Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/u636-NBpcDST6Ay2isKkh9vjQyA.roa
File: u636-NBpcDST6Ay2isKkh9vjQyA.roa (raw, json)
Hash identifier: 9fKqkSkRThAdxSRh2yCKexgtIATO9FJJIYBt1O1BFB4=
Subject key identifier: BB:AD:FA:F8:D0:69:70:34:93:E8:0C:B6:8A:C2:A4:87:DB:E3:43:20
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05B31981
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/u636-NBpcDST6Ay2isKkh9vjQyA.roa
Signing time: Sat 01 Jan 2022 07:57:16 +0000
ROA not before: Sat 01 Jan 2022 07:57:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61048
IP address blocks: 91.193.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95623553 (0x5b31981)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbadfaf8d069703493e80cb68ac2a487dbe34320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4a:f4:ae:f3:67:84:cc:00:af:1d:79:56:a3:
f3:89:58:d2:ff:e0:86:cc:de:45:08:1f:6d:f4:1c:
0e:73:9e:6c:91:01:d5:fa:9d:d6:ea:92:b6:c7:5b:
b6:07:df:36:55:ab:99:4e:90:6f:a2:03:cd:66:67:
95:d8:da:da:89:aa:a3:5b:86:b0:b2:82:a1:ae:fd:
be:6b:73:1e:52:27:be:70:08:36:7d:bd:58:e8:d8:
02:51:de:86:2a:c6:c7:8a:6a:45:8e:13:b3:b3:28:
e9:5a:18:da:fd:1f:f7:d4:a5:64:ce:91:6f:fd:fa:
32:a6:df:22:9b:97:cd:2f:75:fa:5b:21:42:c8:b7:
d4:0f:86:00:04:9c:af:f5:48:8a:87:f1:00:5e:e0:
97:97:b8:dd:dc:44:97:74:23:57:61:df:6f:2f:f5:
fc:9b:b4:09:2b:c6:a5:71:f9:27:98:c5:b1:33:be:
ee:3b:96:2f:09:42:a6:5e:31:77:ce:c8:3f:8b:ae:
c7:53:9d:8c:89:c1:b5:2b:98:b5:9d:cb:dd:5d:a8:
62:86:ff:9c:d2:93:d3:21:ed:9b:46:34:9e:06:7d:
f1:58:25:5d:7f:0f:a8:e5:8b:3e:28:b2:fe:2f:fe:
22:fc:fd:48:38:93:4e:38:f9:76:ca:10:06:75:39:
42:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AD:FA:F8:D0:69:70:34:93:E8:0C:B6:8A:C2:A4:87:DB:E3:43:20
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/u636-NBpcDST6Ay2isKkh9vjQyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.216.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:2a:8c:24:75:e1:76:18:31:e8:66:fa:b4:a3:81:7f:7d:57:
1d:27:e0:a8:fe:f3:78:65:e1:f0:ec:ba:db:e9:1b:f2:ce:40:
49:0e:8a:c6:b3:e2:05:2e:fe:02:95:d2:89:9e:97:20:c1:24:
a1:d0:6c:1c:16:69:66:29:56:4b:e4:28:fe:cb:43:b0:aa:4c:
03:9a:97:a3:16:b1:01:c2:98:10:5e:3a:39:8a:8c:56:67:e3:
2b:d0:53:98:fe:df:20:2f:c5:33:6f:81:f9:61:56:d3:b6:9e:
e5:a2:00:4d:de:6c:cd:26:74:d3:0f:43:4c:29:f6:cd:97:09:
0d:a4:42:c7:b1:8b:2c:09:3b:68:e8:36:bd:d3:b7:42:37:94:
3d:13:4f:64:8c:9a:38:81:34:06:d3:2a:65:a2:cb:45:b6:99:
4b:8b:1b:44:5c:d6:c7:f4:32:7b:18:f1:fe:a7:05:7d:ec:c3:
c7:f0:0e:76:21:d7:97:da:ef:13:73:cc:bf:67:89:b0:14:78:
5c:84:af:4f:29:ea:6a:82:0f:9f:d1:f5:05:f7:6e:8b:b0:08:
5f:d2:6e:6d:5d:e5:71:55:b5:2a:87:cc:2e:f6:e8:81:9e:8f:
10:bf:52:0b:1f:b2:0a:ff:81:2b:4c:64:c7:4b:b3:0a:38:75:
c8:64:f3:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbMZgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJhZGZhZjhkMDY5
NzAzNDkzZTgwY2I2OGFjMmE0ODdkYmUzNDMyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlK9K7zZ4TMAK8deVaj84lY0v/ghszeRQgfbfQcDnOebJEB
1fqd1uqStsdbtgffNlWrmU6Qb6IDzWZnldja2omqo1uGsLKCoa79vmtzHlInvnAI
Nn29WOjYAlHehirGx4pqRY4Ts7Mo6VoY2v0f99SlZM6Rb/36MqbfIpuXzS91+lsh
Qsi31A+GAAScr/VIiofxAF7gl5e43dxEl3QjV2Hfby/1/Ju0CSvGpXH5J5jFsTO+
7juWLwlCpl4xd87IP4uux1OdjInBtSuYtZ3L3V2oYob/nNKT0yHtm0Y0ngZ98Vgl
XX8PqOWLPiiy/i/+Ivz9SDiTTjj5dsoQBnU5QskCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7rfr40GlwNJPoDLaKwqSH2+NDIDAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3U2MzYtTkJwY0RTVDZBeTJpc0traDl2alF5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvB2DANBgkqhkiG9w0BAQsFAAOC
AQEAvCqMJHXhdhgx6Gb6tKOBf31XHSfgqP7zeGXh8Oy62+kb8s5ASQ6KxrPiBS7+
ApXSiZ6XIMEkodBsHBZpZilWS+Qo/stDsKpMA5qXoxaxAcKYEF46OYqMVmfjK9BT
mP7fIC/FM2+B+WFW07ae5aIATd5szSZ00w9DTCn2zZcJDaRCx7GLLAk7aOg2vdO3
QjeUPRNPZIyaOIE0BtMqZaLLRbaZS4sbRFzWx/Qyexjx/qcFfezDx/AOdiHXl9rv
E3PMv2eJsBR4XISvTynqaoIPn9H1Bfdui7AIX9JubV3lcVW1KofMLvbogZ6PEL9S
Cx+yCv+BK0xkx0uzCjh1yGTzPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org