Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/0i9h0DdS2adKqZtTfGzo8LzTTS8.roa
File: 0i9h0DdS2adKqZtTfGzo8LzTTS8.roa (raw, json)
Hash identifier: isT+02+yEosIJ/ej+Go1M41dfjsZx1N3/Pv+REz+SKk=
Subject key identifier: D2:2F:61:D0:37:52:D9:A7:4A:A9:9B:53:7C:6C:E8:F0:BC:D3:4D:2F
Certificate issuer: /CN=26862926a857491554bee94951bb5fa670207d9e
Certificate serial: 018EB5D0A6F06C82C3F0A2CA70EB7C2D2574
Authority key identifier: 26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/0i9h0DdS2adKqZtTfGzo8LzTTS8.roa
Signing time: Sat 06 Apr 2024 23:48:53 +0000
ROA not before: Sat 06 Apr 2024 23:48:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 91.132.140.0/24 maxlen: 24
91.132.141.0/24 maxlen: 24
91.132.142.0/24 maxlen: 24
91.132.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b5:d0:a6:f0:6c:82:c3:f0:a2:ca:70:eb:7c:2d:25:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26862926a857491554bee94951bb5fa670207d9e
Validity
Not Before: Apr 6 23:48:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d22f61d03752d9a74aa99b537c6ce8f0bcd34d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:64:4f:89:25:d2:b2:a8:e9:56:3b:84:00:
9f:8e:40:0e:e7:2c:f2:07:ae:0f:12:72:0e:06:ed:
ca:ff:8c:0b:eb:91:d6:aa:9c:05:9b:49:ac:94:b7:
b4:8a:9e:88:4c:0b:52:5d:7b:2d:f8:74:2b:26:4d:
a7:4f:44:dc:08:01:8f:fa:cc:f3:71:e1:a7:02:51:
e6:a3:75:c2:39:27:b6:f9:97:e9:fa:44:c2:27:11:
cc:bb:f6:cb:22:f7:e0:be:bc:45:f1:2e:fe:b2:fe:
14:79:ce:17:84:ec:68:20:56:72:77:d9:12:15:db:
30:ae:85:fc:66:7c:59:d2:66:4a:06:68:ac:bb:c3:
9b:d3:04:3c:80:97:d9:b1:a7:3b:67:72:77:3f:e0:
d8:bc:4b:c9:6a:8e:46:23:10:e0:b9:79:1e:76:5f:
a0:a9:f5:00:76:7b:0d:01:87:51:17:70:1b:ca:b3:
48:42:92:67:0d:7e:c4:85:bb:ef:dc:4e:1f:53:94:
18:f7:e1:52:09:1a:b9:12:52:8c:16:b8:8f:eb:e4:
85:52:da:8c:df:2f:86:b5:85:76:1e:e6:22:6f:39:
b7:99:31:10:b7:f6:b4:94:d8:79:cc:c2:31:e0:a6:
cc:85:d1:9b:66:b2:77:90:72:0f:f3:f4:90:ba:f8:
16:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2F:61:D0:37:52:D9:A7:4A:A9:9B:53:7C:6C:E8:F0:BC:D3:4D:2F
X509v3 Authority Key Identifier:
keyid:26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/0i9h0DdS2adKqZtTfGzo8LzTTS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/JoYpJqhXSRVUvulJUbtfpnAgfZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.140.0/22
Signature Algorithm: sha256WithRSAEncryption
06:57:30:4d:60:57:ad:a1:02:18:1e:61:56:84:0f:1d:0c:86:
e1:13:b8:06:05:1b:65:fc:0c:bb:a4:61:04:fe:3a:35:ef:ad:
d5:1d:cc:4e:12:eb:5a:c6:d4:03:e8:2d:33:67:aa:5b:4d:67:
3d:0f:ee:a3:5d:bc:c9:68:1e:0f:ab:91:ad:12:df:86:b7:24:
8d:44:11:2c:1d:e2:8b:06:53:39:92:01:ba:bc:b6:20:97:84:
27:a7:d4:87:93:8f:50:04:4c:3d:50:60:1f:06:86:9c:0b:28:
83:b3:e4:26:ad:59:55:fe:89:28:6f:6c:b9:e4:7b:2c:c3:88:
3b:48:38:d9:d4:45:47:d5:60:fb:5e:4f:b5:81:86:64:8b:15:
03:be:4d:a5:09:7f:2a:df:17:24:07:2b:7b:96:e6:c5:74:db:
bc:b6:12:25:51:20:72:a0:27:e9:b7:38:8e:4a:2d:37:95:65:
96:b6:02:4d:93:e2:e9:d4:cd:f5:c9:81:81:25:5b:d9:6e:f9:
f3:f1:b0:d2:c2:cd:7e:42:10:df:0d:02:7c:db:2b:51:47:53:
99:7d:07:f7:55:82:fd:04:51:67:ff:b1:36:83:bc:d5:95:cc:
ed:7c:d6:6e:57:d3:f8:19:7b:c0:b6:63:02:12:ff:95:17:81:
63:18:64:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY610KbwbILD8KLKcOt8LSV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODYyOTI2YTg1NzQ5MTU1NGJlZTk0OTUxYmI1ZmE2NzAy
MDdkOWUwHhcNMjQwNDA2MjM0ODUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJmNjFkMDM3NTJkOWE3NGFhOTliNTM3YzZjZThmMGJjZDM0ZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/1kT4kl0rKo6VY7hACfjkAO5yzy
B64PEnIOBu3K/4wL65HWqpwFm0mslLe0ip6ITAtSXXst+HQrJk2nT0TcCAGP+szz
ceGnAlHmo3XCOSe2+Zfp+kTCJxHMu/bLIvfgvrxF8S7+sv4Uec4XhOxoIFZyd9kS
FdswroX8ZnxZ0mZKBmisu8Ob0wQ8gJfZsac7Z3J3P+DYvEvJao5GIxDguXkedl+g
qfUAdnsNAYdRF3AbyrNIQpJnDX7Ehbvv3E4fU5QY9+FSCRq5ElKMFriP6+SFUtqM
3y+GtYV2HuYibzm3mTEQt/a0lNh5zMIx4KbMhdGbZrJ3kHIP8/SQuvgWvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIvYdA3UtmnSqmbU3xs6PC8000vMB8GA1UdIwQY
MBaAFCaGKSaoV0kVVL7pSVG7X6ZwIH2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQt
ZTdiMGVlMGY0OThjLzEvMGk5aDBEZFMyYWRLcVp0VGZHem84THpUVFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQtZTdiMGVlMGY0OThj
LzEvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SMMA0G
CSqGSIb3DQEBCwUAA4IBAQAGVzBNYFetoQIYHmFWhA8dDIbhE7gGBRtl/Ay7pGEE
/jo1763VHcxOEutaxtQD6C0zZ6pbTWc9D+6jXbzJaB4Pq5GtEt+GtySNRBEsHeKL
BlM5kgG6vLYgl4Qnp9SHk49QBEw9UGAfBoacCyiDs+QmrVlV/okob2y55Hssw4g7
SDjZ1EVH1WD7Xk+1gYZkixUDvk2lCX8q3xckByt7lubFdNu8thIlUSByoCfptziO
Si03lWWWtgJNk+Lp1M31yYGBJVvZbvnz8bDSws1+QhDfDQJ82ytRR1OZfQf3VYL9
BFFn/7E2g7zVlcztfNZuV9P4GXvAtmMCEv+VF4FjGGTj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:31 2024 by rpki-client on console-ams.rpki-client.org