Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/8mg3xuWjsx9X0Ii-SI8U9nF1Y14.roa
File: 8mg3xuWjsx9X0Ii-SI8U9nF1Y14.roa (raw, json)
Hash identifier: ITBm+OmqZPdMG1+qhZZ1MFqYogi+qowz9azA6iOpCec=
Subject key identifier: F2:68:37:C6:E5:A3:B3:1F:57:D0:88:BE:48:8F:14:F6:71:75:63:5E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0AA0CF40
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/8mg3xuWjsx9X0Ii-SI8U9nF1Y14.roa
Signing time: Thu 24 Mar 2022 15:10:12 +0000
ROA not before: Thu 24 Mar 2022 15:10:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 91.222.43.0/24 maxlen: 24
185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178310976 (0xaa0cf40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 24 15:10:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f26837c6e5a3b31f57d088be488f14f67175635e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:47:e4:92:07:22:3b:93:4f:9c:d1:23:a5:49:
c3:1b:7f:5d:c5:5a:b3:0c:d7:40:d6:7e:ad:a1:ed:
02:c7:a6:3c:00:be:3c:30:87:4b:a8:90:0b:06:6e:
f2:54:1b:8f:79:7f:c2:04:3d:8b:16:24:e1:13:d8:
6e:a2:fe:57:e8:48:d3:84:24:15:ec:49:76:fe:95:
9f:86:ca:46:75:d4:12:ab:67:ab:d1:99:06:99:b0:
29:d9:88:9e:cb:a8:c8:ab:42:e1:c6:e9:ca:af:75:
f8:89:87:a5:5a:0b:9b:e1:5f:92:e9:bb:32:9c:52:
14:3b:36:44:70:0b:04:91:f5:b8:42:cd:4d:ab:11:
e1:aa:8a:12:58:ff:93:47:fe:02:56:a0:11:bc:e7:
36:5e:8c:1f:d5:a1:b7:85:c9:c3:a2:d7:94:94:f7:
f8:11:21:64:6b:01:f7:15:e5:f6:86:44:ac:fd:d0:
d9:52:b0:11:2a:26:2f:07:a2:ff:5e:18:92:56:92:
7b:04:8c:68:57:ca:e3:f0:d2:d4:1e:7f:24:78:28:
b5:0f:b3:57:5f:49:71:89:e5:c0:39:65:d3:40:08:
af:37:52:87:8f:54:b2:04:12:25:4a:d2:e5:27:71:
a0:10:a0:d0:0f:fa:6a:e1:bb:2c:76:be:96:de:d7:
35:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:68:37:C6:E5:A3:B3:1F:57:D0:88:BE:48:8F:14:F6:71:75:63:5E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/8mg3xuWjsx9X0Ii-SI8U9nF1Y14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.43.0/24
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
76:ce:b8:96:0f:27:d5:56:b1:d0:b3:57:57:91:bf:36:04:2d:
79:e1:fd:15:93:45:fa:86:c5:c3:2f:18:9f:99:d6:df:1f:46:
38:9c:25:62:84:20:21:e6:dc:e7:51:b6:d3:f4:fe:f5:c8:30:
42:95:b9:87:10:a4:f8:ff:2a:12:e3:54:15:31:68:2b:3e:bf:
a2:51:b6:61:ce:12:ed:3d:a5:c1:92:9c:74:a0:a7:8e:21:6b:
9f:9d:9a:a1:db:14:bb:e0:65:37:7b:99:c5:4a:06:9b:e3:24:
e6:ce:1b:7b:e9:f1:e8:be:b5:4b:5f:d4:e1:eb:5a:a1:98:90:
b4:f7:7a:0c:7e:f5:1d:02:4d:b3:26:db:4e:59:45:f7:21:e1:
84:00:a9:85:18:d9:34:b3:60:ac:12:40:bf:8e:5a:6b:22:b5:
1d:af:d1:b4:34:81:26:8a:47:b4:a1:94:fe:7a:38:87:df:36:
8a:e2:7c:a5:4a:e3:94:cf:da:35:a6:c2:92:d3:da:9e:fa:89:
cc:e6:7e:59:d6:a4:fa:60:c7:f4:61:0d:c2:2d:df:4c:f7:3c:
5a:5b:5a:fe:40:1e:ae:8c:b1:3c:f0:ed:4e:ac:39:e8:4f:f8:
84:97:f7:7a:57:e0:82:00:f9:96:51:be:f5:1d:6b:c9:39:4c:
bb:54:98:bf
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECqDPQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMy
NDE1MTAxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI2ODM3YzZlNWEz
YjMxZjU3ZDA4OGJlNDg4ZjE0ZjY3MTc1NjM1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRH5JIHIjuTT5zRI6VJwxt/XcVaswzXQNZ+raHtAsemPAC+
PDCHS6iQCwZu8lQbj3l/wgQ9ixYk4RPYbqL+V+hI04QkFexJdv6Vn4bKRnXUEqtn
q9GZBpmwKdmInsuoyKtC4cbpyq91+ImHpVoLm+Ffkum7MpxSFDs2RHALBJH1uELN
TasR4aqKElj/k0f+AlagEbznNl6MH9Wht4XJw6LXlJT3+BEhZGsB9xXl9oZErP3Q
2VKwESomLwei/14YklaSewSMaFfK4/DS1B5/JHgotQ+zV19JcYnlwDll00AIrzdS
h49UsgQSJUrS5SdxoBCg0A/6auG7LHa+lt7XNUMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTyaDfG5aOzH1fQiL5IjxT2cXVjXjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzhtZzN4dVdqc3g5WDBJaS1TSThVOW5GMVkxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFveKwMEALmVDDANBgkqhkiG9w0B
AQsFAAOCAQEAds64lg8n1Vax0LNXV5G/NgQteeH9FZNF+obFwy8Yn5nW3x9GOJwl
YoQgIebc51G20/T+9cgwQpW5hxCk+P8qEuNUFTFoKz6/olG2Yc4S7T2lwZKcdKCn
jiFrn52aodsUu+BlN3uZxUoGm+Mk5s4be+nx6L61S1/U4etaoZiQtPd6DH71HQJN
sybbTllF9yHhhACphRjZNLNgrBJAv45aayK1Ha/RtDSBJopHtKGU/no4h982iuJ8
pUrjlM/aNabCktPanvqJzOZ+Wdak+mDH9GENwi3fTPc8Wlta/kAeroyxPPDtTqw5
6E/4hJf3elfgggD5llG+9R1ryTlMu1SYvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org