Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/X_Bc_Mdd7xexuJZhzapCAg-GVMg.roa
File: X_Bc_Mdd7xexuJZhzapCAg-GVMg.roa (raw, json)
Hash identifier: 9PeDDND0hNDWjXM1BErMWS1CNzMA722jkbrVHs9GHSk=
Subject key identifier: 5F:F0:5C:FC:C7:5D:EF:17:B1:B8:96:61:CD:AA:42:02:0F:86:54:C8
Certificate issuer: /CN=26862926a857491554bee94951bb5fa670207d9e
Certificate serial: 01884EA5BCE891D27F47AAC6E79FA2057831
Authority key identifier: 26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/X_Bc_Mdd7xexuJZhzapCAg-GVMg.roa
Signing time: Wed 24 May 2023 16:44:24 +0000
ROA not before: Wed 24 May 2023 16:44:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 91.132.141.0/24 maxlen: 24
91.132.140.0/24 maxlen: 24
91.132.143.0/24 maxlen: 24
91.132.142.0/24 maxlen: 24
185.234.58.0/24 maxlen: 24
185.234.57.0/24 maxlen: 24
185.234.56.0/24 maxlen: 24
185.234.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:a5:bc:e8:91:d2:7f:47:aa:c6:e7:9f:a2:05:78:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26862926a857491554bee94951bb5fa670207d9e
Validity
Not Before: May 24 16:44:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff05cfcc75def17b1b89661cdaa42020f8654c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:7a:ed:88:23:c1:f2:d7:14:58:58:76:d1:
4c:05:46:ba:79:4e:bd:c0:dc:91:6e:8e:7a:b9:82:
04:d6:65:21:0b:0f:91:a3:42:ae:66:2d:60:07:09:
72:ff:98:55:46:0b:85:1e:01:3a:ce:48:9f:69:1e:
e5:65:33:88:94:4b:7d:e3:99:17:14:e9:e2:1b:82:
87:35:df:82:69:fa:d1:b9:f4:ce:c4:c0:e0:7a:4b:
59:8d:1c:8a:f3:8f:2c:07:68:23:fd:4c:d6:aa:9d:
6e:70:20:f1:88:d3:dd:e4:47:98:19:a4:cc:cc:cd:
97:cf:64:c8:12:96:62:9c:41:9e:29:9c:eb:12:74:
0e:6a:40:1d:a5:30:be:5f:b7:2b:54:d4:48:af:d8:
1f:c3:67:cc:83:f3:53:a0:30:6a:31:77:a1:0c:29:
6f:cf:cb:88:ab:88:c9:3b:93:d4:3e:a0:3e:5b:53:
a1:ea:31:81:6e:ec:df:3f:3d:8d:0e:a4:e1:f6:79:
dc:8c:5a:5b:70:23:e5:52:f3:ae:42:18:8d:63:53:
1b:f3:5d:00:50:59:e3:ea:96:68:42:e0:40:65:5c:
a5:5b:1b:1d:3b:71:62:40:b8:06:43:04:25:8a:de:
c6:1e:dd:5b:f6:db:b2:d8:a2:69:01:c5:fe:c8:39:
d2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F0:5C:FC:C7:5D:EF:17:B1:B8:96:61:CD:AA:42:02:0F:86:54:C8
X509v3 Authority Key Identifier:
keyid:26:86:29:26:A8:57:49:15:54:BE:E9:49:51:BB:5F:A6:70:20:7D:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoYpJqhXSRVUvulJUbtfpnAgfZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/X_Bc_Mdd7xexuJZhzapCAg-GVMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8d46bf-5444-43aa-8cd4-e7b0ee0f498c/1/JoYpJqhXSRVUvulJUbtfpnAgfZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.140.0/22
