbCdK7c
KJ6UZmMPJFpql0MNWTwCmoXML5QdMAG8UJmqlT7QpyztKq/gqD0EVch+uAkJv6+Y
s9VpNongR46JAXSzmO+Y+MnjwSVuOjVHGbaAxcAHJJ6bHIu8d2S7rlFmGIJGjE60
6rDvF+pSTFzdiKZ4RMLyvu0y4pS/7tKDmf2duaNWDk6blGYFxjeARENaTteZweub
i+8SQiSrMeKBJrou3/YB7ZL2j4A4bLfmEeE6nvMjQD6h8If9thJIdO49jjBRWinb
iMzY1XHsH2aGq8Saj+menjjTpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:41 2024 by rpki-client on console-fra.rpki-client.org