Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5WxS4NEoP13m12yX6r70gdx14eI.roa
File: 5WxS4NEoP13m12yX6r70gdx14eI.roa (raw, json)
Hash identifier: kplE9XlYSNuNVhnDrMcdJSs3MoGg6QZvelheJypxGEA=
Subject key identifier: E5:6C:52:E0:D1:28:3F:5D:E6:D7:6C:97:EA:BE:F4:81:DC:75:E1:E2
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0187FACE13158042F7E303D13EE1E313FFA5
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5WxS4NEoP13m12yX6r70gdx14eI.roa
Signing time: Mon 08 May 2023 10:00:21 +0000
ROA not before: Mon 08 May 2023 10:00:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.213.186.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:ce:13:15:80:42:f7:e3:03:d1:3e:e1:e3:13:ff:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 8 10:00:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e56c52e0d1283f5de6d76c97eabef481dc75e1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:76:90:a7:c5:2f:09:68:97:e3:02:db:dc:27:
2a:3c:77:a1:67:d0:f9:40:18:eb:d9:e8:b6:07:26:
63:1e:27:09:b5:92:5c:41:5b:1e:d9:79:b5:0d:3d:
a0:f5:db:ed:f8:7b:df:f2:83:f5:f8:f8:cf:45:5f:
e3:85:83:08:79:3a:70:bc:d7:d2:49:b4:4b:28:bb:
9f:8a:dd:0c:6e:4b:29:5e:97:64:73:07:5a:96:f1:
cf:9d:ac:03:f9:d1:ae:4b:db:71:ce:2a:c5:c2:54:
32:f8:53:fe:b5:f8:45:99:6d:08:ca:f8:18:70:b6:
fa:ef:5d:e1:ce:08:3a:6a:ad:af:2a:5f:0d:8f:6e:
98:4f:ec:0e:bf:f6:44:2b:13:95:bb:b2:b2:87:87:
88:60:4b:3a:3c:df:ff:0e:0e:b0:0a:1d:dd:c1:b7:
19:06:15:c8:4f:57:d7:6d:8f:df:a9:c3:db:5c:56:
2f:78:74:a2:7a:a3:e1:23:9c:fa:7c:67:61:7e:b4:
d2:bb:f5:f0:65:51:ee:bf:0d:d7:5a:41:29:9b:3b:
a8:3f:b0:ea:e5:32:e5:ec:00:cc:53:5a:5d:eb:38:
c2:90:d9:88:bd:dc:e9:44:62:8e:0d:5b:7e:a9:6e:
2e:a7:8c:0e:41:95:0f:b8:fe:8b:ec:91:f7:fc:c2:
bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6C:52:E0:D1:28:3F:5D:E6:D7:6C:97:EA:BE:F4:81:DC:75:E1:E2
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5WxS4NEoP13m12yX6r70gdx14eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.186.0/24
91.213.200.0/24
194.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
af:1e:65:f7:67:b2:9f:8b:bb:73:9b:5c:83:3a:ef:53:e9:bd:
f2:f2:d3:01:53:69:0b:bf:ec:60:9a:75:84:2b:03:ce:33:37:
a9:a1:b8:ec:de:31:6f:5c:ea:7a:e6:95:1a:e0:2a:70:4a:0a:
64:29:81:00:06:9e:18:d4:88:c7:e2:ed:1c:20:7b:23:97:a8:
7f:ca:f0:76:25:b0:df:3a:46:a2:28:0a:9d:4d:84:b5:ed:af:
1f:73:06:3b:9a:aa:8f:78:4f:fb:e0:9a:48:34:ed:cd:5a:b6:
7a:3e:99:46:db:92:d1:f5:bb:26:10:9a:f8:c9:ed:1e:89:2a:
7f:c3:bc:5a:7b:12:c4:9d:e8:36:7a:d7:78:12:78:4d:dd:7a:
5d:6a:01:5d:37:f1:9c:47:e3:da:1a:3d:f0:40:db:23:8a:a7:
b1:bc:5d:bc:5f:8e:23:c5:be:fd:2d:ab:39:37:0e:1b:8b:c1:
ec:7f:49:94:14:80:83:16:a5:85:8e:5a:fc:ba:8b:c0:c6:54:
8e:da:fb:3d:ff:ae:19:e3:74:be:7f:e0:ab:02:b5:47:32:ae:
65:35:25:94:ab:66:ad:f7:0c:3b:10:4c:d3:c0:ff:c0:45:dc:
85:4f:1f:1a:ae:8b:59:e9:ee:b4:4e:53:6a:ed:65:b1:90:b7:
23:14:a4:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYf6zhMVgEL34wPRPuHjE/+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTA4MTAwMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZjNTJlMGQxMjgzZjVkZTZkNzZjOTdlYWJlZjQ4MWRjNzVlMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynaQp8UvCWiX4wLb3CcqPHehZ9D5
QBjr2ei2ByZjHicJtZJcQVse2Xm1DT2g9dvt+Hvf8oP1+PjPRV/jhYMIeTpwvNfS
SbRLKLufit0MbkspXpdkcwdalvHPnawD+dGuS9txzirFwlQy+FP+tfhFmW0IyvgY
cLb6713hzgg6aq2vKl8Nj26YT+wOv/ZEKxOVu7Kyh4eIYEs6PN//Dg6wCh3dwbcZ
BhXIT1fXbY/fqcPbXFYveHSieqPhI5z6fGdhfrTSu/XwZVHuvw3XWkEpmzuoP7Dq
5TLl7ADMU1pd6zjCkNmIvdzpRGKODVt+qW4up4wOQZUPuP6L7JH3/MK8vwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOVsUuDRKD9d5tdsl+q+9IHcdeHiMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvNVd4UzRORW9QMTNtMTJ5WDZyNzBnZHgxNGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9W6AwQA
W9XIAwQAwpyXMA0GCSqGSIb3DQEBCwUAA4IBAQCvHmX3Z7Kfi7tzm1yDOu9T6b3y
8tMBU2kLv+xgmnWEKwPOMzepobjs3jFvXOp65pUa4CpwSgpkKYEABp4Y1IjH4u0c
IHsjl6h/yvB2JbDfOkaiKAqdTYS17a8fcwY7mqqPeE/74JpINO3NWrZ6PplG25LR
9bsmEJr4ye0eiSp/w7xaexLEneg2etd4EnhN3XpdagFdN/GcR+PaGj3wQNsjiqex
vF28X44jxb79Las5Nw4bi8Hsf0mUFICDFqWFjlr8uovAxlSO2vs9/64Z43S+f+Cr
ArVHMq5lNSWUq2at9ww7EEzTwP/ARdyFTx8arotZ6e60TlNq7WWxkLcjFKR4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org