Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/Lo7Ye0wlooTWsfygGb4J9OGCPZI.roa
File: Lo7Ye0wlooTWsfygGb4J9OGCPZI.roa (raw, json)
Hash identifier: SP09Z+yMdiaVRYO7BZ8csWgzoHIK6AMxQT4LQc9cYlI=
Subject key identifier: 2E:8E:D8:7B:4C:25:A2:84:D6:B1:FC:A0:19:BE:09:F4:E1:82:3D:92
Certificate issuer: /CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Certificate serial: 038310B1
Authority key identifier: 9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/Lo7Ye0wlooTWsfygGb4J9OGCPZI.roa
Signing time: Sat 01 Jan 2022 14:07:52 +0000
ROA not before: Sat 01 Jan 2022 14:07:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198349
IP address blocks: 91.233.254.0/23 maxlen: 24
185.19.140.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58921137 (0x38310b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4ef20bb6a867eccd87fa0acae22c5bf634d51b
Validity
Not Before: Jan 1 14:07:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e8ed87b4c25a284d6b1fca019be09f4e1823d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:fa:fb:68:ef:18:f7:c6:ec:2f:fc:31:ee:
53:9c:00:ef:71:8f:b9:82:87:00:57:ab:52:60:05:
f9:95:a2:05:f4:00:5f:a8:be:44:98:fd:80:a7:44:
72:cf:be:5c:da:55:85:8a:51:da:e8:ba:74:32:fd:
93:51:bc:ed:0f:4e:28:da:89:34:c2:a3:ba:83:d1:
da:21:89:fd:b5:ea:2d:98:1d:7c:4b:bc:33:19:fa:
95:0e:65:22:5e:43:34:0e:08:63:00:04:39:03:7d:
48:c7:79:36:23:ef:f1:8a:36:73:17:e0:a4:b4:fd:
60:d1:43:73:53:a9:83:0a:29:9b:29:ae:7c:37:8e:
7e:d3:49:63:3a:79:ce:5a:8d:1c:c1:f9:51:77:1c:
ec:c3:5c:11:0a:c0:c3:8e:f3:98:73:5c:ec:1b:ed:
c2:b2:82:27:19:62:79:27:97:13:55:e4:b8:cf:13:
d2:b0:d5:65:21:a1:ce:67:14:ac:4a:ec:5e:12:a9:
4f:22:dd:a5:0c:eb:16:b8:6e:aa:8e:4d:a5:59:c3:
0a:b7:14:79:84:bd:38:6f:1c:8b:f9:de:31:18:7d:
57:27:8b:e7:14:c9:a7:4a:58:76:d6:1d:4f:df:d4:
74:b6:64:72:5f:8a:30:19:21:11:11:d3:71:62:3c:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8E:D8:7B:4C:25:A2:84:D6:B1:FC:A0:19:BE:09:F4:E1:82:3D:92
X509v3 Authority Key Identifier:
keyid:9D:4E:F2:0B:B6:A8:67:EC:CD:87:FA:0A:CA:E2:2C:5B:F6:34:D5:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/Lo7Ye0wlooTWsfygGb4J9OGCPZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/7181a6-7ff4-40ba-93df-7885b7b8371c/1/nU7yC7aoZ-zNh_oKyuIsW_Y01Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.254.0/23
185.19.140.0/22
Signature Algorithm: sha256WithRSAEncryption
16:f3:8f:2c:25:c0:9b:ff:73:7b:62:e1:9c:7a:01:9e:5e:7c:
00:e8:1b:09:62:56:20:2a:ce:78:3a:b1:30:e6:8b:7c:36:81:
