Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/GoKjq11r1uroREjBMyD8VvNzFq8.roa
File: GoKjq11r1uroREjBMyD8VvNzFq8.roa (raw, json)
Hash identifier: JxBRaVy1Vunh/IdWlzjYmPE8uRulVlOT5i7zfVYeGMk=
Subject key identifier: 1A:82:A3:AB:5D:6B:D6:EA:E8:44:48:C1:33:20:FC:56:F3:73:16:AF
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 01831857B04E24D88241F8BD0A36FF3DE4A7
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/GoKjq11r1uroREjBMyD8VvNzFq8.roa
Signing time: Wed 07 Sep 2022 14:25:43 +0000
ROA not before: Wed 07 Sep 2022 14:25:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
2a0f:6280::/30 maxlen: 48
2a0f:6284::/30 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:57:b0:4e:24:d8:82:41:f8:bd:0a:36:ff:3d:e4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Sep 7 14:25:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a82a3ab5d6bd6eae84448c13320fc56f37316af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:84:13:e7:b8:aa:d8:77:5a:09:16:6a:b0:
44:77:79:be:32:de:34:6d:11:b4:e8:3e:d2:c1:34:
b4:18:72:ac:3c:d1:f2:32:53:10:c8:56:a5:03:a3:
70:87:8a:cd:4b:79:7b:93:a7:39:b7:df:29:5e:92:
16:9a:3d:e1:e6:94:52:0e:07:39:6d:80:5b:cb:cb:
26:b0:5c:f8:51:f0:6c:e5:05:eb:b1:55:4a:e4:cc:
de:07:0a:db:20:84:b3:06:86:05:62:5f:0f:fe:55:
e8:75:41:11:ab:ed:93:77:14:9d:53:85:04:88:2d:
3d:cd:13:e9:61:e3:4f:67:c2:30:65:4e:a3:30:b7:
25:9d:0e:8d:79:1f:e7:aa:e4:f9:86:80:40:95:3b:
2d:37:31:2d:d6:ee:10:78:2d:6b:b9:07:12:5f:04:
a9:5a:4d:e1:03:8f:c7:2d:00:da:92:f7:ac:35:f6:
31:2d:61:85:fc:54:79:cf:08:63:6b:f9:a5:a5:9e:
ef:e5:2a:4a:dd:1e:36:46:90:67:0b:fa:e2:62:ce:
10:1d:fe:42:a3:99:39:c6:fd:0f:51:11:e0:8f:83:
ec:ba:d7:21:46:19:31:5e:9a:ff:17:e3:52:a3:80:
8c:d0:c3:d8:28:c7:7c:13:7d:36:a3:6e:8e:13:14:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:82:A3:AB:5D:6B:D6:EA:E8:44:48:C1:33:20:FC:56:F3:73:16:AF
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/GoKjq11r1uroREjBMyD8VvNzFq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
4d:97:60:c6:2d:db:5d:8f:89:5d:3c:7f:af:8b:bc:f1:05:59:
51:e7:4e:92:45:f3:8e:5c:04:be:60:23:ac:e3:23:7e:9f:53:
21:df:07:46:1f:c1:ff:9d:5f:dd:29:a8:70:5d:5e:4e:8d:ec:
f7:93:b0:f6:21:70:c1:b4:ea:b9:1f:f1:d5:68:14:f3:f9:77:
cc:9d:19:98:44:83:f7:3c:5a:57:46:d7:db:7e:bc:fa:18:85:
dc:e2:34:1f:4c:db:1f:55:09:60:9b:10:48:ff:77:49:fd:ba:
f7:6e:82:49:89:5c:fe:b3:c4:89:6a:6a:7e:15:b8:3e:4b:14:
fd:5a:17:cc:7c:83:54:51:35:ff:1e:36:69:93:b8:b8:e8:a8:
62:fb:cf:a8:22:2d:38:e5:96:0d:33:d4:09:79:60:73:77:ae:
e7:01:0c:04:1c:2e:07:f4:67:d7:ea:64:a2:71:d3:c6:5a:25:
a1:bd:5e:a7:97:9d:71:12:d3:bc:a8:df:b9:a5:92:e6:7c:ba:
77:67:e5:3e:32:82:20:bf:5e:3f:06:64:a4:85:a3:4b:fc:11:
14:dc:1b:b1:bf:65:70:af:ec:5b:75:2f:4e:f7:18:f2:4e:1a:
3b:8e:1f:d8:c0:26:c9:a3:30:32:9a:4c:8a:82:04:79:f0:d2:
b7:50:f6:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMYV7BOJNiCQfi9Cjb/PeSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIwOTA3MTQyNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgyYTNhYjVkNmJkNmVhZTg0NDQ4YzEzMzIwZmM1NmYzNzMxNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4euEE+e4qth3WgkWarBEd3m+Mt40
bRG06D7SwTS0GHKsPNHyMlMQyFalA6Nwh4rNS3l7k6c5t98pXpIWmj3h5pRSDgc5
bYBby8smsFz4UfBs5QXrsVVK5MzeBwrbIISzBoYFYl8P/lXodUERq+2TdxSdU4UE
iC09zRPpYeNPZ8IwZU6jMLclnQ6NeR/nquT5hoBAlTstNzEt1u4QeC1ruQcSXwSp
Wk3hA4/HLQDakvesNfYxLWGF/FR5zwhja/mlpZ7v5SpK3R42RpBnC/riYs4QHf5C
o5k5xv0PURHgj4PsutchRhkxXpr/F+NSo4CM0MPYKMd8E302o26OExR7aQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBqCo6tda9bq6ERIwTMg/FbzcxavMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvR29LanExMXIxdXJvUkVqQk15RDhWdk56RnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8E4MA0E
AgACMAcDBQMqD2KAMA0GCSqGSIb3DQEBCwUAA4IBAQBNl2DGLdtdj4ldPH+vi7zx
BVlR506SRfOOXAS+YCOs4yN+n1Mh3wdGH8H/nV/dKahwXV5Ojez3k7D2IXDBtOq5
H/HVaBTz+XfMnRmYRIP3PFpXRtfbfrz6GIXc4jQfTNsfVQlgmxBI/3dJ/br3boJJ
iVz+s8SJamp+Fbg+SxT9WhfMfINUUTX/HjZpk7i46Khi+8+oIi045ZYNM9QJeWBz
d67nAQwEHC4H9GfX6mSicdPGWiWhvV6nl51xEtO8qN+5pZLmfLp3Z+U+MoIgv14/
BmSkhaNL/BEU3Buxv2Vwr+xbdS9O9xjyTho7jh/YwCbJozAymkyKggR58NK3UPaU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:18 2024 by rpki-client on console-fra.rpki-client.org