Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/QfA1OwIBrkAXE0DgfPZ18TT0O14.roa
File: QfA1OwIBrkAXE0DgfPZ18TT0O14.roa (raw, json)
Hash identifier: 17/PwbG1BIACn3iWlieitEUN+iycv7LP8YEfvSn58iQ=
Subject key identifier: 41:F0:35:3B:02:01:AE:40:17:13:40:E0:7C:F6:75:F1:34:F4:3B:5E
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 0185704BC1EB7F451A318F9BEB615AE8CA3D
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/QfA1OwIBrkAXE0DgfPZ18TT0O14.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57314
IP address blocks: 91.231.132.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c1:eb:7f:45:1a:31:8f:9b:eb:61:5a:e8:ca:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41f0353b0201ae40171340e07cf675f134f43b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:6b:08:a6:54:5b:85:58:45:f9:7e:24:bb:
17:29:c8:fa:3c:0a:f2:ec:45:40:f6:04:ed:8e:fe:
8f:68:08:01:eb:ae:93:58:75:e6:96:7f:f9:7f:58:
a2:53:ac:38:81:4d:ac:a9:5b:cb:ca:fa:bc:c3:e1:
e7:3f:05:43:c4:79:73:32:02:55:2b:18:dc:7e:99:
15:53:f4:a7:66:09:52:10:3d:13:77:46:6a:c1:cf:
46:eb:c1:57:71:b2:ab:05:dc:11:22:33:f7:0f:c5:
24:b8:5c:93:66:89:00:39:36:49:4f:22:65:8c:e1:
a0:76:ed:4a:ac:d7:29:9a:13:4d:e8:9d:e7:51:b4:
98:7c:e1:9b:27:be:e5:f9:68:e6:42:50:81:6f:21:
53:81:a4:a3:fd:1b:cc:ab:18:d1:5c:9f:42:a5:5b:
ff:ea:52:94:c8:cf:18:37:68:8f:42:92:09:1d:52:
38:d8:6f:e6:53:3c:87:bf:2c:b3:39:cf:06:3a:80:
95:2b:76:5a:e4:d0:bb:21:62:10:ab:10:cb:f8:b3:
63:0a:98:eb:85:62:93:89:d7:25:30:09:bc:a2:88:
de:a3:0a:bc:2e:7e:11:f9:ff:4f:18:ed:bc:ed:b8:
59:d4:79:37:7d:01:99:cd:7a:35:46:6f:53:f0:01:
8a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F0:35:3B:02:01:AE:40:17:13:40:E0:7C:F6:75:F1:34:F4:3B:5E
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/QfA1OwIBrkAXE0DgfPZ18TT0O14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.132.0/22
Signature Algorithm: sha256WithRSAEncryption
77:da:e0:70:7d:bb:8b:df:81:63:86:a9:22:c6:32:f6:cc:0f:
f8:a0:d7:7f:30:90:7f:74:84:11:fa:b3:d8:f9:3b:b6:32:31:
4b:12:eb:9f:6a:27:e5:70:f0:b3:a2:40:36:03:e9:a1:eb:89:
9f:21:5d:97:3c:69:39:38:aa:0c:e5:1a:e8:49:0f:bb:10:d5:
6b:d9:ce:33:11:e6:1a:69:ff:0c:c7:1a:88:44:b3:04:a5:38:
ef:20:ad:51:7e:51:ad:ef:6b:84:84:3b:4e:4c:a5:a6:51:50:
67:3b:7f:f4:c3:36:d5:2d:6e:81:4d:eb:25:10:a8:c8:67:69:
3c:1d:7e:73:d6:1a:54:32:71:d4:c4:e9:ec:58:50:22:9e:27:
bf:e9:32:7d:93:c1:5d:c7:73:25:11:48:d8:e7:52:9e:be:b8:
7a:85:66:1d:77:4d:b7:26:3e:1e:8f:f2:54:d1:fd:b7:b8:05:
b2:95:d1:10:ad:21:88:6b:91:ec:28:d6:0d:88:d3:52:4b:dc:
39:e6:e3:c1:11:02:c3:c4:fa:83:3e:b4:ba:e4:b0:af:c9:0d:
43:2e:66:25:de:14:0b:5f:6b:10:3b:ae:aa:52:2a:16:65:6d:
ee:65:8b:a1:91:49:50:a4:93:62:d6:f7:bb:ee:72:db:89:9e:
da:c4:f4:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8Hrf0UaMY+b62Fa6Mo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWYwMzUzYjAyMDFhZTQwMTcxMzQwZTA3Y2Y2NzVmMTM0ZjQzYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNxrCKZUW4VYRfl+JLsXKcj6PAry
7EVA9gTtjv6PaAgB666TWHXmln/5f1iiU6w4gU2sqVvLyvq8w+HnPwVDxHlzMgJV
KxjcfpkVU/SnZglSED0Td0Zqwc9G68FXcbKrBdwRIjP3D8UkuFyTZokAOTZJTyJl
jOGgdu1KrNcpmhNN6J3nUbSYfOGbJ77l+WjmQlCBbyFTgaSj/RvMqxjRXJ9CpVv/
6lKUyM8YN2iPQpIJHVI42G/mUzyHvyyzOc8GOoCVK3Za5NC7IWIQqxDL+LNjCpjr
hWKTidclMAm8oojeowq8Ln4R+f9PGO287bhZ1Hk3fQGZzXo1Rm9T8AGKXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHwNTsCAa5AFxNA4Hz2dfE09DteMB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvUWZBMU93SUJya0FYRTBEZ2ZQWjE4VFQwTzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+eEMA0G
CSqGSIb3DQEBCwUAA4IBAQB32uBwfbuL34FjhqkixjL2zA/4oNd/MJB/dIQR+rPY
+Tu2MjFLEuufaiflcPCzokA2A+mh64mfIV2XPGk5OKoM5RroSQ+7ENVr2c4zEeYa
af8MxxqIRLMEpTjvIK1RflGt72uEhDtOTKWmUVBnO3/0wzbVLW6BTeslEKjIZ2k8
HX5z1hpUMnHUxOnsWFAinie/6TJ9k8Fdx3MlEUjY51Kevrh6hWYdd023Jj4ej/JU
0f23uAWyldEQrSGIa5HsKNYNiNNSS9w55uPBEQLDxPqDPrS65LCvyQ1DLmYl3hQL
X2sQO66qUioWZW3uZYuhkUlQpJNi1ve77nLbiZ7axPRp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:44 2024 by rpki-client on console-ams.rpki-client.org