Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Ob4YgOqO3rfcTdAi-x2ccWvY3TM.roa
File: Ob4YgOqO3rfcTdAi-x2ccWvY3TM.roa (raw, json)
Hash identifier: yuaQgKoqaNaxoH+GwWevS9QUkLapL+x/tCLc5W5l71s=
Subject key identifier: 39:BE:18:80:EA:8E:DE:B7:DC:4D:D0:22:FB:1D:9C:71:6B:D8:DD:33
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018572035DD1927EFEAA5426FC1525D7B12E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Ob4YgOqO3rfcTdAi-x2ccWvY3TM.roa
Signing time: Mon 02 Jan 2023 10:25:01 +0000
ROA not before: Mon 02 Jan 2023 10:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42532
IP address blocks: 91.197.0.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:5d:d1:92:7e:fe:aa:54:26:fc:15:25:d7:b1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39be1880ea8edeb7dc4dd022fb1d9c716bd8dd33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e3:5b:1c:46:2a:3e:20:56:70:27:c5:0c:ea:
57:24:5a:eb:b7:79:46:95:f2:2c:ec:a6:1b:3a:64:
eb:13:38:f1:07:4e:ce:7b:03:16:eb:4d:d1:08:b6:
8f:95:7c:45:d2:ee:53:67:66:62:0e:44:2b:3e:15:
5d:42:9c:84:00:10:59:84:32:2f:15:86:23:85:26:
02:9b:28:7a:f0:df:29:47:fd:04:79:37:22:ee:34:
98:10:cf:2b:55:d3:26:ce:60:64:4d:35:5b:df:79:
34:51:38:e8:a1:a1:46:33:2f:22:0c:71:98:7a:11:
27:f6:7d:f7:46:2d:a9:43:99:ec:b8:37:70:e5:07:
2e:7f:5c:c8:51:43:17:61:19:7f:fd:25:35:99:a0:
3e:7f:80:f1:4b:35:c8:76:b5:7e:24:49:c8:ce:58:
24:bf:3b:fd:71:18:88:41:11:97:e3:56:b0:8a:58:
36:86:73:65:9e:7b:bc:51:b8:e7:76:40:0b:9c:d1:
05:9f:08:2f:0c:92:16:38:52:14:29:b7:83:0e:df:
e4:14:4f:6f:d9:19:b8:e9:7b:b6:a3:aa:bf:00:d6:
fa:41:ab:8b:ae:1b:93:ca:37:0f:68:50:7d:bb:31:
61:2f:de:b1:e7:ba:70:52:cf:82:1d:61:98:ff:95:
61:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BE:18:80:EA:8E:DE:B7:DC:4D:D0:22:FB:1D:9C:71:6B:D8:DD:33
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Ob4YgOqO3rfcTdAi-x2ccWvY3TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:e2:d6:9d:d8:28:41:bb:a0:55:ed:e4:35:be:fe:60:c3:e4:
f6:af:54:33:d9:ec:14:c0:96:79:00:bc:35:f2:9b:74:6e:38:
2a:c7:dc:6a:59:0d:9f:a0:9b:9e:b3:59:37:28:0e:23:4b:0f:
d8:7b:e8:8f:01:ab:a9:59:0a:74:fc:f1:0f:53:1d:eb:8f:f7:
20:38:a6:23:3f:8c:39:6d:84:2f:95:49:ae:90:7b:93:98:2c:
6d:73:f9:1c:91:9b:c3:34:28:d9:09:03:1d:2a:f7:bf:09:e4:
d1:b1:e0:f7:1f:6f:58:fe:54:a0:93:5f:de:1d:ad:08:8a:e7:
a4:a9:0f:db:58:a8:6d:07:c9:a5:7b:d8:f8:95:19:f1:2b:77:
e2:19:f2:49:1d:44:ab:62:8b:b2:4a:bf:99:dc:a5:78:0c:81:
9d:04:ee:ee:37:0d:8a:73:6c:63:24:d2:1d:0f:80:95:7d:c3:
87:d9:23:11:24:47:09:f3:2c:0e:f6:bb:d2:80:d6:e5:56:d6:
1f:e5:ec:15:0b:38:b6:5d:d0:6f:5e:02:8a:48:10:99:42:82:
69:20:dc:0c:51:73:2d:d9:e5:f6:91:bf:d5:26:51:21:bd:6b:
43:48:73:53:36:67:6f:46:8e:1c:5e:ec:b9:1c:da:eb:02:6c:
46:86:c1:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA13Rkn7+qlQm/BUl17EuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJlMTg4MGVhOGVkZWI3ZGM0ZGQwMjJmYjFkOWM3MTZiZDhkZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+NbHEYqPiBWcCfFDOpXJFrrt3lG
lfIs7KYbOmTrEzjxB07OewMW603RCLaPlXxF0u5TZ2ZiDkQrPhVdQpyEABBZhDIv
FYYjhSYCmyh68N8pR/0EeTci7jSYEM8rVdMmzmBkTTVb33k0UTjooaFGMy8iDHGY
ehEn9n33Ri2pQ5nsuDdw5Qcuf1zIUUMXYRl//SU1maA+f4DxSzXIdrV+JEnIzlgk
vzv9cRiIQRGX41awilg2hnNlnnu8UbjndkALnNEFnwgvDJIWOFIUKbeDDt/kFE9v
2Rm46Xu2o6q/ANb6QauLrhuTyjcPaFB9uzFhL96x57pwUs+CHWGY/5VhmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDm+GIDqjt633E3QIvsdnHFr2N0zMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvT2I0WWdPcU8zcmZjVGRBaS14MmNjV3ZZM1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8UAMA0G
CSqGSIb3DQEBCwUAA4IBAQCw4tad2ChBu6BV7eQ1vv5gw+T2r1Qz2ewUwJZ5ALw1
8pt0bjgqx9xqWQ2foJues1k3KA4jSw/Ye+iPAaupWQp0/PEPUx3rj/cgOKYjP4w5
bYQvlUmukHuTmCxtc/kckZvDNCjZCQMdKve/CeTRseD3H29Y/lSgk1/eHa0Iiuek
qQ/bWKhtB8mle9j4lRnxK3fiGfJJHUSrYouySr+Z3KV4DIGdBO7uNw2Kc2xjJNId
D4CVfcOH2SMRJEcJ8ywO9rvSgNblVtYf5ewVCzi2XdBvXgKKSBCZQoJpINwMUXMt
2eX2kb/VJlEhvWtDSHNTNmdvRo4cXuy5HNrrAmxGhsHm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org