Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wJiaVXQp5e3cV4HUGfO9jRzeXew.roa
File: wJiaVXQp5e3cV4HUGfO9jRzeXew.roa (raw, json)
Hash identifier: nMF7Zg0zIsCNERfncv1Yqc7RauOJQm/JXigI86jL5UQ=
Subject key identifier: C0:98:9A:55:74:29:E5:ED:DC:57:81:D4:19:F3:BD:8D:1C:DE:5D:EC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0190BC76B454BE59AB9958690442C6D32BEB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wJiaVXQp5e3cV4HUGfO9jRzeXew.roa
Signing time: Tue 16 Jul 2024 16:53:34 +0000
ROA not before: Tue 16 Jul 2024 16:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 46.224.0.0/15 maxlen: 15
91.98.0.0/16 maxlen: 16
2a14:6e40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:76:b4:54:be:59:ab:99:58:69:04:42:c6:d3:2b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 16 16:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0989a557429e5eddc5781d419f3bd8d1cde5dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:26:7c:18:b3:29:79:f8:17:17:c3:71:22:0d:
ce:e2:54:09:ed:a7:71:2a:42:fd:87:77:fb:d8:02:
d0:48:7f:23:e1:3b:a0:74:c8:c9:42:93:86:16:f6:
65:ce:50:ac:9f:e8:3d:a8:11:9c:22:f5:1c:02:50:
fe:7b:a6:1b:68:bd:6c:90:26:6f:52:e9:5f:ac:42:
e6:c7:1d:35:37:d0:a7:d9:d7:c5:af:d5:49:a8:36:
7c:a0:04:5d:99:53:61:95:45:a0:db:55:73:98:73:
af:18:2d:57:b4:01:26:ba:49:9f:e3:fe:b8:e9:58:
f7:88:e2:02:43:de:e3:be:73:6e:d0:a8:94:ee:b1:
d8:95:66:bf:0d:f4:b7:fc:9a:27:a2:25:99:82:3a:
2f:7a:22:e7:f7:88:fa:6b:a1:cd:5d:51:9a:5f:c6:
5c:72:6f:b8:1d:0a:80:2b:37:e0:77:a6:2c:b6:a1:
e2:a2:f2:4c:b6:93:57:81:37:17:e4:74:be:04:76:
1e:8d:33:67:16:30:59:49:67:90:95:36:51:a0:29:
77:3e:de:2d:f0:44:3f:2e:f8:9f:79:01:5f:e9:5c:
b8:46:e7:7c:71:ef:71:f9:86:25:df:13:42:d4:e5:
1d:10:73:15:25:b7:8f:2b:47:11:68:f7:80:0b:b7:
d7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:98:9A:55:74:29:E5:ED:DC:57:81:D4:19:F3:BD:8D:1C:DE:5D:EC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wJiaVXQp5e3cV4HUGfO9jRzeXew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.224.0.0/15
91.98.0.0/16
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
0e:bb:3a:d0:5f:30:a0:4e:c4:32:81:eb:b8:c6:c5:9e:69:67:
fb:3c:e4:2b:60:4c:22:ef:1e:13:81:85:f4:99:07:bf:be:a2:
3a:2d:d7:09:90:50:5f:54:21:27:f3:fb:f5:26:22:82:5b:c2:
5e:80:9b:2f:22:26:b6:17:e6:8f:1a:71:75:10:21:09:00:79:
14:7c:b4:e1:4e:db:f7:eb:e8:d7:5d:b0:c3:41:e9:14:87:15:
be:0f:e6:ff:87:d3:78:b8:95:2b:81:04:ad:35:ec:34:13:98:
21:7c:86:0b:fb:74:7f:12:04:9b:d3:fe:ff:28:bd:21:60:ed:
0d:e9:2b:7a:d6:55:87:f9:28:6e:9c:ba:dd:5e:ca:c0:20:36:
36:57:ef:b5:4f:0f:0b:5f:28:99:f8:fc:82:63:61:26:66:cc:
87:b5:45:28:65:a0:99:34:f6:4b:1f:2f:be:20:99:a4:06:19:
30:74:9b:cb:0c:02:3c:f3:4c:23:fe:91:8e:59:30:cf:6e:dd:
74:92:3a:88:37:21:15:7e:ec:7f:3d:05:b2:66:a4:6d:d7:f7:
c1:d8:ea:eb:cd:e3:eb:44:cc:4a:30:a1:ca:fe:83:f3:7f:10:
de:b5:12:60:9f:4a:d0:82:25:57:73:85:cd:48:13:aa:ce:a5:
99:4b:c9:94
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZC8drRUvlmrmVhpBELG0yvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwNzE2MTY1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk4OWE1NTc0MjllNWVkZGM1NzgxZDQxOWYzYmQ4ZDFjZGU1ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCZ8GLMpefgXF8NxIg3O4lQJ7adx
KkL9h3f72ALQSH8j4TugdMjJQpOGFvZlzlCsn+g9qBGcIvUcAlD+e6YbaL1skCZv
UulfrELmxx01N9Cn2dfFr9VJqDZ8oARdmVNhlUWg21VzmHOvGC1XtAEmukmf4/64
6Vj3iOICQ97jvnNu0KiU7rHYlWa/DfS3/JonoiWZgjoveiLn94j6a6HNXVGaX8Zc
cm+4HQqAKzfgd6YstqHiovJMtpNXgTcX5HS+BHYejTNnFjBZSWeQlTZRoCl3Pt4t
8EQ/LvifeQFf6Vy4Rud8ce9x+YYl3xNC1OUdEHMVJbePK0cRaPeAC7fXawIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFMCYmlV0KeXt3FeB1BnzvY0c3l3sMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd0ppYVZYUXA1ZTNjVjRIVUdmTzlqUnplWGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAQBAIAATAKAwMBLuADAwBb
YjANBAIAAjAHAwUAKhRuQDANBgkqhkiG9w0BAQsFAAOCAQEADrs60F8woE7EMoHr
uMbFnmln+zzkK2BMIu8eE4GF9JkHv76iOi3XCZBQX1QhJ/P79SYiglvCXoCbLyIm
thfmjxpxdRAhCQB5FHy04U7b9+vo112ww0HpFIcVvg/m/4fTeLiVK4EErTXsNBOY
IXyGC/t0fxIEm9P+/yi9IWDtDekretZVh/kobpy63V7KwCA2NlfvtU8PC18omfj8
gmNhJmbMh7VFKGWgmTT2Sx8vviCZpAYZMHSbywwCPPNMI/6Rjlkwz27ddJI6iDch
FX7sfz0Fsmakbdf3wdjq683j60TMSjChyv6D838Q3rUSYJ9K0IIlV3OFzUgTqs6l
mUvJlA==
-----END CERTIFICATE-----
Generated at Mon Jul 22 09:06:46 2024 by rpki-client on console-fra.rpki-client.org