Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/QpIlPpNWlhO0mxJ0Ho7sw9xwjpU.roa
File: QpIlPpNWlhO0mxJ0Ho7sw9xwjpU.roa (raw, json)
Hash identifier: tbdRGviIqPTdxjvnpC2cV3zb7GXzyfHoUs8OsoIK6JY=
Subject key identifier: 42:92:25:3E:93:56:96:13:B4:9B:12:74:1E:8E:EC:C3:DC:70:8E:95
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 04C1CAAD
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/QpIlPpNWlhO0mxJ0Ho7sw9xwjpU.roa
Signing time: Thu 14 Apr 2022 06:55:35 +0000
ROA not before: Thu 14 Apr 2022 06:55:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.208.69.0/24 maxlen: 24
91.208.73.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
194.156.150.0/24 maxlen: 24
194.156.150.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79809197 (0x4c1caad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Apr 14 06:55:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4292253e93569613b49b12741e8eecc3dc708e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:3b:cc:2e:cc:3b:db:03:45:80:98:2a:0f:
52:4a:37:68:88:62:dd:1d:e0:ad:30:c3:47:18:02:
ee:e0:9a:96:81:2a:f7:5b:28:ad:62:48:43:22:66:
08:76:01:0a:ad:97:b6:72:8b:b5:57:c5:bf:5e:3b:
99:4a:22:bd:aa:e9:61:19:e2:6c:ac:7c:83:b1:6d:
b2:a4:a2:34:53:2b:b7:14:ee:67:44:3b:9e:16:c3:
86:16:fd:e4:e5:f3:3c:6f:c8:b8:a4:e3:40:a6:b2:
bb:58:ae:c7:b6:55:b7:89:f6:86:e3:12:66:6f:df:
4e:78:a2:95:7a:77:3b:36:3d:c7:4b:4d:8d:12:ca:
47:33:db:5a:90:11:75:2f:66:69:4a:96:ac:78:12:
1f:27:5f:6e:69:d4:ec:6d:58:18:5d:da:ac:7e:94:
da:91:35:31:e9:57:ae:ea:62:99:3a:8a:be:6a:a1:
20:e6:61:9e:4b:e3:0f:b2:cf:af:04:d3:23:ce:d0:
d4:f1:5a:a7:1d:57:19:c1:06:7e:0b:78:c5:f2:cb:
79:c5:b2:60:6b:71:86:b5:f7:63:70:5f:44:b3:7e:
e1:26:e1:50:49:d1:f8:30:3e:2f:55:07:2a:62:96:
cb:b4:55:43:c0:52:e9:e6:56:8a:50:8c:50:da:ae:
00:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:25:3E:93:56:96:13:B4:9B:12:74:1E:8E:EC:C3:DC:70:8E:95
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/QpIlPpNWlhO0mxJ0Ho7sw9xwjpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.69.0/24
91.208.73.0/24
194.156.150.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:fd:f4:68:ae:62:70:68:0e:e6:8b:67:8c:ca:76:b4:7f:86:
5d:b3:ea:b6:f6:13:cf:65:9e:bb:ad:d5:c2:e0:15:09:13:d8:
b1:5f:7b:38:06:f1:1d:61:79:ea:43:e7:58:ae:5f:5c:29:bb:
78:d0:cd:36:e9:6c:2d:e2:06:31:6d:1b:ca:79:d6:b0:b4:cc:
e8:02:c2:72:3c:f2:5e:6e:58:4f:7a:99:45:ed:13:cf:e9:55:
60:ed:3e:df:7f:45:4e:8d:3b:7b:2a:17:2c:eb:19:32:e9:e0:
5d:87:19:7f:ee:d1:14:14:ec:a6:d7:07:a1:57:bd:e9:aa:52:
88:7e:c5:5f:7a:a4:1d:b8:75:29:79:e9:92:19:f2:01:42:62:
b6:51:62:d1:fb:d3:79:14:75:b9:86:da:4a:44:95:c4:36:40:
4c:7d:91:6b:5f:4b:ed:5f:ab:a7:14:c2:e3:fd:01:cb:ca:13:
54:1b:a0:9a:b5:76:d7:9e:cc:ca:41:6a:51:b4:42:3b:ab:39:
7f:63:7e:24:2d:04:fd:e5:32:c5:5c:83:86:1b:5c:08:ca:29:
01:1b:49:28:26:d3:a0:bc:b5:d9:37:0e:2f:42:b8:58:6e:29:
58:28:b8:b6:6b:7b:fa:32:07:59:e2:d1:87:1a:33:16:e1:79:
95:a7:f4:b7
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBMHKrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDQx
NDA2NTUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI5MjI1M2U5MzU2
OTYxM2I0OWIxMjc0MWU4ZWVjYzNkYzcwOGU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt0O8wuzDvbA0WAmCoPUko3aIhi3R3grTDDRxgC7uCaloEq
91sorWJIQyJmCHYBCq2XtnKLtVfFv147mUoivarpYRnibKx8g7FtsqSiNFMrtxTu
Z0Q7nhbDhhb95OXzPG/IuKTjQKayu1iux7ZVt4n2huMSZm/fTniilXp3OzY9x0tN
jRLKRzPbWpARdS9maUqWrHgSHydfbmnU7G1YGF3arH6U2pE1MelXrupimTqKvmqh
IOZhnkvjD7LPrwTTI87Q1PFapx1XGcEGfgt4xfLLecWyYGtxhrX3Y3BfRLN+4Sbh
UEnR+DA+L1UHKmKWy7RVQ8BS6eZWilCMUNquAH8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRCkiU+k1aWE7SbEnQejuzD3HCOlTAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L1FwSWxQcE5XbGhPMG14SjBIbzdzdzl4d2pwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvQRQMEAFvQSQMEAcKcljANBgkq
hkiG9w0BAQsFAAOCAQEAtf30aK5icGgO5otnjMp2tH+GXbPqtvYTz2Weu63VwuAV
CRPYsV97OAbxHWF56kPnWK5fXCm7eNDNNulsLeIGMW0bynnWsLTM6ALCcjzyXm5Y
T3qZRe0Tz+lVYO0+339FTo07eyoXLOsZMungXYcZf+7RFBTsptcHoVe96apSiH7F
X3qkHbh1KXnpkhnyAUJitlFi0fvTeRR1uYbaSkSVxDZATH2Ra19L7V+rpxTC4/0B
y8oTVBugmrV2157MykFqUbRCO6s5f2N+JC0E/eUyxVyDhhtcCMopARtJKCbToLy1
2TcOL0K4WG4pWCi4tmt7+jIHWeLRhxozFuF5laf0tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org