Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8Lf4qVaHWNlQC3sEouQyqrRggnw.roa
File: 8Lf4qVaHWNlQC3sEouQyqrRggnw.roa (raw, json)
Hash identifier: m6ZjtLkeKMJLkbnMSi0tCysyir7IeBnNcLAUSzdVrwg=
Subject key identifier: F0:B7:F8:A9:56:87:58:D9:50:0B:7B:04:A2:E4:32:AA:B4:60:82:7C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D560674597079E6F21A618B61DAD32
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8Lf4qVaHWNlQC3sEouQyqrRggnw.roa
Signing time: Mon 02 Jan 2023 04:55:10 +0000
ROA not before: Mon 02 Jan 2023 04:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61014
IP address blocks: 91.191.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:60:67:45:97:07:9e:6f:21:a6:18:b6:1d:ad:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0b7f8a9568758d9500b7b04a2e432aab460827c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7b:65:03:af:fa:26:3e:8b:85:53:7f:af:f4:
af:7c:45:a8:95:b4:ce:f2:cd:66:c6:71:a5:22:3b:
0e:5e:3a:76:87:bc:19:38:f9:75:2d:f0:dc:c7:02:
fa:7f:90:26:31:67:2d:9b:b1:fb:44:6f:bb:82:12:
fa:34:62:c3:be:86:d5:53:f8:5a:ff:47:0b:d9:8f:
28:c6:00:fd:a3:c6:7f:9c:98:3e:b7:26:18:8c:d4:
db:00:d1:fa:0b:4d:9f:40:ae:15:81:a4:92:b6:01:
c6:87:ef:be:3a:4f:40:70:98:58:f9:fe:06:44:43:
90:fc:c8:4a:35:fd:c9:71:de:34:09:d1:4a:bb:b3:
f5:48:62:c1:49:4a:38:70:7a:3f:5e:fa:b4:99:35:
82:67:ed:8c:3d:82:dc:93:0e:0c:da:14:39:35:d5:
67:35:16:78:8e:e2:cd:66:3a:4b:8f:b5:ae:7a:6f:
9c:87:40:af:72:34:b3:1d:58:8f:1d:72:21:d0:9d:
92:e6:06:12:b8:5f:51:eb:90:88:cc:2c:3c:7b:41:
b0:b7:19:aa:cf:4d:bc:fd:dd:9b:5c:0f:b1:da:16:
4a:c3:3e:56:45:aa:dd:31:e8:b4:86:9c:9d:8b:6f:
32:a6:69:9e:e3:22:03:9b:dd:bf:3b:f7:fe:ec:20:
1a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B7:F8:A9:56:87:58:D9:50:0B:7B:04:A2:E4:32:AA:B4:60:82:7C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8Lf4qVaHWNlQC3sEouQyqrRggnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.187.0/24
Signature Algorithm: sha256WithRSAEncryption
33:41:2a:9d:52:3a:02:fe:00:81:d7:3c:7f:39:ce:d8:f9:54:
76:6d:19:10:a7:a9:8b:8b:df:27:8b:8b:15:98:1d:b1:73:e8:
cb:a4:99:7b:e2:5d:01:9f:49:92:48:96:3a:61:73:b9:2a:fa:
dc:65:d1:82:17:e9:0b:37:6d:af:11:d0:a0:68:25:51:94:16:
ad:58:63:0f:db:d1:cf:83:a9:07:db:7d:44:c6:1b:85:e9:e1:
32:34:8a:f2:92:cc:01:fd:b6:73:d2:69:d7:f7:8f:0d:7d:d2:
06:9b:f6:cb:64:81:aa:6d:8e:30:c4:8f:41:8e:06:eb:e1:25:
be:89:fa:27:16:ee:76:b1:cc:f6:f2:2e:3c:87:a1:59:4b:4d:
df:ac:0d:75:a6:6b:7d:71:21:15:74:fa:2f:ec:bb:71:3c:b0:
e7:c5:24:6b:c6:91:2d:c2:0d:1a:f1:48:b0:69:cb:51:5b:38:
f6:61:7a:85:77:f2:eb:af:f9:e5:93:05:ca:3c:e5:73:fc:47:
ee:8e:c8:59:33:02:c5:5c:b0:20:84:42:37:84:71:de:2b:ea:
51:e1:16:9f:79:da:9c:f4:a8:78:43:7e:4a:51:c1:46:6b:38:
99:d2:76:53:37:c4:36:2f:c5:40:6c:e4:fb:ed:df:87:a8:2f:
d8:0e:48:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1WBnRZcHnm8hphi2Ha0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGI3ZjhhOTU2ODc1OGQ5NTAwYjdiMDRhMmU0MzJhYWI0NjA4MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HtlA6/6Jj6LhVN/r/SvfEWolbTO
8s1mxnGlIjsOXjp2h7wZOPl1LfDcxwL6f5AmMWctm7H7RG+7ghL6NGLDvobVU/ha
/0cL2Y8oxgD9o8Z/nJg+tyYYjNTbANH6C02fQK4VgaSStgHGh+++Ok9AcJhY+f4G
REOQ/MhKNf3Jcd40CdFKu7P1SGLBSUo4cHo/Xvq0mTWCZ+2MPYLckw4M2hQ5NdVn
NRZ4juLNZjpLj7Wuem+ch0CvcjSzHViPHXIh0J2S5gYSuF9R65CIzCw8e0Gwtxmq
z028/d2bXA+x2hZKwz5WRardMei0hpydi28ypmme4yIDm92/O/f+7CAaLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPC3+KlWh1jZUAt7BKLkMqq0YIJ8MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvOExmNHFWYUhXTmxRQzNzRW91UXlxclJnZ253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7+7MA0G
CSqGSIb3DQEBCwUAA4IBAQAzQSqdUjoC/gCB1zx/Oc7Y+VR2bRkQp6mLi98ni4sV
mB2xc+jLpJl74l0Bn0mSSJY6YXO5KvrcZdGCF+kLN22vEdCgaCVRlBatWGMP29HP
g6kH231ExhuF6eEyNIrykswB/bZz0mnX948NfdIGm/bLZIGqbY4wxI9Bjgbr4SW+
ifonFu52scz28i48h6FZS03frA11pmt9cSEVdPov7LtxPLDnxSRrxpEtwg0a8Uiw
actRWzj2YXqFd/Lrr/nlkwXKPOVz/EfujshZMwLFXLAghEI3hHHeK+pR4Rafedqc
9Kh4Q35KUcFGaziZ0nZTN8Q2L8VAbOT77d+HqC/YDkjc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:52 2023 by rpki-client on console-ams.rpki-client.org