Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/unIh9WcB9lSeHm2WDf87Qn93GjI.roa
File: unIh9WcB9lSeHm2WDf87Qn93GjI.roa (raw, json)
Hash identifier: DikWgHnXURImTK+okbDAo5I0W3CRvjsmFGQz3S8LtzE=
Subject key identifier: BA:72:21:F5:67:01:F6:54:9E:1E:6D:96:0D:FF:3B:42:7F:77:1A:32
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 01856D8B00F7454B05540B2DAA53E39199B3
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/unIh9WcB9lSeHm2WDf87Qn93GjI.roa
Signing time: Sun 01 Jan 2023 13:35:04 +0000
ROA not before: Sun 01 Jan 2023 13:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
2a0f:6280::/30 maxlen: 48
2a0f:6284::/30 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:00:f7:45:4b:05:54:0b:2d:aa:53:e3:91:99:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Jan 1 13:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba7221f56701f6549e1e6d960dff3b427f771a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:9f:ff:1e:3c:32:28:05:45:3e:fd:cd:71:
4b:06:50:e2:dd:e1:dd:c7:c9:3c:07:c6:ab:76:5f:
61:73:27:f0:4f:f9:da:17:09:5d:26:c6:9b:2a:58:
5c:17:c3:13:b2:13:94:90:76:42:87:15:27:d0:14:
c4:71:11:78:3d:8d:77:ff:da:4d:d8:7d:52:e9:15:
ba:6d:00:23:46:d5:a9:d6:80:68:f0:5d:08:aa:91:
9c:1b:5e:85:9c:6e:60:e2:9a:34:96:3c:4e:15:63:
44:76:8e:c6:76:50:e3:d5:cb:72:ef:42:6e:74:02:
64:72:bf:77:03:ca:fd:09:83:70:bb:ae:f1:e1:e4:
c3:e1:4f:70:5e:8c:62:17:ff:ab:e2:28:60:2c:40:
97:e4:fa:f1:7a:93:f8:14:6d:8c:0e:dd:18:03:55:
7a:2d:0c:05:89:4b:7c:19:a4:75:aa:75:48:22:03:
e5:2d:ff:9d:cf:30:68:0f:0e:4d:0c:83:e7:f4:0c:
15:ad:d1:ba:9d:93:1f:2f:65:6b:2f:d2:e1:41:c2:
19:80:6d:f5:35:5d:7c:ca:17:df:ce:2c:eb:e1:32:
67:95:0b:4e:49:8f:91:0e:97:ba:0a:83:4d:28:f8:
cf:11:c6:39:21:3c:1f:12:a3:44:71:8e:e8:d4:c5:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:72:21:F5:67:01:F6:54:9E:1E:6D:96:0D:FF:3B:42:7F:77:1A:32
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/unIh9WcB9lSeHm2WDf87Qn93GjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
83:0a:a9:d6:0d:6e:a3:b7:a4:8e:33:cd:17:5c:e6:d5:03:34:
73:ff:d8:b9:f5:19:78:2c:00:37:59:11:99:17:d6:4d:90:a2:
b5:52:1e:0e:aa:b6:9d:ae:07:29:04:64:19:bb:88:a2:4b:d3:
08:06:0e:38:0f:ab:9b:2b:77:dc:b6:ac:57:f0:5c:da:d9:25:
b4:de:a9:fb:9a:7b:89:ee:48:f9:0b:2e:57:fb:7e:4f:5e:b9:
6c:2c:28:ab:b6:15:a8:7c:b3:8a:6e:b5:41:12:9c:2c:cc:f5:
74:47:f1:c0:39:47:5c:19:71:0c:57:b9:13:d3:2f:2f:64:83:
81:8c:22:17:84:b2:48:fa:b8:ed:c4:a8:16:4b:80:60:2a:bb:
e2:f5:a9:ba:4f:23:38:16:66:e9:e6:39:ef:93:d4:93:12:e6:
76:0b:ba:6a:b9:65:7f:2e:c6:00:9f:0e:88:22:ab:b6:5a:2d:
5d:01:ba:f4:07:80:3c:84:52:f1:2d:57:29:d5:e5:e6:3b:40:
d6:3c:56:75:bb:8b:61:fc:dd:b4:95:0a:ee:28:f5:24:88:ff:
34:51:05:2e:6e:f6:af:c0:f1:39:86:0a:0f:31:a8:be:bc:b4:
3a:00:b0:96:35:67:dd:da:87:c6:63:9b:52:b9:dd:91:c5:50:
de:3d:26:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtiwD3RUsFVAstqlPjkZmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjMwMTAxMTMzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTcyMjFmNTY3MDFmNjU0OWUxZTZkOTYwZGZmM2I0MjdmNzcxYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsSf/x48MigFRT79zXFLBlDi3eHd
x8k8B8ardl9hcyfwT/naFwldJsabKlhcF8MTshOUkHZChxUn0BTEcRF4PY13/9pN
2H1S6RW6bQAjRtWp1oBo8F0IqpGcG16FnG5g4po0ljxOFWNEdo7GdlDj1cty70Ju
dAJkcr93A8r9CYNwu67x4eTD4U9wXoxiF/+r4ihgLECX5PrxepP4FG2MDt0YA1V6
LQwFiUt8GaR1qnVIIgPlLf+dzzBoDw5NDIPn9AwVrdG6nZMfL2VrL9LhQcIZgG31
NV18yhffzizr4TJnlQtOSY+RDpe6CoNNKPjPEcY5ITwfEqNEcY7o1MUZ2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLpyIfVnAfZUnh5tlg3/O0J/dxoyMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvdW5JaDlXY0I5bFNlSG0yV0RmODdRbjkzR2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8E4MA0E
AgACMAcDBQMqD2KAMA0GCSqGSIb3DQEBCwUAA4IBAQCDCqnWDW6jt6SOM80XXObV
AzRz/9i59Rl4LAA3WRGZF9ZNkKK1Uh4OqradrgcpBGQZu4iiS9MIBg44D6ubK3fc
tqxX8Fza2SW03qn7mnuJ7kj5Cy5X+35PXrlsLCirthWofLOKbrVBEpwszPV0R/HA
OUdcGXEMV7kT0y8vZIOBjCIXhLJI+rjtxKgWS4BgKrvi9am6TyM4Fmbp5jnvk9ST
EuZ2C7pquWV/LsYAnw6IIqu2Wi1dAbr0B4A8hFLxLVcp1eXmO0DWPFZ1u4th/N20
lQruKPUkiP80UQUubvavwPE5hgoPMai+vLQ6ALCWNWfd2ofGY5tSud2RxVDePSaX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:19 2024 by rpki-client on console-fra.rpki-client.org