Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/FyeZIfNL-Ti1MAJKTBSKGO6b3EE.roa
File: FyeZIfNL-Ti1MAJKTBSKGO6b3EE.roa (raw, json)
Hash identifier: 2jMT8v0Vs0qN1DvsweB+hhzG7HolfoWFi0W1wb2VogA=
Subject key identifier: 17:27:99:21:F3:4B:F9:38:B5:30:02:4A:4C:14:8A:18:EE:9B:DC:41
Certificate issuer: /CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Certificate serial: 01856D2F282BFE702B1FDC5354A4F0EE379A
Authority key identifier: 9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/FyeZIfNL-Ti1MAJKTBSKGO6b3EE.roa
Signing time: Sun 01 Jan 2023 11:54:45 +0000
ROA not before: Sun 01 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34691
IP address blocks: 91.233.252.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:28:2b:fe:70:2b:1f:dc:53:54:a4:f0:ee:37:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Validity
Not Before: Jan 1 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17279921f34bf938b530024a4c148a18ee9bdc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:73:e5:f9:61:3e:3d:a5:97:4f:8a:f8:e0:d3:
9b:a1:fe:fc:f9:61:01:90:c3:d6:e2:ff:b8:cf:c5:
a7:29:d9:47:a8:1d:2e:59:22:a5:db:54:34:c8:eb:
8a:3f:9d:dd:c2:23:28:cd:19:cf:b8:96:ac:1b:80:
73:27:41:83:64:84:7b:4f:fd:db:52:64:43:f5:8f:
9e:22:13:81:3f:b5:84:fb:62:91:5e:d6:f7:80:b3:
c3:f6:bd:6f:11:67:9e:9c:d7:1f:df:30:6c:c8:e0:
5b:c8:4d:0e:82:31:62:c8:5d:43:d2:ef:04:43:4c:
34:54:28:41:ff:34:a6:0f:54:f7:5f:77:94:86:5a:
a0:64:e1:86:25:8f:d5:4a:43:51:e5:b9:89:e5:3d:
98:10:48:47:b4:4b:9f:c0:b1:ce:8a:b3:4a:5e:2f:
bc:76:bd:aa:ed:8a:8b:33:40:66:cd:b9:5c:63:f9:
a0:85:9c:df:15:d6:85:ee:36:65:1a:dd:be:77:31:
89:f7:db:d0:7a:69:31:46:a8:c7:34:be:ec:8b:c9:
48:08:59:59:29:50:b5:34:3b:d0:ca:ad:26:20:44:
d9:e1:dd:d3:61:03:f8:65:b5:42:31:67:ca:ed:b6:
f7:8d:2e:d6:22:2f:b6:23:bc:51:46:06:8a:4c:37:
b3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:27:99:21:F3:4B:F9:38:B5:30:02:4A:4C:14:8A:18:EE:9B:DC:41
X509v3 Authority Key Identifier:
keyid:9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/FyeZIfNL-Ti1MAJKTBSKGO6b3EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
57:d7:d2:3d:33:b6:03:f6:16:fd:2c:42:64:14:cc:3f:43:2d:
c9:f1:06:2a:95:10:26:ba:0f:7c:a9:ed:a2:73:c9:5f:cf:71:
80:37:00:b0:7d:bd:f0:67:de:e8:0b:3a:5c:6f:0e:73:47:36:
54:24:9f:67:60:28:4a:c3:17:96:cb:f8:a5:07:76:58:5b:93:
2b:97:f2:7e:fb:f5:21:e2:8a:38:11:86:c0:ae:fc:3f:8b:9b:
95:97:a6:a5:20:f3:71:14:4e:f8:99:c5:ae:dd:a1:d9:e2:bb:
93:4d:eb:06:8f:1d:37:26:d2:c7:f0:63:21:66:2a:85:d4:f4:
a9:de:b3:2b:57:4b:1a:6d:f4:2c:25:70:17:63:59:ab:ae:d7:
0d:34:ad:ed:93:eb:92:49:f2:04:cc:ac:90:fd:70:4b:1e:55:
12:5e:08:28:0e:1d:7d:8c:43:c7:f2:01:3b:56:22:6f:b6:4e:
72:97:00:c4:c6:5f:a3:b0:a9:9d:a7:8a:e1:55:00:b0:d4:da:
c5:27:e1:14:a7:14:58:a0:61:2b:63:1c:f8:59:1d:b9:51:7d:
08:92:a7:23:20:94:f1:3e:a0:99:70:b9:90:bb:29:83:0c:49:
39:81:14:de:e9:33:ee:dd:6b:1a:5a:98:91:92:e8:ad:a0:e7:
72:89:11:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLygr/nArH9xTVKTw7jeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNGVmMjBiYjZhODY3ZWNjZDg3ZmEwYWNhZTIyYzViZjYz
NGQ1MWIwHhcNMjMwMTAxMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI3OTkyMWYzNGJmOTM4YjUzMDAyNGE0YzE0OGExOGVlOWJkYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Pl+WE+PaWXT4r44NObof78+WEB
kMPW4v+4z8WnKdlHqB0uWSKl21Q0yOuKP53dwiMozRnPuJasG4BzJ0GDZIR7T/3b
UmRD9Y+eIhOBP7WE+2KRXtb3gLPD9r1vEWeenNcf3zBsyOBbyE0OgjFiyF1D0u8E
Q0w0VChB/zSmD1T3X3eUhlqgZOGGJY/VSkNR5bmJ5T2YEEhHtEufwLHOirNKXi+8
dr2q7YqLM0BmzblcY/mghZzfFdaF7jZlGt2+dzGJ99vQemkxRqjHNL7si8lICFlZ
KVC1NDvQyq0mIETZ4d3TYQP4ZbVCMWfK7bb3jS7WIi+2I7xRRgaKTDezVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcnmSHzS/k4tTACSkwUihjum9xBMB8GA1UdIwQY
MBaAFJ1O8gu2qGfszYf6CsriLFv2NNUbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblU3eUM3YW9aLXpOaF9vS3l1SXNXX1kwMVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83MTgxYTYtN2ZmNC00MGJhLTkzZGYt
Nzg4NWI3YjgzNzFjLzEvRnllWklmTkwtVGkxTUFKS1RCU0tHTzZiM0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83MTgxYTYtN2ZmNC00MGJhLTkzZGYtNzg4NWI3YjgzNzFj
LzEvblU3eUM3YW9aLXpOaF9vS3l1SXNXX1kwMVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+n8MA0G
CSqGSIb3DQEBCwUAA4IBAQBX19I9M7YD9hb9LEJkFMw/Qy3J8QYqlRAmug98qe2i
c8lfz3GANwCwfb3wZ97oCzpcbw5zRzZUJJ9nYChKwxeWy/ilB3ZYW5Mrl/J++/Uh
4oo4EYbArvw/i5uVl6alIPNxFE74mcWu3aHZ4ruTTesGjx03JtLH8GMhZiqF1PSp
3rMrV0sabfQsJXAXY1mrrtcNNK3tk+uSSfIEzKyQ/XBLHlUSXggoDh19jEPH8gE7
ViJvtk5ylwDExl+jsKmdp4rhVQCw1NrFJ+EUpxRYoGErYxz4WR25UX0IkqcjIJTx
PqCZcLmQuymDDEk5gRTe6TPu3WsaWpiRkuitoOdyiRHC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:10 2024 by rpki-client on console-ams.rpki-client.org