185.234.56.0/22
Signature Algorithm: sha256WithRSAEncryption
83:db:29:57:9c:b4:5b:19:9e:d9:0b:77:dc:75:4c:d6:26:19:
8d:e8:96:7e:ca:cc:59:8e:24:5a:c4:b3:bd:7b:8e:8b:c2:a6:
8e:48:41:93:72:71:24:1e:b2:75:dc:07:9b:37:f1:18:05:5b:
37:58:80:43:bf:c8:38:f4:7a:b4:ac:35:4c:be:ed:9a:d3:dd:
2e:eb:97:56:4e:20:48:c9:82:ef:d2:8a:6e:16:fc:4f:57:5b:
a8:67:b5:3b:94:ea:70:d6:03:fa:ab:a5:61:50:19:f0:32:bb:
c8:4d:de:37:3f:1b:ca:65:ea:1f:ec:25:c1:1b:17:f9:75:b1:
20:05:0c:59:9f:f6:30:b6:3d:c8:02:9b:d2:7d:bd:36:9d:0d:
1b:71:93:69:8f:66:18:a6:87:7b:25:6b:2a:1e:4a:f8:fd:ea:
78:5b:71:43:62:22:c8:08:4c:34:c7:7b:e6:62:29:08:70:26:
12:0c:56:9e:f8:92:94:8a:8f:f3:83:eb:fa:e6:1d:71:a6:42:
d1:14:4b:80:db:97:dd:87:c7:d4:95:25:d1:82:af:f1:f3:5b:
9d:cc:50:2d:fa:9c:7e:4c:17:42:a0:2d:75:45:98:04:e5:b9:
33:f1:c4:c5:42:be:57:e7:a5:17:60:9d:91:b8:5b:0f:18:4d:
68:91:ae:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhOpbzokdJ/R6rG55+iBXgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODYyOTI2YTg1NzQ5MTU1NGJlZTk0OTUxYmI1ZmE2NzAy
MDdkOWUwHhcNMjMwNTI0MTY0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmYwNWNmY2M3NWRlZjE3YjFiODk2NjFjZGFhNDIwMjBmODY1NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+l67YgjwfLXFFhYdtFMBUa6eU69
wNyRbo56uYIE1mUhCw+Ro0KuZi1gBwly/5hVRguFHgE6zkifaR7lZTOIlEt945kX
FOniG4KHNd+CafrRufTOxMDgektZjRyK848sB2gj/UzWqp1ucCDxiNPd5EeYGaTM
zM2Xz2TIEpZinEGeKZzrEnQOakAdpTC+X7crVNRIr9gfw2fMg/NToDBqMXehDClv
z8uIq4jJO5PUPqA+W1Oh6jGBbuzfPz2NDqTh9nncjFpbcCPlUvOuQhiNY1Mb810A
UFnj6pZoQuBAZVylWxsdO3FiQLgGQwQlit7GHt1b9tuy2KJpAcX+yDnSKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/wXPzHXe8XsbiWYc2qQgIPhlTIMB8GA1UdIwQY
MBaAFCaGKSaoV0kVVL7pSVG7X6ZwIH2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQt
ZTdiMGVlMGY0OThjLzEvWF9CY19NZGQ3eGV4dUpaaHphcENBZy1HVk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84ZDQ2YmYtNTQ0NC00M2FhLThjZDQtZTdiMGVlMGY0OThj
LzEvSm9ZcEpxaFhTUlZVdnVsSlVidGZwbkFnZlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW4SMAwQC
ueo4MA0GCSqGSIb3DQEBCwUAA4IBAQCD2ylXnLRbGZ7ZC3fcdUzWJhmN6JZ+ysxZ
jiRaxLO9e46LwqaOSEGTcnEkHrJ13AebN/EYBVs3WIBDv8g49Hq0rDVMvu2a090u
65dWTiBIyYLv0opuFvxPV1uoZ7U7lOpw1gP6q6VhUBnwMrvITd43PxvKZeof7CXB
Gxf5dbEgBQxZn/Ywtj3IApvSfb02nQ0bcZNpj2YYpod7JWsqHkr4/ep4W3FDYiLI
CEw0x3vmYikIcCYSDFae+JKUio/zg+v65h1xpkLRFEuA25fdh8fUlSXRgq/x81ud
zFAt+px+TBdCoC11RZgE5bkz8cTFQr5X56UXYJ2RuFsPGE1oka77
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:20 2024 by rpki-client on console-fra.rpki-client.org