Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/wKk-UQLDTOjUZvrEbn-CUvprU80.roa
File: wKk-UQLDTOjUZvrEbn-CUvprU80.roa (raw, json)
Hash identifier: iABstWtg7tjTFK7rjOzgXB3L00UysEebqS3qdiAjtqk=
Subject key identifier: C0:A9:3E:51:02:C3:4C:E8:D4:66:FA:C4:6E:7F:82:52:FA:6B:53:CD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A4B27F
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/wKk-UQLDTOjUZvrEbn-CUvprU80.roa
Signing time: Sat 01 Jan 2022 07:57:07 +0000
ROA not before: Sat 01 Jan 2022 07:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35591
IP address blocks: 91.223.199.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94679679 (0x5a4b27f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0a93e5102c34ce8d466fac46e7f8252fa6b53cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ee:a3:d3:ba:f4:23:c0:b5:a1:74:9a:59:9a:
cb:17:3f:6e:57:1a:ad:8e:58:56:70:14:86:45:f4:
8c:82:17:94:24:76:20:31:51:fb:6f:be:50:b5:c4:
3c:d6:82:f7:5f:cf:d1:08:32:7f:04:a8:f9:c3:22:
db:25:42:a4:fc:a5:95:b8:46:b4:96:11:45:cf:ae:
0d:35:0b:b5:f1:da:0f:3a:e7:80:c4:f7:0a:e2:ee:
b3:1d:e7:8f:86:b6:f6:6a:6e:9d:32:68:0a:0f:e2:
2f:93:f5:32:f7:4e:d3:2b:7f:f3:17:df:a3:b6:99:
bb:53:f5:ec:db:fe:ba:ba:c3:de:93:b6:a5:31:2b:
6b:08:79:fb:ea:7a:54:14:7d:8f:f8:60:65:57:71:
33:c8:64:72:05:0c:3a:20:7e:c4:28:85:de:dd:63:
5b:80:66:27:c6:ff:ef:a6:b0:3c:f9:9e:53:70:05:
06:99:d4:b5:6a:02:5e:29:25:f4:36:69:0b:67:ca:
e8:ab:de:b0:c1:48:71:4e:4e:20:0b:21:ac:26:18:
6c:9e:ba:0c:2d:c9:ef:d0:ec:01:d4:64:41:1a:89:
1c:7b:d1:87:dd:95:e5:55:16:bd:56:b3:2e:2a:0c:
26:b9:b9:28:a3:a9:ce:b0:92:1e:c5:de:d7:26:7c:
f3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A9:3E:51:02:C3:4C:E8:D4:66:FA:C4:6E:7F:82:52:FA:6B:53:CD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/wKk-UQLDTOjUZvrEbn-CUvprU80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.199.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e7:37:29:c6:ab:18:b4:34:87:58:55:fb:86:bd:3e:ca:ff:
f4:72:d7:f9:1b:80:d7:80:f1:1e:ac:35:8b:d8:b3:aa:d2:fe:
9b:e2:e2:7f:c8:63:a7:73:82:81:2d:32:3e:b3:c9:2e:b3:b8:
11:b3:ef:6b:b8:83:4c:b4:40:88:ca:f4:5e:4f:f0:2f:df:b2:
14:70:5f:12:d8:f6:c5:54:dc:7c:01:10:51:2f:90:f7:b6:56:
fb:2a:6f:29:f3:d0:d5:d1:61:69:e7:94:54:6d:80:ed:ef:ce:
82:04:20:e2:c5:30:a9:c1:68:8b:4e:b0:b6:76:c9:a2:62:00:
0d:6b:2e:40:46:70:59:e9:1a:ae:98:c3:d2:92:59:68:d5:9b:
65:6e:b9:53:50:1e:75:cd:64:ee:d4:1f:58:51:ef:80:8c:d8:
ce:d6:26:32:82:37:56:a1:bb:1b:4e:5e:ad:78:7b:c5:9f:11:
75:17:65:01:d3:a6:2e:33:48:d9:f3:0d:dd:66:90:af:8a:99:
6d:cd:98:0d:c2:6e:1c:4e:60:a9:fe:1f:c3:06:8d:27:cc:bc:
5c:da:15:7c:ba:69:b3:98:eb:15:d6:dd:5e:94:f7:4e:c7:1f:
7b:41:5b:04:23:68:5a:a2:23:c9:b9:35:47:82:8c:64:4e:1b:
1f:9f:6c:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaSyfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzBhOTNlNTEwMmMz
NGNlOGQ0NjZmYWM0NmU3ZjgyNTJmYTZiNTNjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3uo9O69CPAtaF0mlmayxc/blcarY5YVnAUhkX0jIIXlCR2
IDFR+2++ULXEPNaC91/P0QgyfwSo+cMi2yVCpPyllbhGtJYRRc+uDTULtfHaDzrn
gMT3CuLusx3nj4a29mpunTJoCg/iL5P1MvdO0yt/8xffo7aZu1P17Nv+urrD3pO2
pTErawh5++p6VBR9j/hgZVdxM8hkcgUMOiB+xCiF3t1jW4BmJ8b/76awPPmeU3AF
BpnUtWoCXikl9DZpC2fK6KvesMFIcU5OIAshrCYYbJ66DC3J79DsAdRkQRqJHHvR
h92V5VUWvVazLioMJrm5KKOpzrCSHsXe1yZ886MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTAqT5RAsNM6NRm+sRuf4JS+mtTzTAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3dLay1VUUxEVE9qVVp2ckVibi1DVXZwclU4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvfxzANBgkqhkiG9w0BAQsFAAOC
AQEAN+c3KcarGLQ0h1hV+4a9Psr/9HLX+RuA14DxHqw1i9izqtL+m+Lif8hjp3OC
gS0yPrPJLrO4EbPva7iDTLRAiMr0Xk/wL9+yFHBfEtj2xVTcfAEQUS+Q97ZW+ypv
KfPQ1dFhaeeUVG2A7e/OggQg4sUwqcFoi06wtnbJomIADWsuQEZwWekarpjD0pJZ
aNWbZW65U1Aedc1k7tQfWFHvgIzYztYmMoI3VqG7G05erXh7xZ8RdRdlAdOmLjNI
2fMN3WaQr4qZbc2YDcJuHE5gqf4fwwaNJ8y8XNoVfLpps5jrFdbdXpT3Tscfe0Fb
BCNoWqIjybk1R4KMZE4bH59stg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org