Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nidU_8xlrZgWc-HEUck2kJtWQTg.roa
File: nidU_8xlrZgWc-HEUck2kJtWQTg.roa (raw, json)
Hash identifier: SOuWQDxeewV+tVLK/fdsdQ+p/eZ3RQkOdLl2O8aM2yA=
Subject key identifier: 9E:27:54:FF:CC:65:AD:98:16:73:E1:C4:51:C9:36:90:9B:56:41:38
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018D13D7EEB9220168035590DF19F78EAA17
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nidU_8xlrZgWc-HEUck2kJtWQTg.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 91.242.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ee:b9:22:01:68:03:55:90:df:19:f7:8e:aa:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e2754ffcc65ad981673e1c451c936909b564138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:9e:97:d4:e0:aa:9c:ad:4f:bc:ac:5f:58:
bc:c6:eb:0a:e6:28:96:03:39:d3:ef:fe:82:62:01:
59:06:ca:6b:00:a6:43:0f:3e:74:d6:38:80:59:39:
8a:05:f2:c9:04:b8:5d:91:08:bd:4c:3f:cc:7a:3e:
53:93:a8:68:bc:24:f7:de:cf:32:74:5e:38:68:21:
16:37:28:6f:d4:ac:dd:b0:e3:18:cd:c6:e1:e9:16:
1f:bc:11:37:e7:0d:83:1c:c8:a9:e5:6c:ae:68:03:
05:71:7c:a1:d6:45:3a:45:a9:78:79:53:1a:97:c3:
bc:d5:61:33:17:d7:14:b1:fc:dd:c0:45:e6:98:5f:
7f:f5:c4:4f:70:62:68:86:6a:33:7c:e3:3c:14:fd:
46:29:17:4d:7e:7d:d6:7b:ee:67:9a:c6:40:10:bf:
dc:59:ea:36:65:69:38:46:4d:a3:e6:ac:de:11:c8:
8d:c7:ef:81:b1:7c:fb:6c:43:ed:cf:77:8e:7d:90:
0b:b4:38:08:24:7c:48:e8:65:54:c5:ee:e4:9a:c0:
f9:4c:b3:c2:e6:8f:97:51:a2:47:6b:61:4d:3f:0b:
24:cd:ef:14:30:c8:16:b0:95:61:ee:35:1c:b6:68:
93:ea:a1:16:8d:29:c2:6c:a9:b3:58:8f:08:ce:76:
d1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:27:54:FF:CC:65:AD:98:16:73:E1:C4:51:C9:36:90:9B:56:41:38
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nidU_8xlrZgWc-HEUck2kJtWQTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.238.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:73:d2:82:13:d5:d6:02:c9:a0:8d:e6:51:84:b0:a3:c4:bb:
b3:d8:c8:b1:be:c3:9a:b2:99:5e:d2:05:a3:70:43:27:29:b4:
d8:d0:ee:bf:98:3b:48:97:7f:4a:e6:fb:14:92:dd:5d:eb:08:
6d:19:2b:3e:70:74:d2:04:5f:ce:4c:31:ca:cd:03:dd:fe:9c:
f0:0b:bb:d1:7c:b7:ab:9a:53:21:fd:d6:75:e3:dc:89:6e:84:
24:e9:cf:ac:b7:74:a9:34:26:75:72:5c:8a:16:93:ed:29:4c:
11:da:a9:f4:64:d1:f1:30:e9:66:df:78:fe:27:29:b8:f0:02:
f6:d6:f7:93:4d:c6:64:ef:01:a1:5b:42:48:a8:92:4e:eb:39:
7e:8a:0f:af:e5:75:0b:ac:f7:ec:0b:a6:6d:43:42:23:53:68:
b0:ad:d4:4e:b8:a3:ec:90:d8:9d:48:c5:d8:9d:7b:21:2e:98:
3f:87:77:bc:8b:b0:ad:04:71:ad:d4:6e:36:0b:df:24:1f:f9:
f1:29:0f:7c:78:ae:8f:79:9e:f1:62:83:99:aa:92:30:d6:61:
40:73:d9:87:71:ee:0d:b7:9f:7c:10:61:d8:c3:1f:4e:96:bf:
9f:1b:b8:74:75:da:ea:fb:59:66:22:40:88:8a:6e:a9:48:35:
e3:ea:cb:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+65IgFoA1WQ3xn3jqoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI3NTRmZmNjNjVhZDk4MTY3M2UxYzQ1MWM5MzY5MDliNTY0MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+mel9TgqpytT7ysX1i8xusK5iiW
AznT7/6CYgFZBsprAKZDDz501jiAWTmKBfLJBLhdkQi9TD/Mej5Tk6hovCT33s8y
dF44aCEWNyhv1KzdsOMYzcbh6RYfvBE35w2DHMip5WyuaAMFcXyh1kU6Ral4eVMa
l8O81WEzF9cUsfzdwEXmmF9/9cRPcGJohmozfOM8FP1GKRdNfn3We+5nmsZAEL/c
Weo2ZWk4Rk2j5qzeEciNx++BsXz7bEPtz3eOfZALtDgIJHxI6GVUxe7kmsD5TLPC
5o+XUaJHa2FNPwskze8UMMgWsJVh7jUctmiT6qEWjSnCbKmzWI8IznbRuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4nVP/MZa2YFnPhxFHJNpCbVkE4MB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvbmlkVV84eGxyWmdXYy1IRVVjazJrSnRXUVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/LuMA0G
CSqGSIb3DQEBCwUAA4IBAQC0c9KCE9XWAsmgjeZRhLCjxLuz2MixvsOasple0gWj
cEMnKbTY0O6/mDtIl39K5vsUkt1d6whtGSs+cHTSBF/OTDHKzQPd/pzwC7vRfLer
mlMh/dZ149yJboQk6c+st3SpNCZ1clyKFpPtKUwR2qn0ZNHxMOlm33j+Jym48AL2
1veTTcZk7wGhW0JIqJJO6zl+ig+v5XULrPfsC6ZtQ0IjU2iwrdROuKPskNidSMXY
nXshLpg/h3e8i7CtBHGt1G42C98kH/nxKQ98eK6PeZ7xYoOZqpIw1mFAc9mHce4N
t598EGHYwx9Olr+fG7h0ddrq+1lmIkCIim6pSDXj6svP
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:56:47 2024 by rpki-client on console-ams.rpki-client.org