Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/HpWR3NS2CQ8_QUFTF7CFBtIRyDk.roa
File: HpWR3NS2CQ8_QUFTF7CFBtIRyDk.roa (raw, json)
Hash identifier: iF4wmCIgRljRcC00mV7yDM0Xm8R9nKzRcx9zAzMR3v4=
Subject key identifier: 1E:95:91:DC:D4:B6:09:0F:3F:41:41:53:17:B0:85:06:D2:11:C8:39
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018E3243C2ABA897B1E397CD569D0BC68D58
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/HpWR3NS2CQ8_QUFTF7CFBtIRyDk.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.247.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c2:ab:a8:97:b1:e3:97:cd:56:9d:0b:c6:8d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e9591dcd4b6090f3f41415317b08506d211c839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:90:34:75:48:61:98:48:dc:ac:c9:8f:cd:de:
a8:ad:cd:3c:1c:a0:39:f1:e6:75:66:78:43:57:80:
94:a9:21:35:30:25:8a:66:38:f0:a5:bf:d8:05:30:
f9:36:70:f4:26:de:af:c1:42:3a:d2:23:da:e4:ed:
5b:0d:dc:78:79:9b:e9:11:ca:47:80:04:b2:e3:36:
cc:42:09:95:1f:63:0e:21:22:fd:47:7a:58:ff:ca:
f4:a8:d9:33:cf:e7:2c:76:c6:5f:60:77:07:e4:18:
a4:d6:d5:5e:4d:4a:36:8c:13:96:34:51:2b:96:70:
3e:01:ed:77:46:fe:0e:82:ed:80:09:94:e7:94:65:
38:ca:1b:64:04:01:b2:74:30:10:57:a5:93:51:ba:
62:5a:a2:aa:80:cc:cc:53:21:53:c8:d2:40:f9:66:
24:2b:a1:95:39:f2:00:d4:e8:68:c7:a5:6b:6a:39:
8e:0f:41:ff:d2:4c:a7:1f:d3:61:04:e6:0e:c9:d1:
c5:64:67:9f:c3:8a:c3:cd:f7:75:07:af:1d:33:b7:
08:8b:d9:79:18:18:58:44:b1:20:07:1d:ed:d1:e0:
c5:a1:14:14:61:5f:b7:19:2b:33:76:01:83:ed:6c:
2b:a0:c3:b3:69:d1:a9:58:00:48:b4:d5:5c:9e:b4:
ad:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:95:91:DC:D4:B6:09:0F:3F:41:41:53:17:B0:85:06:D2:11:C8:39
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/HpWR3NS2CQ8_QUFTF7CFBtIRyDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.162.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:23:da:7e:b7:6d:6b:c3:4e:bc:5d:6f:b8:8b:12:f6:f6:97:
63:1b:0c:6d:7d:f9:d0:6b:de:0e:1e:ef:89:be:c2:42:8c:f4:
15:b3:ad:e6:ce:4f:e6:75:82:3f:b2:ba:c5:29:5d:b6:18:fe:
24:e3:34:42:3b:b5:28:2a:4e:5e:83:2a:70:75:84:cd:14:9b:
31:0d:84:38:b6:6e:5f:9e:42:27:6a:0d:b8:4c:d4:c5:fe:af:
0d:83:60:57:1d:ee:c3:c2:f5:5c:2f:47:ca:39:69:f4:68:1e:
85:1e:02:39:27:ed:a4:d0:db:87:01:73:48:41:93:02:f9:71:
a3:c5:70:0e:dc:99:c5:b6:f1:80:96:0f:f3:65:e6:8f:51:d9:
ec:3f:77:63:20:62:6a:23:bf:a1:a1:08:5b:da:13:f2:58:ad:
32:dd:1f:8f:70:8e:8f:55:f6:47:c6:65:e0:f8:fd:7f:6c:c0:
94:26:7a:2b:e0:b7:fa:af:04:9c:c1:c1:34:9e:c1:99:71:69:
c8:f3:dd:0f:55:be:07:f3:18:b2:c3:0e:a0:2a:5f:96:c3:f5:
e4:f1:9b:8c:9c:c8:e9:06:6c:1c:a0:5d:af:d6:7e:20:ae:10:
6f:57:89:06:5d:cc:61:9c:ec:6e:24:e8:52:e1:ad:b0:8f:a2:
63:f9:ac:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8KrqJex45fNVp0Lxo1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk1OTFkY2Q0YjYwOTBmM2Y0MTQxNTMxN2IwODUwNmQyMTFjODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5A0dUhhmEjcrMmPzd6orc08HKA5
8eZ1ZnhDV4CUqSE1MCWKZjjwpb/YBTD5NnD0Jt6vwUI60iPa5O1bDdx4eZvpEcpH
gASy4zbMQgmVH2MOISL9R3pY/8r0qNkzz+csdsZfYHcH5Bik1tVeTUo2jBOWNFEr
lnA+Ae13Rv4Ogu2ACZTnlGU4yhtkBAGydDAQV6WTUbpiWqKqgMzMUyFTyNJA+WYk
K6GVOfIA1Ohox6VrajmOD0H/0kynH9NhBOYOydHFZGefw4rDzfd1B68dM7cIi9l5
GBhYRLEgBx3t0eDFoRQUYV+3GSszdgGD7WwroMOzadGpWABItNVcnrStswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6VkdzUtgkPP0FBUxewhQbSEcg5MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvSHBXUjNOUzJDUThfUVVGVEY3Q0ZCdElSeURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/eiMA0G
CSqGSIb3DQEBCwUAA4IBAQC3I9p+t21rw068XW+4ixL29pdjGwxtffnQa94OHu+J
vsJCjPQVs63mzk/mdYI/srrFKV22GP4k4zRCO7UoKk5egypwdYTNFJsxDYQ4tm5f
nkInag24TNTF/q8Ng2BXHe7DwvVcL0fKOWn0aB6FHgI5J+2k0NuHAXNIQZMC+XGj
xXAO3JnFtvGAlg/zZeaPUdnsP3djIGJqI7+hoQhb2hPyWK0y3R+PcI6PVfZHxmXg
+P1/bMCUJnor4Lf6rwScwcE0nsGZcWnI890PVb4H8xiyww6gKl+Ww/Xk8ZuMnMjp
BmwcoF2v1n4grhBvV4kGXcxhnOxuJOhS4a2wj6Jj+awM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org