Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/9rC0u6gqyJHApMu_J1WKJJ3qWHc.roa
File: 9rC0u6gqyJHApMu_J1WKJJ3qWHc.roa (raw, json)
Hash identifier: Z8aXPMxgzbyBomUs7Y/ksOo3IP1CWD5Tk/E1imLMe0A=
Subject key identifier: F6:B0:B4:BB:A8:2A:C8:91:C0:A4:CB:BF:27:55:8A:24:9D:EA:58:77
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0187E11A32A1ED468FA64D74BCE7CB92DF65
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/9rC0u6gqyJHApMu_J1WKJJ3qWHc.roa
Signing time: Wed 03 May 2023 10:13:23 +0000
ROA not before: Wed 03 May 2023 10:13:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
194.48.200.0/24 maxlen: 24
2a0f:6280::/30 maxlen: 48
2a0f:6284::/30 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:1a:32:a1:ed:46:8f:a6:4d:74:bc:e7:cb:92:df:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: May 3 10:13:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6b0b4bba82ac891c0a4cbbf27558a249dea5877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1d:76:82:ac:16:b6:c6:cf:e5:16:b4:48:d1:
67:86:b4:b0:1a:75:3d:9d:69:11:bb:8b:7d:99:74:
a4:b2:99:b9:57:f9:3b:fd:4d:85:da:8d:2a:f0:c0:
d4:1f:89:d5:70:dd:c4:56:c9:69:c5:8e:14:3e:66:
49:b6:59:41:0b:fb:34:e6:98:f9:01:03:cd:3b:d1:
a9:c0:32:c0:de:45:4f:a6:9f:bd:74:e7:12:0c:36:
e1:5a:76:d5:bd:9f:e5:ca:dd:df:bc:5d:b8:03:e6:
f3:b2:a6:93:9f:53:8e:7a:a2:9b:3b:c4:0c:16:7c:
2d:04:97:c3:75:d1:1f:dc:9a:11:3b:ea:f8:48:21:
61:a0:4b:b4:5f:01:78:e0:2a:38:a3:f6:7c:ad:10:
65:4e:7b:39:44:60:a3:e5:f1:ce:87:40:04:c6:94:
76:44:17:49:6e:05:b2:97:ee:31:ad:af:44:4a:bd:
05:27:4e:bf:44:bd:b0:1e:18:b2:1f:05:8e:b7:fd:
42:cd:7b:a4:5c:9f:78:46:f8:8b:15:da:75:7e:5c:
1d:86:02:09:f4:b7:01:58:ef:28:20:ee:84:cc:2f:
d7:81:99:64:a9:d2:d3:7d:32:46:c1:10:7e:0a:e0:
bf:fc:78:12:63:4f:68:5e:7a:80:fa:07:99:b8:04:
1d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B0:B4:BB:A8:2A:C8:91:C0:A4:CB:BF:27:55:8A:24:9D:EA:58:77
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/9rC0u6gqyJHApMu_J1WKJJ3qWHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
194.48.200.0/24
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
3d:26:76:f0:f5:a1:98:b5:0e:68:04:34:b4:d9:24:e2:d9:e0:
90:45:4a:6c:f7:3d:fe:78:da:70:55:9e:a2:5d:94:9f:3a:63:
7a:69:6e:bd:dc:f9:f1:2d:d4:81:92:24:28:d1:61:45:60:86:
43:c6:ea:8e:31:60:39:c6:c5:58:8f:81:ad:12:43:26:77:aa:
50:72:87:7a:96:aa:5d:8f:3c:d0:51:56:9f:c2:ec:aa:28:ec:
5b:47:19:5b:a4:7a:d1:c3:ec:e7:99:ee:fc:af:0b:70:8e:cd:
aa:73:ca:b7:fc:eb:51:9e:02:48:33:72:08:75:a8:4c:78:20:
6e:ce:0f:ad:4a:2e:6a:d8:15:b7:bc:03:86:84:4c:f6:af:85:
48:e4:31:21:28:e8:43:23:78:ff:cb:da:14:bd:27:bd:14:48:
8c:c7:11:a6:b4:38:23:d5:16:55:35:4d:00:59:2d:48:bb:42:
e7:3e:71:03:93:c2:52:29:24:17:ef:02:42:25:c4:66:97:d9:
42:2a:72:c2:55:8b:58:43:a0:0e:6a:f4:79:73:f0:73:6b:39:
b1:3c:dc:85:88:e8:c8:e1:20:d1:1a:4d:dc:2f:2b:85:8f:95:
30:bb:af:9c:9b:82:58:7c:4d:61:3a:c8:a7:53:66:ee:02:5b:
d9:62:4e:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfhGjKh7UaPpk10vOfLkt9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjMwNTAzMTAxMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmIwYjRiYmE4MmFjODkxYzBhNGNiYmYyNzU1OGEyNDlkZWE1ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx12gqwWtsbP5Ra0SNFnhrSwGnU9
nWkRu4t9mXSkspm5V/k7/U2F2o0q8MDUH4nVcN3EVslpxY4UPmZJtllBC/s05pj5
AQPNO9GpwDLA3kVPpp+9dOcSDDbhWnbVvZ/lyt3fvF24A+bzsqaTn1OOeqKbO8QM
FnwtBJfDddEf3JoRO+r4SCFhoEu0XwF44Co4o/Z8rRBlTns5RGCj5fHOh0AExpR2
RBdJbgWyl+4xra9ESr0FJ06/RL2wHhiyHwWOt/1CzXukXJ94RviLFdp1flwdhgIJ
9LcBWO8oIO6EzC/XgZlkqdLTfTJGwRB+CuC//HgSY09oXnqA+geZuAQdlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPawtLuoKsiRwKTLvydViiSd6lh3MB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvOXJDMHU2Z3F5SkhBcE11X0oxV0tKSjNxV0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8E4AwQA
wjDIMA0EAgACMAcDBQMqD2KAMA0GCSqGSIb3DQEBCwUAA4IBAQA9Jnbw9aGYtQ5o
BDS02STi2eCQRUps9z3+eNpwVZ6iXZSfOmN6aW693PnxLdSBkiQo0WFFYIZDxuqO
MWA5xsVYj4GtEkMmd6pQcod6lqpdjzzQUVafwuyqKOxbRxlbpHrRw+znme78rwtw
js2qc8q3/OtRngJIM3IIdahMeCBuzg+tSi5q2BW3vAOGhEz2r4VI5DEhKOhDI3j/
y9oUvSe9FEiMxxGmtDgj1RZVNU0AWS1Iu0LnPnEDk8JSKSQX7wJCJcRml9lCKnLC
VYtYQ6AOavR5c/BzazmxPNyFiOjI4SDRGk3cLyuFj5Uwu6+cm4JYfE1hOsinU2bu
AlvZYk6h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:18 2024 by rpki-client on console-fra.rpki-client.org