15:00:a9:1b:d6:d0:10:3d:9c:26:c7:c8:03:a0:ea:05:0d:e4:
b6:db:3a:d7:aa:93:69:9e:19:43:28:46:c7:69:d1:bd:1e:98:
bc:99:83:05:77:5c:82:75:7b:39:ba:23:dc:c1:c6:1b:18:45:
ef:ab:9e:ed:d9:5d:f4:25:0e:35:db:b0:21:c8:76:fb:8c:29:
d8:9e:a3:9a:12:e2:d2:10:6e:6e:ce:f2:b9:06:a3:5e:54:f8:
b0:c5:3d:9c:0a:f6:fd:bc:68:33:9c:39:84:07:84:8f:d7:be:
4f:3c:9a:e3:04:25:39:bc:8a:a9:03:49:8d:d4:ef:e4:2a:fb:
c0:61:c9:f2:51:14:86:f4:bc:44:6b:71:a5:d8:2a:39:75:99:
19:92:35:02:0d:a9:54:4f:33:26:99:51:68:34:ac:34:f8:fb:
d4:2a:10:c6:18:89:94:95:88:40:39:71:e2:01:c8:bb:a2:50:
66:b7:df:60:ba:d6:3c:23:70:bc:3d:e2:38:0c:dd:b1:85:36:
b4:93:f6:51:e2:5f:94:b7:8f:05:ec:ec:3c:2b:07:d3:47:36:
24:8f:37:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA4MQsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDRlZjIwYmI2YTg2N2VjY2Q4N2ZhMGFjYWUyMmM1YmY2MzRkNTFiMB4XDTIyMDEw
MTE0MDc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU4ZWQ4N2I0YzI1
YTI4NGQ2YjFmY2EwMTliZTA5ZjRlMTgyM2Q5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmX+vto7xj3xuwv/DHuU5wA73GPuYKHAFerUmAF+ZWiBfQA
X6i+RJj9gKdEcs++XNpVhYpR2ui6dDL9k1G87Q9OKNqJNMKjuoPR2iGJ/bXqLZgd
fEu8Mxn6lQ5lIl5DNA4IYwAEOQN9SMd5NiPv8Yo2cxfgpLT9YNFDc1Opgwopmymu
fDeOftNJYzp5zlqNHMH5UXcc7MNcEQrAw47zmHNc7BvtwrKCJxlieSeXE1XkuM8T
0rDVZSGhzmcUrErsXhKpTyLdpQzrFrhuqo5NpVnDCrcUeYS9OG8ci/neMRh9VyeL
5xTJp0pYdtYdT9/UdLZkcl+KMBkhERHTcWI8p78CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQujth7TCWihNax/KAZvgn04YI9kjAfBgNVHSMEGDAWgBSdTvILtqhn7M2H
+grK4ixb9jTVGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25VN3lDN2FvWi16Tmhfb0t5dUlzV19ZMDFScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvNzE4MWE2LTdmZjQtNDBiYS05M2RmLTc4ODViN2I4MzcxYy8x
L0xvN1llMHdsb29UV3NmeWdHYjRKOU9HQ1BaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
NzE4MWE2LTdmZjQtNDBiYS05M2RmLTc4ODViN2I4MzcxYy8xL25VN3lDN2FvWi16
Tmhfb0t5dUlzV19ZMDFScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVvp/gMEArkTjDANBgkqhkiG9w0B
AQsFAAOCAQEAFvOPLCXAm/9ze2LhnHoBnl58AOgbCWJWICrOeDqxMOaLfDaBFQCp
G9bQED2cJsfIA6DqBQ3ktts616qTaZ4ZQyhGx2nRvR6YvJmDBXdcgnV7Oboj3MHG
GxhF76ue7dld9CUONduwIch2+4wp2J6jmhLi0hBubs7yuQajXlT4sMU9nAr2/bxo
M5w5hAeEj9e+Tzya4wQlObyKqQNJjdTv5Cr7wGHJ8lEUhvS8RGtxpdgqOXWZGZI1
Ag2pVE8zJplRaDSsNPj71CoQxhiJlJWIQDlx4gHIu6JQZrffYLrWPCNwvD3iOAzd
sYU2tJP2UeJflLePBezsPCsH00c2JI83bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:40 2024 by rpki-client on console-fra.rpki-client.org