Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/dryhjD7y7vbwMKz1PxiJMRzEErg.roa
File: dryhjD7y7vbwMKz1PxiJMRzEErg.roa (raw, json)
Hash identifier: pcolo6UPQeJNYEkoM6+TztGDETUGzshAg7S4GgaekDo=
Subject key identifier: 76:BC:A1:8C:3E:F2:EE:F6:F0:30:AC:F5:3F:18:89:31:1C:C4:12:B8
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 01856F2FE30A3A667F2826FCE4BE6F597121
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/dryhjD7y7vbwMKz1PxiJMRzEErg.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57712
IP address blocks: 91.184.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e3:0a:3a:66:7f:28:26:fc:e4:be:6f:59:71:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76bca18c3ef2eef6f030acf53f1889311cc412b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8b:9b:7d:91:4b:13:3b:23:5e:5c:65:63:f1:
ff:c2:87:6e:1c:23:69:33:48:28:87:56:2d:73:2f:
03:9a:95:1e:2a:64:7e:c6:d3:18:d8:c0:41:52:c2:
0a:4e:01:bb:e2:50:49:2f:d2:49:dd:a4:ab:f1:a9:
11:7a:7d:56:36:8c:98:8e:67:b4:b4:17:19:fc:30:
e1:53:73:00:a9:fa:4d:4d:ed:24:33:da:65:7b:16:
96:92:33:4b:0d:3a:db:32:da:23:f8:df:52:82:1b:
83:a5:4c:b1:ea:ee:6a:6e:f3:91:e9:ea:b8:02:78:
ff:76:bc:8d:11:05:1c:42:5c:2f:a0:cd:57:42:bc:
e1:ab:1b:7b:b8:43:b1:34:d2:c7:c5:1f:9b:b0:a3:
ca:d3:f9:ff:63:cf:e1:28:e7:0c:9f:25:05:ff:d1:
bc:35:a8:0a:8f:99:8f:44:73:33:b7:ba:2d:5b:95:
40:cf:67:6c:18:2e:d4:14:49:47:47:4a:a7:6b:50:
97:83:2f:61:d4:40:87:23:98:d7:62:2a:8c:f9:0d:
a9:58:b5:9d:e5:f5:64:5b:4d:c6:3b:44:df:ba:91:
4b:3d:64:ad:24:b5:ac:26:7a:27:f2:91:ec:05:d1:
bf:db:01:59:f0:c8:1f:7a:3a:d9:bb:f0:74:f4:49:
cc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BC:A1:8C:3E:F2:EE:F6:F0:30:AC:F5:3F:18:89:31:1C:C4:12:B8
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/dryhjD7y7vbwMKz1PxiJMRzEErg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.253.0/24
Signature Algorithm: sha256WithRSAEncryption
03:63:14:2f:6d:42:59:f3:dc:45:9f:1a:c9:d4:ca:30:0b:a2:
54:c4:80:7c:9c:8e:91:56:1e:79:fb:5c:d7:dc:10:ee:6e:09:
52:61:6b:8c:e8:b0:87:06:24:18:2d:b9:23:80:d2:50:99:6c:
88:e1:3c:61:8c:ef:03:b0:21:2e:09:f5:22:5d:fd:b0:fe:b3:
20:e9:e4:d2:23:aa:bd:44:fc:7e:0d:c4:4e:18:15:2a:ce:0e:
08:49:56:07:4d:8a:d8:19:53:36:1e:78:3d:fd:37:ca:3e:d6:
aa:b8:cc:1e:c3:ae:6c:c3:be:53:5f:1e:da:b1:67:1f:79:20:
d9:ac:0f:e1:f6:57:73:44:f0:36:77:57:37:d5:5a:ad:18:49:
87:48:36:3c:67:dc:01:a9:17:40:dc:5d:7c:66:45:f4:da:e9:
18:40:b0:5c:cb:f7:21:9f:d7:5c:34:cd:80:3a:db:80:0c:26:
d7:24:23:05:5c:da:61:66:ff:72:d9:46:fe:37:dc:b1:64:10:
ed:b7:ae:90:38:99:87:c8:1f:75:df:d9:bf:57:57:80:04:40:
88:b9:65:c6:6d:73:58:00:a0:a6:87:0d:48:5d:b1:9e:b7:53:
58:f0:f8:a8:d4:1d:26:a8:95:a4:e9:51:ef:75:cd:f4:c1:83:
fc:81:4b:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL+MKOmZ/KCb85L5vWXEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmJjYTE4YzNlZjJlZWY2ZjAzMGFjZjUzZjE4ODkzMTFjYzQxMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIubfZFLEzsjXlxlY/H/woduHCNp
M0goh1Ytcy8DmpUeKmR+xtMY2MBBUsIKTgG74lBJL9JJ3aSr8akRen1WNoyYjme0
tBcZ/DDhU3MAqfpNTe0kM9plexaWkjNLDTrbMtoj+N9SghuDpUyx6u5qbvOR6eq4
Anj/dryNEQUcQlwvoM1XQrzhqxt7uEOxNNLHxR+bsKPK0/n/Y8/hKOcMnyUF/9G8
NagKj5mPRHMzt7otW5VAz2dsGC7UFElHR0qna1CXgy9h1ECHI5jXYiqM+Q2pWLWd
5fVkW03GO0TfupFLPWStJLWsJnon8pHsBdG/2wFZ8MgfejrZu/B09EnMEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa8oYw+8u728DCs9T8YiTEcxBK4MB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvZHJ5aGpEN3k3dmJ3TUt6MVB4aUpNUnpFRXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7j9MA0G
CSqGSIb3DQEBCwUAA4IBAQADYxQvbUJZ89xFnxrJ1MowC6JUxIB8nI6RVh55+1zX
3BDubglSYWuM6LCHBiQYLbkjgNJQmWyI4TxhjO8DsCEuCfUiXf2w/rMg6eTSI6q9
RPx+DcROGBUqzg4ISVYHTYrYGVM2Hng9/TfKPtaquMwew65sw75TXx7asWcfeSDZ
rA/h9ldzRPA2d1c31VqtGEmHSDY8Z9wBqRdA3F18ZkX02ukYQLBcy/chn9dcNM2A
OtuADCbXJCMFXNphZv9y2Ub+N9yxZBDtt66QOJmHyB9139m/V1eABECIuWXGbXNY
AKCmhw1IXbGet1NY8Pio1B0mqJWk6VHvdc30wYP8gUtU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:40 2025 by rpki-client