Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/b2nIYWbPhGRe7s6JlH3Aq7cHOiQ.roa
File: b2nIYWbPhGRe7s6JlH3Aq7cHOiQ.roa (raw, json)
Hash identifier: TIVC4+/gRXhg9dUSjqTWBeSrJgI7RjY5NGysE1nIzX4=
Subject key identifier: 6F:69:C8:61:66:CF:84:64:5E:EE:CE:89:94:7D:C0:AB:B7:07:3A:24
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0182B92F86AA4DCAF69AD11551DAABF3594C
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/b2nIYWbPhGRe7s6JlH3Aq7cHOiQ.roa
Signing time: Sat 20 Aug 2022 02:57:55 +0000
ROA not before: Sat 20 Aug 2022 02:57:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
2a0f:6287:1::/48 maxlen: 48
2a0f:6287:3::/48 maxlen: 48
2a0f:6280::/30 maxlen: 48
2a0f:6287::/48 maxlen: 48
2a0f:6284::/30 maxlen: 48
2a0f:6287:2::/48 maxlen: 48
2a0f:6287:4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b9:2f:86:aa:4d:ca:f6:9a:d1:15:51:da:ab:f3:59:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Aug 20 02:57:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f69c86166cf84645eeece89947dc0abb7073a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c5:6c:02:64:28:29:0f:fd:b5:af:f5:e3:99:
24:fd:ea:8e:97:64:55:9e:e2:3c:19:b9:56:cb:09:
74:90:a8:bc:5b:61:8c:e1:a6:9d:f1:aa:38:f8:31:
f2:8f:2a:2e:cb:7d:b1:bf:9f:51:2e:fa:59:7d:dd:
fe:5e:11:65:58:ff:d9:b7:a2:b2:b4:24:24:07:b2:
10:9c:7a:fc:9c:44:c8:7f:4a:33:17:64:91:3f:99:
5a:1b:4b:c0:cf:c1:df:80:54:9b:11:9d:48:f6:0f:
5a:39:e7:06:b3:43:83:bf:df:c8:3e:04:de:76:4a:
06:cc:90:12:82:12:10:7a:54:cc:f6:a4:97:19:cc:
c5:b7:53:52:47:07:ad:2d:90:e9:d0:0a:7f:a8:73:
e0:62:2a:3a:18:eb:d5:4f:49:68:89:9d:23:9c:ad:
59:1f:5d:d4:90:cc:48:00:29:1e:75:3a:06:af:98:
be:d3:a6:ee:d7:dd:c0:f0:27:6f:76:aa:a9:5a:be:
53:81:2b:44:c6:86:48:34:8b:0e:2d:d3:c2:ea:eb:
70:b3:cd:49:bc:47:dc:65:9f:b1:39:87:6d:fd:01:
f4:97:a9:08:92:2d:85:5a:6d:af:09:f6:dd:f2:bb:
b2:41:23:59:ed:c1:27:ee:56:cc:56:7e:c6:20:6b:
30:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:69:C8:61:66:CF:84:64:5E:EE:CE:89:94:7D:C0:AB:B7:07:3A:24
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/b2nIYWbPhGRe7s6JlH3Aq7cHOiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
35:91:f5:e6:92:20:83:91:a9:8b:d2:e7:d3:c3:d1:4b:64:95:
ec:f9:a8:76:6e:b8:d3:76:46:1f:d9:96:cc:1f:b2:b7:f2:fa:
a6:63:75:a4:62:c8:a4:2f:82:4c:d1:7a:3f:dd:43:b3:19:b3:
22:2b:61:81:de:c3:73:b2:43:2c:0e:95:a9:bc:ea:1f:45:17:
45:dc:73:18:8c:17:04:2c:3c:9d:e1:ae:79:83:9c:44:5e:46:
5c:53:d5:a0:ad:1e:fc:10:6a:ca:1c:29:4c:d3:4c:22:a6:f5:
63:58:fa:f2:43:7c:60:c1:6b:04:78:3e:11:fa:6d:29:fb:1e:
9b:75:c0:c3:1d:85:48:7e:a7:4e:90:18:89:d6:6a:9c:97:cf:
f4:62:d7:92:e1:59:a5:0d:84:c9:34:7f:cb:54:cd:f5:d1:0d:
0a:57:84:51:4b:20:f1:4c:4c:08:90:5f:f8:56:6d:cb:2c:00:
07:58:55:d7:99:1f:9f:7c:fd:14:7a:27:65:c3:46:31:62:ea:
b8:b4:eb:5e:b1:35:00:ec:ce:51:8c:41:c5:84:4a:ce:0f:29:
8b:de:96:18:15:35:fb:d2:88:6f:fd:fa:69:51:7a:9e:b6:d4:
55:d7:9b:a8:f2:a9:76:b5:74:72:20:ef:bc:89:9a:0a:23:38:
55:c2:6d:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYK5L4aqTcr2mtEVUdqr81lMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIwODIwMDI1NzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjY5Yzg2MTY2Y2Y4NDY0NWVlZWNlODk5NDdkYzBhYmI3MDczYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncVsAmQoKQ/9ta/145kk/eqOl2RV
nuI8GblWywl0kKi8W2GM4aad8ao4+DHyjyouy32xv59RLvpZfd3+XhFlWP/Zt6Ky
tCQkB7IQnHr8nETIf0ozF2SRP5laG0vAz8HfgFSbEZ1I9g9aOecGs0ODv9/IPgTe
dkoGzJASghIQelTM9qSXGczFt1NSRwetLZDp0Ap/qHPgYio6GOvVT0loiZ0jnK1Z
H13UkMxIACkedToGr5i+06bu193A8CdvdqqpWr5TgStExoZINIsOLdPC6utws81J
vEfcZZ+xOYdt/QH0l6kIki2FWm2vCfbd8ruyQSNZ7cEn7lbMVn7GIGswxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG9pyGFmz4RkXu7OiZR9wKu3BzokMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvYjJuSVlXYlBoR1JlN3M2SmxIM0FxN2NIT2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8E4MA0E
AgACMAcDBQMqD2KAMA0GCSqGSIb3DQEBCwUAA4IBAQA1kfXmkiCDkamL0ufTw9FL
ZJXs+ah2brjTdkYf2ZbMH7K38vqmY3WkYsikL4JM0Xo/3UOzGbMiK2GB3sNzskMs
DpWpvOofRRdF3HMYjBcELDyd4a55g5xEXkZcU9WgrR78EGrKHClM00wipvVjWPry
Q3xgwWsEeD4R+m0p+x6bdcDDHYVIfqdOkBiJ1mqcl8/0YteS4VmlDYTJNH/LVM31
0Q0KV4RRSyDxTEwIkF/4Vm3LLAAHWFXXmR+ffP0Ueidlw0YxYuq4tOtesTUA7M5R
jEHFhErODymL3pYYFTX70ohv/fppUXqettRV15uo8ql2tXRyIO+8iZoKIzhVwm20
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org