Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vFGb1r7SSqxGX0AusMSt4LauUtE.roa
File: vFGb1r7SSqxGX0AusMSt4LauUtE.roa (raw, json)
Hash identifier: 5NtojvUuvhRCahlVnNNfGHyCP+nb5QerO0+rU/r10GM=
Subject key identifier: BC:51:9B:D6:BE:D2:4A:AC:46:5F:40:2E:B0:C4:AD:E0:B6:AE:52:D1
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D560ED198203F15160F311EC2BEEAC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vFGb1r7SSqxGX0AusMSt4LauUtE.roa
Signing time: Mon 02 Jan 2023 04:55:10 +0000
ROA not before: Mon 02 Jan 2023 04:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61048
IP address blocks: 91.193.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:60:ed:19:82:03:f1:51:60:f3:11:ec:2b:ee:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc519bd6bed24aac465f402eb0c4ade0b6ae52d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:33:10:72:0b:62:60:3b:7a:2c:a0:49:c5:8b:
9e:61:64:f1:56:24:28:03:20:0f:0a:7f:a6:98:bb:
cc:e1:24:c0:5d:ee:8b:38:e5:21:bd:b3:af:ea:f7:
bb:1b:9e:11:f2:72:0e:78:d2:a3:d4:2e:b5:70:c1:
c6:10:f0:af:b0:b7:37:26:7b:c0:fa:51:01:f2:75:
5b:26:81:f8:d9:32:41:a4:08:44:a3:da:0a:d3:90:
2d:f7:43:5b:2d:87:26:a0:c9:d4:85:ae:e4:b0:a8:
7b:9b:9f:a5:70:93:99:da:99:83:40:5a:4f:f8:81:
74:f4:f6:1e:9f:70:25:73:74:81:b2:5c:53:45:5d:
1c:51:1f:40:94:c1:dd:fc:d5:05:11:b9:1c:4f:68:
d6:96:17:3f:48:34:1f:a1:f0:cc:d9:7d:ed:68:32:
a6:bb:b4:77:5f:b7:b6:56:82:fe:85:5e:4d:65:2a:
e9:5a:96:d0:4d:c9:df:63:74:a1:07:0d:46:1d:3a:
ff:72:4a:86:56:4b:db:f1:d9:31:38:ae:7b:e8:28:
b5:ce:69:fb:86:6d:5e:bb:69:5d:9e:42:58:d5:2b:
6e:33:cf:62:a8:0b:11:a9:c5:52:fa:4a:f5:2e:cd:
19:12:37:f3:cb:6b:9d:7a:26:58:a4:68:ee:9c:a5:
0d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:51:9B:D6:BE:D2:4A:AC:46:5F:40:2E:B0:C4:AD:E0:B6:AE:52:D1
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vFGb1r7SSqxGX0AusMSt4LauUtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.216.0/24
Signature Algorithm: sha256WithRSAEncryption
21:20:58:aa:bd:82:fc:51:71:07:4f:7c:eb:65:de:2e:97:d6:
dc:eb:3c:76:c3:b5:4c:cb:86:9b:19:2c:11:6c:d4:fd:a0:02:
fe:ce:47:e2:5b:0d:21:08:f8:c9:9b:33:2b:cd:1c:51:84:e7:
e9:3f:ae:64:dc:83:61:c6:a9:03:5d:5b:5d:6e:c3:6a:39:d7:
86:23:8f:1c:53:f3:ec:17:cf:98:fe:86:14:80:02:d1:86:db:
6b:06:94:f7:f3:2b:d6:62:7d:57:32:82:1b:d4:94:da:8c:66:
5a:13:90:ec:10:08:ca:43:ce:de:a7:cd:30:f7:58:f2:68:8c:
dc:c5:67:f5:3a:7b:b4:d1:87:47:4e:16:44:02:04:d6:69:8e:
66:26:ce:ad:1e:e5:d1:12:a7:69:e8:1d:67:f2:51:fb:d9:65:
b0:6d:41:39:3d:01:c7:60:a2:e4:37:6e:58:68:c3:6f:fa:56:
83:35:bc:c7:83:d3:3a:f6:bb:cf:58:11:cf:6b:6a:f5:34:5b:
5c:90:95:a9:6d:04:8f:85:ca:4c:f1:b7:21:55:6f:c9:86:52:
43:5e:53:55:00:34:df:7f:71:fb:58:43:31:00:d2:31:9c:81:
b5:9b:0b:64:39:10:3d:13:20:21:5b:37:fe:d8:ab:38:ac:09:
4a:11:dc:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1WDtGYID8VFg8xHsK+6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUxOWJkNmJlZDI0YWFjNDY1ZjQwMmViMGM0YWRlMGI2YWU1MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTMQcgtiYDt6LKBJxYueYWTxViQo
AyAPCn+mmLvM4STAXe6LOOUhvbOv6ve7G54R8nIOeNKj1C61cMHGEPCvsLc3JnvA
+lEB8nVbJoH42TJBpAhEo9oK05At90NbLYcmoMnUha7ksKh7m5+lcJOZ2pmDQFpP
+IF09PYen3Alc3SBslxTRV0cUR9AlMHd/NUFEbkcT2jWlhc/SDQfofDM2X3taDKm
u7R3X7e2VoL+hV5NZSrpWpbQTcnfY3ShBw1GHTr/ckqGVkvb8dkxOK576Ci1zmn7
hm1eu2ldnkJY1StuM89iqAsRqcVS+kr1Ls0ZEjfzy2udeiZYpGjunKUN4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxRm9a+0kqsRl9ALrDEreC2rlLRMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdkZHYjFyN1NTcXhHWDBBdXNNU3Q0TGF1VXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8HYMA0G
CSqGSIb3DQEBCwUAA4IBAQAhIFiqvYL8UXEHT3zrZd4ul9bc6zx2w7VMy4abGSwR
bNT9oAL+zkfiWw0hCPjJmzMrzRxRhOfpP65k3INhxqkDXVtdbsNqOdeGI48cU/Ps
F8+Y/oYUgALRhttrBpT38yvWYn1XMoIb1JTajGZaE5DsEAjKQ87ep80w91jyaIzc
xWf1Onu00YdHThZEAgTWaY5mJs6tHuXREqdp6B1n8lH72WWwbUE5PQHHYKLkN25Y
aMNv+laDNbzHg9M69rvPWBHPa2r1NFtckJWpbQSPhcpM8bchVW/JhlJDXlNVADTf
f3H7WEMxANIxnIG1mwtkORA9EyAhWzf+2Ks4rAlKEdy4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org