Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xSB1NP7a5orsbLD-9BkonX3qTTM.roa
File: xSB1NP7a5orsbLD-9BkonX3qTTM.roa (raw, json)
Hash identifier: DJEsGQmaf3SHIx7KWGyYkyG5dADDd+hhFBw6Ypkamao=
Subject key identifier: C5:20:75:34:FE:DA:E6:8A:EC:6C:B0:FE:F4:19:28:9D:7D:EA:4D:33
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018D13D7ED6410A2A59CDF6BAD1805B9BFDA
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xSB1NP7a5orsbLD-9BkonX3qTTM.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 91.242.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ed:64:10:a2:a5:9c:df:6b:ad:18:05:b9:bf:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5207534fedae68aec6cb0fef419289d7dea4d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4d:40:d8:30:e9:f4:c9:96:73:48:a6:7e:75:
f6:49:95:cd:62:2d:7f:a7:e3:e4:eb:eb:a3:48:e5:
55:a0:21:d5:5d:a9:f6:3d:e8:ba:66:9c:21:b5:a4:
a5:7b:ef:fe:b5:bf:ad:2c:9e:f3:ba:d1:23:ea:7e:
7f:b7:ec:88:50:7b:cf:b6:a2:94:06:b9:df:27:59:
71:e8:6c:09:43:86:3c:f8:52:e6:3c:0f:23:07:ad:
14:60:0d:7c:6e:03:ad:9f:3e:88:08:c5:b5:d3:34:
bd:e5:9a:9f:95:f5:7d:13:75:16:97:ee:62:05:8c:
1a:07:5b:da:49:44:69:22:ab:91:40:83:ea:77:93:
9e:ab:9f:8f:b7:51:6a:04:04:37:f3:a1:af:95:52:
53:b0:16:8e:2e:42:e5:52:6e:b4:48:d8:08:7e:01:
8f:19:0f:13:6e:31:7f:6e:76:2a:47:69:ce:63:0c:
d3:83:91:03:6a:bc:46:21:91:9f:c9:0e:7d:d7:b5:
5e:ab:e4:51:b6:de:65:7a:03:28:e6:1a:71:df:a7:
2d:48:04:2b:c3:37:06:31:6a:65:36:5a:cb:12:76:
47:5b:8c:9b:55:e6:2f:b4:d7:01:40:0a:a5:e2:14:
8c:47:7b:62:e4:a1:5a:22:fc:89:43:65:83:33:90:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:20:75:34:FE:DA:E6:8A:EC:6C:B0:FE:F4:19:28:9D:7D:EA:4D:33
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xSB1NP7a5orsbLD-9BkonX3qTTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.234.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:d7:a3:39:41:7e:2c:3f:7f:e8:21:52:da:a9:68:74:43:94:
5d:55:4d:40:4f:74:ab:c7:be:03:fe:c9:a9:c2:1f:ca:2d:34:
51:36:18:57:fc:b0:83:dd:3c:e0:b6:b9:44:a2:cd:d2:0b:ba:
d3:b0:dc:60:9f:6e:0e:52:e6:19:a2:79:dd:1a:58:33:33:61:
19:77:0f:87:f8:5e:43:3f:e2:cb:30:0e:ad:37:ad:54:b4:c3:
f7:6a:60:10:a0:e5:1a:77:e1:f5:9e:b7:90:ba:82:08:3b:b7:
52:bd:2d:1b:46:7b:c4:36:cb:80:11:33:a3:22:1e:d6:ef:38:
9a:af:a8:be:08:ee:e7:ee:e3:f0:b9:50:57:e1:ac:8d:8a:53:
0d:60:4e:8f:0e:42:0d:1c:5f:60:d7:12:21:82:a7:40:b2:14:
56:62:d0:10:cd:58:d3:36:f0:4a:02:0a:b4:78:d0:6a:9a:7b:
06:af:ed:2f:ff:af:f9:43:d8:78:3c:53:ed:b1:ee:80:2b:7a:
5e:a1:ba:e3:11:d3:5d:e0:1a:ee:f8:8d:ce:61:6f:ac:80:90:
22:b5:61:d7:c2:2d:a1:8b:d5:57:79:9a:24:33:de:e4:c3:30:
85:27:b7:6f:76:45:8b:02:75:c0:86:86:2e:cb:08:c5:d7:b4:
8b:80:84:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+1kEKKlnN9rrRgFub/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIwNzUzNGZlZGFlNjhhZWM2Y2IwZmVmNDE5Mjg5ZDdkZWE0ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3E1A2DDp9MmWc0imfnX2SZXNYi1/
p+Pk6+ujSOVVoCHVXan2Pei6ZpwhtaSle+/+tb+tLJ7zutEj6n5/t+yIUHvPtqKU
BrnfJ1lx6GwJQ4Y8+FLmPA8jB60UYA18bgOtnz6ICMW10zS95ZqflfV9E3UWl+5i
BYwaB1vaSURpIquRQIPqd5Oeq5+Pt1FqBAQ386GvlVJTsBaOLkLlUm60SNgIfgGP
GQ8TbjF/bnYqR2nOYwzTg5EDarxGIZGfyQ5917Veq+RRtt5legMo5hpx36ctSAQr
wzcGMWplNlrLEnZHW4ybVeYvtNcBQAql4hSMR3ti5KFaIvyJQ2WDM5Ao5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUgdTT+2uaK7Gyw/vQZKJ196k0zMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEveFNCMU5QN2E1b3JzYkxELTlCa29uWDNxVFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/LqMA0G
CSqGSIb3DQEBCwUAA4IBAQA916M5QX4sP3/oIVLaqWh0Q5RdVU1AT3Srx74D/smp
wh/KLTRRNhhX/LCD3TzgtrlEos3SC7rTsNxgn24OUuYZonndGlgzM2EZdw+H+F5D
P+LLMA6tN61UtMP3amAQoOUad+H1nreQuoIIO7dSvS0bRnvENsuAETOjIh7W7zia
r6i+CO7n7uPwuVBX4ayNilMNYE6PDkINHF9g1xIhgqdAshRWYtAQzVjTNvBKAgq0
eNBqmnsGr+0v/6/5Q9h4PFPtse6AK3peobrjEdNd4Bru+I3OYW+sgJAitWHXwi2h
i9VXeZokM97kwzCFJ7dvdkWLAnXAhoYuywjF17SLgISV
-----END CERTIFICATE-----
Generated at Wed Aug 14 16:07:25 2024 by rpki-client on console-fra.rpki-client.org