Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/1XzoNdtfPezKf96ibyUqgDzHWt8.roa
File: 1XzoNdtfPezKf96ibyUqgDzHWt8.roa (raw, json)
Hash identifier: F3qhZiHnWkr7Ts/fbD7+WKty01olvFvqyRmpywYxeew=
Subject key identifier: D5:7C:E8:35:DB:5F:3D:EC:CA:7F:DE:A2:6F:25:2A:80:3C:C7:5A:DF
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 0EDBA1E7
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/1XzoNdtfPezKf96ibyUqgDzHWt8.roa
Signing time: Tue 04 Jan 2022 22:47:19 +0000
ROA not before: Tue 04 Jan 2022 22:47:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43666
IP address blocks: 91.197.180.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249274855 (0xedba1e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jan 4 22:47:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d57ce835db5f3decca7fdea26f252a803cc75adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:7b:41:c4:82:5c:04:48:b9:d5:0a:89:ba:
57:ca:fe:6f:bc:f6:c4:f3:04:3e:73:29:f5:89:82:
88:6e:10:57:dd:89:19:d8:40:2e:b7:99:fd:2a:ef:
a3:1c:8c:0b:41:d0:54:ed:32:3a:00:a5:ad:0d:62:
9c:09:fd:b5:18:9a:c3:09:89:6a:73:5b:9b:69:c4:
28:f7:81:ee:05:63:e8:cc:47:be:c3:58:2b:2a:ae:
70:fa:9f:a9:5f:22:2c:9d:03:9b:9c:88:33:e6:ad:
69:b3:7b:b1:68:06:50:4c:d5:a6:24:c8:07:d3:2d:
8a:06:07:b1:48:e7:2b:ce:7b:12:d7:ed:0e:bd:42:
9b:62:1f:56:85:8a:6f:78:43:b5:f5:24:3c:80:59:
0a:4f:ea:76:64:2b:91:4b:ab:cf:86:5a:40:8a:95:
41:00:d9:29:7e:c7:d9:c7:05:4a:e6:0d:af:a8:42:
b4:92:e6:24:df:bf:1c:0e:0a:69:f7:c1:b0:4c:bb:
a5:90:a9:31:7a:ea:3b:20:c4:d0:96:5a:40:d9:45:
8b:b5:f6:3f:cd:97:33:4e:f9:78:90:8b:96:a2:5b:
ac:2f:9a:04:2b:91:77:85:6c:02:75:5c:ec:a9:bd:
3e:de:a4:03:d1:3e:94:2d:d9:d0:2b:cf:7f:5f:64:
14:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7C:E8:35:DB:5F:3D:EC:CA:7F:DE:A2:6F:25:2A:80:3C:C7:5A:DF
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/1XzoNdtfPezKf96ibyUqgDzHWt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.180.0/22
Signature Algorithm: sha256WithRSAEncryption
61:78:9f:31:07:0a:c7:ae:ec:60:46:0a:d0:a1:d0:93:41:7a:
98:fc:04:22:d4:bf:9a:e5:1a:a4:da:93:41:96:df:06:7c:01:
ed:fd:4c:e1:62:09:12:7e:15:b3:d6:87:e9:39:f6:e4:a2:b2:
da:e9:ac:22:a0:71:1e:df:c9:7f:55:73:94:f9:49:e8:bf:5c:
55:81:b5:3f:2f:9f:af:c4:74:ed:c3:dc:6e:c2:e9:b3:dc:43:
8c:e3:3e:20:56:17:f0:1f:ea:1d:bc:17:3d:f7:13:67:21:df:
ad:0f:43:19:03:40:f3:1f:db:40:c2:df:d8:22:b5:f9:c3:49:
8e:38:49:91:47:35:b1:13:ba:18:ec:d3:30:e7:57:ec:af:56:
1a:db:53:00:c5:3c:2c:73:6c:62:47:87:a0:d9:d1:1f:2c:3e:
a9:3c:41:1e:ec:37:c0:c0:da:8a:d2:89:f6:c3:54:79:4d:52:
aa:83:8b:c9:c9:33:1e:fb:e6:27:62:8e:1a:dd:03:d5:51:26:
b8:7b:b0:e1:c1:ce:9f:31:c7:16:05:12:34:38:b5:d7:26:9d:
2a:a1:60:ca:ac:51:e0:a3:c0:df:46:ff:62:fb:5e:02:bd:22:
ed:a5:c0:e4:22:a8:5c:b6:66:7e:10:9d:c3:e9:2b:1b:a4:11:
e8:3d:97:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDtuh5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmE3NzQyN2MwMzcwOWIzMzlhOTViMGFkOWE0YWM5ZDJjOTJjOTAzMB4XDTIyMDEw
NDIyNDcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU3Y2U4MzVkYjVm
M2RlY2NhN2ZkZWEyNmYyNTJhODAzY2M3NWFkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxce0HEglwESLnVCom6V8r+b7z2xPMEPnMp9YmCiG4QV92J
GdhALreZ/SrvoxyMC0HQVO0yOgClrQ1inAn9tRiawwmJanNbm2nEKPeB7gVj6MxH
vsNYKyqucPqfqV8iLJ0Dm5yIM+atabN7sWgGUEzVpiTIB9MtigYHsUjnK857Etft
Dr1Cm2IfVoWKb3hDtfUkPIBZCk/qdmQrkUurz4ZaQIqVQQDZKX7H2ccFSuYNr6hC
tJLmJN+/HA4KaffBsEy7pZCpMXrqOyDE0JZaQNlFi7X2P82XM075eJCLlqJbrC+a
BCuRd4VsAnVc7Km9Pt6kA9E+lC3Z0CvPf19kFBcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVfOg121897Mp/3qJvJSqAPMda3zAfBgNVHSMEGDAWgBQyp3QnwDcJszmp
WwrZpKydLJLJAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01xZDBKOEEzQ2JNNXFWc0syYVNzblN5U3lRTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZjI1MWVkLTU5NjctNGRkZC05MzJiLTdkNDBiN2M4ZmIwMS8x
LzFYem9OZHRmUGV6S2Y5NmlieVVxZ0R6SFd0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZjI1MWVkLTU5NjctNGRkZC05MzJiLTdkNDBiN2M4ZmIwMS8xL01xZDBKOEEzQ2JN
NXFWc0syYVNzblN5U3lRTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvFtDANBgkqhkiG9w0BAQsFAAOC
AQEAYXifMQcKx67sYEYK0KHQk0F6mPwEItS/muUapNqTQZbfBnwB7f1M4WIJEn4V
s9aH6Tn25KKy2umsIqBxHt/Jf1VzlPlJ6L9cVYG1Py+fr8R07cPcbsLps9xDjOM+
IFYX8B/qHbwXPfcTZyHfrQ9DGQNA8x/bQMLf2CK1+cNJjjhJkUc1sRO6GOzTMOdX
7K9WGttTAMU8LHNsYkeHoNnRHyw+qTxBHuw3wMDaitKJ9sNUeU1SqoOLyckzHvvm
J2KOGt0D1VEmuHuw4cHOnzHHFgUSNDi11yadKqFgyqxR4KPA30b/YvteAr0i7aXA
5CKoXLZmfhCdw+krG6QR6D2XSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:10 2024 by rpki-client on console-ams.rpki-client.org