Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/cl6zLFJobMfarjPywyHhnNalJOI.roa
File: cl6zLFJobMfarjPywyHhnNalJOI.roa (raw, json)
Hash identifier: avArrMCYAg6mwsGzunMLZw5BMdmAACLjaBIi/uEqtQM=
Subject key identifier: 72:5E:B3:2C:52:68:6C:C7:DA:AE:33:F2:C3:21:E1:9C:D6:A5:24:E2
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019199C35B47673FE560DFE0112B1306FBDF
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/cl6zLFJobMfarjPywyHhnNalJOI.roa
Signing time: Wed 28 Aug 2024 16:13:22 +0000
ROA not before: Wed 28 Aug 2024 16:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62300
IP address blocks: 91.214.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:c3:5b:47:67:3f:e5:60:df:e0:11:2b:13:06:fb:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Aug 28 16:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=725eb32c52686cc7daae33f2c321e19cd6a524e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:83:aa:41:c1:96:45:ed:52:0a:33:37:c6:07:
43:1b:d7:7a:8e:1b:97:41:40:65:c8:ca:a7:5c:e5:
09:7d:dc:c5:e7:d6:a2:24:bd:02:d9:3a:cc:34:2f:
f2:14:fa:cc:64:d3:6c:48:f3:e8:63:f1:64:30:21:
6c:6d:cd:5b:bf:0c:7f:33:58:c9:c6:9e:3d:01:04:
eb:7e:91:48:db:15:3f:10:6d:3d:c7:3d:df:e7:81:
2d:88:da:8d:72:e4:48:ab:08:3f:e1:a7:e3:35:c9:
92:69:82:57:40:d8:f7:7c:c0:97:06:73:0b:53:02:
39:9c:08:d9:e1:43:10:1a:30:56:04:15:d6:d5:2f:
11:42:01:14:89:89:00:49:d8:28:12:c5:58:64:b8:
01:b2:38:10:0e:cb:04:ae:54:4d:11:5a:39:38:49:
e9:9d:34:6b:86:60:63:10:43:86:39:69:a8:ee:39:
ca:c9:8e:e4:f7:bb:3f:ca:92:76:a8:04:4c:e1:4d:
08:ac:72:6d:ed:41:f0:2d:29:68:5f:8a:30:a1:56:
b0:7f:94:35:b7:29:f3:be:f7:9e:2f:8d:1e:42:4f:
16:fa:c8:1d:a5:4c:c8:f1:bf:34:37:d0:b4:10:e0:
04:0e:eb:c3:76:21:a3:4f:29:db:b5:2b:9f:9e:2d:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5E:B3:2C:52:68:6C:C7:DA:AE:33:F2:C3:21:E1:9C:D6:A5:24:E2
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/cl6zLFJobMfarjPywyHhnNalJOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.116.0/24
Signature Algorithm: sha256WithRSAEncryption
21:00:69:e6:95:fb:1a:4c:a0:21:c3:10:b9:35:a4:fe:e5:70:
47:0f:58:6d:47:e2:44:c6:94:0a:ba:0c:c4:df:64:e1:9b:20:
cd:90:24:63:4c:54:ed:5f:e6:81:1c:1e:54:2b:52:2b:71:d6:
a2:a9:d2:cd:bd:5b:d2:64:b7:a4:9a:49:d7:34:d8:f4:ab:2d:
d8:45:91:64:a0:36:fd:9f:27:f1:34:13:06:2b:40:6e:2b:37:
45:ee:c1:f2:57:50:a1:09:35:60:f9:0d:8c:f0:59:de:93:4f:
72:6e:11:79:22:9f:0b:72:9b:21:bb:6e:d6:16:e5:25:72:7b:
c4:fe:6a:e9:f1:89:ef:0d:06:87:87:cb:a2:e5:11:f2:05:6a:
07:d5:5f:3c:52:3f:97:27:be:12:65:2d:7f:53:07:74:d7:b6:
55:09:df:3e:aa:93:4b:b6:6a:2b:22:48:5d:e0:f3:2c:c1:f1:
4f:bb:32:c6:51:9c:72:f0:4f:f1:41:ff:69:16:5f:b3:98:35:
94:4d:5d:95:18:92:d4:6a:95:0d:aa:01:4f:bd:98:32:80:3f:
d4:e3:3c:74:60:89:80:2f:b4:65:fd:3f:6e:db:c1:6b:6e:fa:
13:07:66:08:92:44:f7:39:d8:ce:91:ad:5a:da:bb:a1:39:c6:
d0:11:65:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGZw1tHZz/lYN/gESsTBvvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwODI4MTYxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVlYjMyYzUyNjg2Y2M3ZGFhZTMzZjJjMzIxZTE5Y2Q2YTUyNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYOqQcGWRe1SCjM3xgdDG9d6jhuX
QUBlyMqnXOUJfdzF59aiJL0C2TrMNC/yFPrMZNNsSPPoY/FkMCFsbc1bvwx/M1jJ
xp49AQTrfpFI2xU/EG09xz3f54EtiNqNcuRIqwg/4afjNcmSaYJXQNj3fMCXBnML
UwI5nAjZ4UMQGjBWBBXW1S8RQgEUiYkASdgoEsVYZLgBsjgQDssErlRNEVo5OEnp
nTRrhmBjEEOGOWmo7jnKyY7k97s/ypJ2qARM4U0IrHJt7UHwLSloX4owoVawf5Q1
tynzvveeL40eQk8W+sgdpUzI8b80N9C0EOAEDuvDdiGjTynbtSufni0y0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJesyxSaGzH2q4z8sMh4ZzWpSTiMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvY2w2ekxGSm9iTWZhcmpQeXd5SGhuTmFsSk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9Z0MA0G
CSqGSIb3DQEBCwUAA4IBAQAhAGnmlfsaTKAhwxC5NaT+5XBHD1htR+JExpQKugzE
32ThmyDNkCRjTFTtX+aBHB5UK1IrcdaiqdLNvVvSZLekmknXNNj0qy3YRZFkoDb9
nyfxNBMGK0BuKzdF7sHyV1ChCTVg+Q2M8Fnek09ybhF5Ip8Lcpshu27WFuUlcnvE
/mrp8YnvDQaHh8ui5RHyBWoH1V88Uj+XJ74SZS1/Uwd017ZVCd8+qpNLtmorIkhd
4PMswfFPuzLGUZxy8E/xQf9pFl+zmDWUTV2VGJLUapUNqgFPvZgygD/U4zx0YImA
L7Rl/T9u28FrbvoTB2YIkkT3OdjOka1a2ruhOcbQEWXb
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:57 2025 by rpki-client