Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/4cZvg53WjmHLtcyDcjKNpt_-BdE.roa
File: 4cZvg53WjmHLtcyDcjKNpt_-BdE.roa (raw, json)
Hash identifier: eUcMsM9EQaMDq3Lt9bzNj65sDTO2HN/Gglp20rSPl6g=
Subject key identifier: E1:C6:6F:83:9D:D6:8E:61:CB:B5:CC:83:72:32:8D:A6:DF:FE:05:D1
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 0189B32472C8700240411554824155449380
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/4cZvg53WjmHLtcyDcjKNpt_-BdE.roa
Signing time: Tue 01 Aug 2023 22:07:37 +0000
ROA not before: Tue 01 Aug 2023 22:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206509
IP address blocks: 91.84.0.0/16 maxlen: 16
194.46.32.0/19 maxlen: 19
91.84.0.0/15 maxlen: 16
194.46.64.0/19 maxlen: 19
91.85.0.0/16 maxlen: 16
194.46.80.0/20 maxlen: 20
212.104.128.0/19 maxlen: 19
212.108.80.0/21 maxlen: 21
212.108.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b3:24:72:c8:70:02:40:41:15:54:82:41:55:44:93:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Aug 1 22:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1c66f839dd68e61cbb5cc8372328da6dffe05d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7f:ff:be:24:a0:16:73:d9:e6:0c:82:a3:07:
cb:ea:8f:c6:d8:b4:28:fc:f3:a0:fd:ff:c6:34:5a:
cb:a6:75:b2:25:5e:3f:f3:5c:34:d3:83:70:64:f8:
cb:11:43:59:79:db:bc:27:0d:8d:dc:61:e0:cf:06:
c1:30:fc:83:30:79:5f:bd:3b:23:d9:04:c9:92:7c:
9d:43:34:96:83:44:1d:eb:4e:86:4c:3f:bb:59:a3:
15:b3:fb:c6:b3:b1:52:c3:23:87:de:a2:99:bc:4c:
72:80:20:e3:5b:c5:d6:f4:4c:79:6a:5e:59:c7:e9:
36:8c:9a:2a:5e:c8:35:8e:35:84:bb:12:09:db:ff:
1e:7b:39:ec:31:5b:db:b0:64:15:69:32:60:e2:ab:
2b:5e:ac:b0:ec:81:4a:5b:05:d3:81:fc:e3:4f:28:
9b:9a:dd:d9:eb:b7:63:a3:3e:27:d5:ef:1e:c9:53:
be:e7:45:76:3e:f9:d3:90:9f:1a:9e:ec:60:be:11:
6c:53:80:3c:39:62:ac:09:36:56:dd:14:59:ee:06:
f3:b6:2b:41:ca:b8:9d:33:97:6c:69:7e:06:86:09:
8d:ee:d7:96:43:b3:a5:e4:9b:0c:f1:1d:55:d5:71:
9e:7a:c7:3c:30:52:57:de:b4:b3:d5:3d:dd:a3:bd:
73:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C6:6F:83:9D:D6:8E:61:CB:B5:CC:83:72:32:8D:A6:DF:FE:05:D1
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/4cZvg53WjmHLtcyDcjKNpt_-BdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/15
194.46.32.0-194.46.95.255
212.104.128.0/19
212.108.80.0-212.108.91.255
Signature Algorithm: sha256WithRSAEncryption
83:52:b2:fd:57:00:79:9f:23:e6:0c:87:53:aa:a8:e9:6a:66:
a1:de:f9:30:5d:a4:2e:ef:d2:d9:af:c6:50:ed:f1:d2:5d:ed:
4b:d2:8e:68:c8:f1:24:d7:49:85:b0:70:e1:e7:78:e6:0e:c0:
31:68:c2:ce:5d:35:d5:3c:53:67:9a:3b:61:b5:f3:92:de:05:
4c:bb:1a:f3:76:a4:6a:41:8c:25:b2:87:60:24:76:3c:f5:f2:
7d:a6:6a:47:ff:c5:f5:13:0c:99:31:71:78:1d:8c:44:05:ac:
d5:47:be:1e:c3:45:3c:1a:18:f1:b7:c9:66:ce:f0:87:92:40:
f0:fd:70:2a:2c:31:0b:c8:c4:2f:81:09:5a:66:83:29:0f:fe:
bf:d0:b5:99:80:22:d3:30:c1:25:7f:00:ff:59:3e:a3:08:d4:
00:e9:23:74:b4:31:e1:94:66:2b:b1:ea:4d:10:08:af:6e:82:
1a:65:04:c5:97:28:b3:22:9f:e1:de:35:16:33:9f:43:7f:b2:
21:ea:1c:6c:41:c9:82:f5:d2:8f:10:21:57:45:2a:b6:dc:1f:
56:81:5d:78:41:94:64:4c:3a:b4:40:13:21:bd:9c:44:13:32:
51:df:8a:06:d7:9f:89:84:de:0e:de:3c:7b:57:7a:ef:52:5e:
4f:9e:e9:c8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYmzJHLIcAJAQRVUgkFVRJOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjMwODAxMjIwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWM2NmY4MzlkZDY4ZTYxY2JiNWNjODM3MjMyOGRhNmRmZmUwNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn//viSgFnPZ5gyCowfL6o/G2LQo
/POg/f/GNFrLpnWyJV4/81w004NwZPjLEUNZedu8Jw2N3GHgzwbBMPyDMHlfvTsj
2QTJknydQzSWg0Qd606GTD+7WaMVs/vGs7FSwyOH3qKZvExygCDjW8XW9Ex5al5Z
x+k2jJoqXsg1jjWEuxIJ2/8eeznsMVvbsGQVaTJg4qsrXqyw7IFKWwXTgfzjTyib
mt3Z67djoz4n1e8eyVO+50V2PvnTkJ8anuxgvhFsU4A8OWKsCTZW3RRZ7gbztitB
yridM5dsaX4GhgmN7teWQ7Ol5JsM8R1V1XGeesc8MFJX3rSz1T3do71z7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOHGb4Od1o5hy7XMg3Iyjabf/gXRMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvNGNadmc1M1dqbUhMdGN5RGNqS05wdF8tQmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMBW1QwDAME
BcIuIAMEBcIuQAMEBdRogDAMAwQE1GxQAwQC1GxYMA0GCSqGSIb3DQEBCwUAA4IB
AQCDUrL9VwB5nyPmDIdTqqjpamah3vkwXaQu79LZr8ZQ7fHSXe1L0o5oyPEk10mF
sHDh53jmDsAxaMLOXTXVPFNnmjthtfOS3gVMuxrzdqRqQYwlsodgJHY89fJ9pmpH
/8X1EwyZMXF4HYxEBazVR74ew0U8Ghjxt8lmzvCHkkDw/XAqLDELyMQvgQlaZoMp
D/6/0LWZgCLTMMElfwD/WT6jCNQA6SN0tDHhlGYrsepNEAivboIaZQTFlyizIp/h
3jUWM59Df7Ih6hxsQcmC9dKPECFXRSq23B9WgV14QZRkTDq0QBMhvZxEEzJR34oG
15+JhN4O3jx7V3rvUl5PnunI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:37 2024 by rpki-client on console-ams.rpki-client.org