Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XgUfF6juBdeJmitAtIBwSq3aB0Q.roa
File: XgUfF6juBdeJmitAtIBwSq3aB0Q.roa (raw, json)
Hash identifier: BORYg30sq8ZSdugseLnCOhoFjsrWQX+7p1UzEcaNozw=
Subject key identifier: 5E:05:1F:17:A8:EE:05:D7:89:9A:2B:40:B4:80:70:4A:AD:DA:07:44
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE2FB8E4D358D882E84E860BB934FF
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XgUfF6juBdeJmitAtIBwSq3aB0Q.roa
Signing time: Tue 02 Jan 2024 06:30:53 +0000
ROA not before: Tue 02 Jan 2024 06:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35591
IP address blocks: 91.223.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:2f:b8:e4:d3:58:d8:82:e8:4e:86:0b:b9:34:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e051f17a8ee05d7899a2b40b480704aadda0744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ea:ab:5a:ce:2b:3d:9d:9a:1d:59:9a:30:0f:
32:7c:7c:d5:94:71:c6:66:89:2d:df:a8:54:f3:d8:
3d:93:c4:10:29:08:17:4c:4f:c8:bd:27:54:cc:0b:
61:37:30:76:fa:be:2d:e9:21:72:25:d4:cc:dc:5e:
4f:a8:f1:45:c8:31:63:80:a6:21:bd:4e:b3:47:a7:
7f:4b:2d:a5:8f:83:12:09:5b:09:67:06:fa:6f:70:
e9:e9:ae:29:93:93:99:7c:4c:a4:83:a0:bc:89:7a:
a7:27:76:26:28:34:3c:2a:20:6e:2a:46:27:2a:52:
11:1d:58:54:33:52:4f:fa:fe:bc:9a:b1:d0:4d:61:
ad:0f:03:61:2a:65:5e:0c:14:aa:36:a4:37:fa:f5:
eb:a3:7f:3d:d7:41:90:17:02:83:42:00:1f:0e:ce:
59:e6:63:2d:01:3e:ae:99:65:54:f3:f9:de:66:97:
9e:9e:ff:86:11:c6:0c:4d:14:08:a0:dc:06:c5:f2:
12:6c:ef:44:95:4c:38:53:dc:64:e1:d9:ac:b5:77:
72:a5:f0:09:34:97:c9:30:bb:14:9b:f1:81:e3:36:
3f:b1:63:56:3e:44:20:7d:ed:d5:b8:4f:98:3d:85:
7b:3b:fa:d4:71:10:de:25:26:4f:d2:bb:ae:b2:42:
70:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:05:1F:17:A8:EE:05:D7:89:9A:2B:40:B4:80:70:4A:AD:DA:07:44
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/XgUfF6juBdeJmitAtIBwSq3aB0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.199.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0f:57:10:7f:66:f8:bb:3a:95:fa:c5:52:de:70:b5:33:4a:
4f:85:f4:23:0a:fe:13:f2:8c:6c:7f:5a:3c:e9:b9:63:f7:21:
95:4d:4c:3b:a5:f8:c9:0d:5a:93:7c:fa:0a:51:ca:18:99:a7:
2b:3e:ef:53:06:aa:ee:bd:4e:20:37:0e:6a:b7:98:97:cf:c6:
05:70:4a:e6:91:e1:fd:13:5e:8b:39:55:75:34:24:15:e8:d1:
a0:7c:50:c4:4f:f9:f0:0c:e6:8b:72:45:1e:48:41:b5:1b:c6:
2b:41:2d:ae:07:6b:e3:a9:1a:37:de:aa:2b:46:5a:d6:e5:21:
72:37:8b:08:68:7c:d9:78:69:b8:55:ba:0a:50:9d:60:b2:bd:
82:08:1b:80:ed:1a:a1:7a:5a:54:56:d2:64:8f:3d:4d:a4:f3:
d0:b3:ad:94:bc:60:8c:2a:d6:ae:c7:4d:1c:59:c0:71:25:57:
84:17:1d:56:f9:2f:44:2f:7d:d0:47:09:c2:17:33:c6:76:19:
40:96:ba:f7:6c:51:a4:6b:b1:39:70:94:c6:c7:89:bd:fe:7b:
e8:d6:fe:8f:cc:8c:4f:cb:6b:ec:e5:e8:ed:43:37:13:24:72:
1d:a1:5b:06:e3:c1:99:46:2b:5f:94:c1:ad:dc:e7:50:8a:cd:
da:7f:73:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3i+45NNY2ILoToYLuTT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA1MWYxN2E4ZWUwNWQ3ODk5YTJiNDBiNDgwNzA0YWFkZGEwNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuqrWs4rPZ2aHVmaMA8yfHzVlHHG
Zokt36hU89g9k8QQKQgXTE/IvSdUzAthNzB2+r4t6SFyJdTM3F5PqPFFyDFjgKYh
vU6zR6d/Sy2lj4MSCVsJZwb6b3Dp6a4pk5OZfEykg6C8iXqnJ3YmKDQ8KiBuKkYn
KlIRHVhUM1JP+v68mrHQTWGtDwNhKmVeDBSqNqQ3+vXro38910GQFwKDQgAfDs5Z
5mMtAT6umWVU8/neZpeenv+GEcYMTRQIoNwGxfISbO9ElUw4U9xk4dmstXdypfAJ
NJfJMLsUm/GB4zY/sWNWPkQgfe3VuE+YPYV7O/rUcRDeJSZP0ruuskJw7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4FHxeo7gXXiZorQLSAcEqt2gdEMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvWGdVZkY2anVCZGVKbWl0QXRJQndTcTNhQjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/HMA0G
CSqGSIb3DQEBCwUAA4IBAQAdD1cQf2b4uzqV+sVS3nC1M0pPhfQjCv4T8oxsf1o8
6blj9yGVTUw7pfjJDVqTfPoKUcoYmacrPu9TBqruvU4gNw5qt5iXz8YFcErmkeH9
E16LOVV1NCQV6NGgfFDET/nwDOaLckUeSEG1G8YrQS2uB2vjqRo33qorRlrW5SFy
N4sIaHzZeGm4VboKUJ1gsr2CCBuA7RqhelpUVtJkjz1NpPPQs62UvGCMKtaux00c
WcBxJVeEFx1W+S9EL33QRwnCFzPGdhlAlrr3bFGka7E5cJTGx4m9/nvo1v6PzIxP
y2vs5ejtQzcTJHIdoVsG48GZRitflMGt3OdQis3af3Pq
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:10:11 2024 by rpki-client on console-ams.rpki-client.org