Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/KwVtOEL1zVIm-0FaTjDTSOp0RzY.roa
File: KwVtOEL1zVIm-0FaTjDTSOp0RzY.roa (raw, json)
Hash identifier: os4GPncGA6oVlPp0vk6X94hQiaBZErI/7HemwnIKME8=
Subject key identifier: 2B:05:6D:38:42:F5:CD:52:26:FB:41:5A:4E:30:D3:48:EA:74:47:36
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 018410019D28CC527E845659EF3EC8C70DFB
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/KwVtOEL1zVIm-0FaTjDTSOp0RzY.roa
Signing time: Tue 25 Oct 2022 16:37:32 +0000
ROA not before: Tue 25 Oct 2022 16:37:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
2a0f:6280::/31 maxlen: 48
2a0f:6284::/30 maxlen: 48
2a0f:6282::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:01:9d:28:cc:52:7e:84:56:59:ef:3e:c8:c7:0d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Oct 25 16:37:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b056d3842f5cd5226fb415a4e30d348ea744736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b4:32:3b:7b:5e:9f:d2:cf:b2:18:59:6f:4f:
50:46:05:fe:4e:8b:ae:f5:e4:cf:99:af:dd:d3:2f:
bf:77:87:8e:09:cf:68:af:99:07:23:f8:08:63:ed:
2d:6a:31:30:39:63:72:76:fa:20:6a:4a:ca:1f:28:
d1:54:ff:ac:b6:cc:3a:bc:35:ee:33:23:49:34:cf:
fa:06:a5:63:2a:0b:13:96:cc:cf:95:06:39:cf:97:
77:24:3c:a1:43:c4:2c:ab:aa:80:05:ea:82:88:dd:
f3:a3:47:1d:2a:92:40:22:f4:fa:07:6c:01:2c:89:
3a:ab:82:6f:cc:28:db:d0:69:59:1e:b3:67:a8:64:
7b:5a:2e:8e:c1:39:73:bd:31:e1:46:24:9e:a6:64:
91:e9:d9:e6:a5:b2:d9:3a:58:c7:a6:ec:c4:4b:a0:
aa:c2:35:95:1d:a7:3a:de:6c:45:eb:ee:10:03:c1:
e8:b7:51:c5:01:a6:53:b8:fa:56:47:91:c8:e0:b8:
3a:d6:83:71:80:0b:d1:f4:d1:6b:be:0b:60:ce:07:
03:1a:84:c1:59:30:d0:f8:63:9b:6e:b2:57:e4:84:
3e:45:05:c3:34:66:46:2e:aa:b6:4f:24:16:b4:21:
c1:05:24:d3:2a:df:c8:78:0c:45:bd:3d:39:a0:da:
de:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:05:6D:38:42:F5:CD:52:26:FB:41:5A:4E:30:D3:48:EA:74:47:36
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/KwVtOEL1zVIm-0FaTjDTSOp0RzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
IPv6:
2a0f:6280::-2a0f:6282:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:6284::/30
Signature Algorithm: sha256WithRSAEncryption
86:7f:57:0a:02:b6:fc:0f:7f:c0:1f:69:f5:29:71:42:81:87:
8a:f2:25:2b:46:d2:57:1c:0b:b3:33:ec:f9:a5:c5:5f:8f:45:
fe:b1:11:d8:23:0b:e0:00:45:82:1e:4c:33:cc:bc:22:a0:98:
73:9c:17:2f:7e:14:e1:93:15:1b:e0:5d:ef:86:27:dd:29:fd:
17:09:ab:76:40:84:77:76:46:87:5f:3d:c3:a6:a4:19:8c:0e:
91:93:de:8f:3d:38:4b:0f:6c:62:3a:e5:d1:02:6f:78:5e:b8:
61:00:1c:d4:f2:0c:0f:fb:e1:62:09:a2:86:08:66:e1:1f:dd:
b7:2d:94:63:3d:75:be:3a:4c:8d:97:4e:da:74:12:ed:24:b1:
da:18:8f:d8:49:f1:65:a5:28:69:f7:45:eb:6a:0e:5e:93:b3:
f0:60:b7:3b:23:83:6f:32:4e:1f:7b:5a:09:c7:a6:5f:c2:a7:
fc:ef:46:88:4c:50:21:6b:2c:3a:07:c3:ee:dc:8b:73:da:df:
81:16:a7:72:c3:cb:75:13:5f:13:f5:c5:15:54:05:37:e8:c4:
10:ce:85:23:3d:15:30:b2:9b:65:4b:e3:ad:84:d9:1d:a2:63:
be:da:60:92:40:8f:11:33:1d:4a:48:d6:19:4a:81:ac:5a:35:
18:92:37:da
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYQQAZ0ozFJ+hFZZ7z7Ixw37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIxMDI1MTYzNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjA1NmQzODQyZjVjZDUyMjZmYjQxNWE0ZTMwZDM0OGVhNzQ0NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7QyO3ten9LPshhZb09QRgX+Touu
9eTPma/d0y+/d4eOCc9or5kHI/gIY+0tajEwOWNydvogakrKHyjRVP+stsw6vDXu
MyNJNM/6BqVjKgsTlszPlQY5z5d3JDyhQ8Qsq6qABeqCiN3zo0cdKpJAIvT6B2wB
LIk6q4JvzCjb0GlZHrNnqGR7Wi6OwTlzvTHhRiSepmSR6dnmpbLZOljHpuzES6Cq
wjWVHac63mxF6+4QA8Hot1HFAaZTuPpWR5HI4Lg61oNxgAvR9NFrvgtgzgcDGoTB
WTDQ+GObbrJX5IQ+RQXDNGZGLqq2TyQWtCHBBSTTKt/IeAxFvT05oNreeQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCsFbThC9c1SJvtBWk4w00jqdEc2MB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvS3dWdE9FTDF6VkltLTBGYVRqRFRTT3AwUnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBW8E4MB0E
AgACMBcwDgMFByoPYoADBQAqD2KCAwUCKg9ihDANBgkqhkiG9w0BAQsFAAOCAQEA
hn9XCgK2/A9/wB9p9SlxQoGHivIlK0bSVxwLszPs+aXFX49F/rER2CML4ABFgh5M
M8y8IqCYc5wXL34U4ZMVG+Bd74Yn3Sn9FwmrdkCEd3ZGh189w6akGYwOkZPejz04
Sw9sYjrl0QJveF64YQAc1PIMD/vhYgmihghm4R/dty2UYz11vjpMjZdO2nQS7SSx
2hiP2EnxZaUoafdF62oOXpOz8GC3OyODbzJOH3taCcemX8Kn/O9GiExQIWssOgfD
7tyLc9rfgRancsPLdRNfE/XFFVQFN+jEEM6FIz0VMLKbZUvjrYTZHaJjvtpgkkCP
ETMdSkjWGUqBrFo1GJI32g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org