Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Ji7GZoKkq47DExmHMV8Nu2GL6R4.roa
File: Ji7GZoKkq47DExmHMV8Nu2GL6R4.roa (raw, json)
Hash identifier: Cr4X8mDZLGzvGNfmazYyohE9N50wd39DgEyz5tzQVVk=
Subject key identifier: 26:2E:C6:66:82:A4:AB:8E:C3:13:19:87:31:5F:0D:BB:61:8B:E9:1E
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018CC86F2FB1487DAA20797A0A7B2463F2FB
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Ji7GZoKkq47DExmHMV8Nu2GL6R4.roa
Signing time: Tue 02 Jan 2024 04:29:39 +0000
ROA not before: Tue 02 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51091
IP address blocks: 91.216.142.0/24 maxlen: 24
2001:67c:2864::/48 maxlen: 48
2a00:1188:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2f:b1:48:7d:aa:20:79:7a:0a:7b:24:63:f2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=262ec66682a4ab8ec3131987315f0dbb618be91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bd:19:35:26:94:65:83:16:4a:4b:55:38:ae:
09:69:5a:13:b7:23:42:1d:87:91:46:b1:17:dd:20:
ac:ac:19:15:43:8b:b0:3b:da:9d:e3:b3:9a:e8:25:
ac:46:4e:3b:79:1b:e7:2a:85:09:39:2d:d7:46:26:
7e:7c:af:2c:0a:0e:63:1b:1c:4d:bb:8a:35:28:30:
8b:4f:f0:86:c6:f7:b5:2c:06:d0:ea:84:c2:5c:16:
50:06:ce:90:b6:a4:a1:90:1a:95:d5:b2:63:67:a2:
35:65:0e:a2:f1:0e:e6:18:44:d3:a4:5c:6f:8d:5c:
0c:3e:61:27:6c:f9:50:81:84:c4:6a:fe:88:e5:35:
a5:12:0b:97:7f:df:49:fc:58:f1:c8:bd:ee:66:4b:
0f:16:08:9d:11:d1:e1:8c:2c:8a:bc:4d:b4:1a:e1:
d6:a6:c1:bf:45:ff:e8:a1:ec:61:6e:cb:99:d0:d6:
3e:ff:a4:a7:32:37:c7:22:1d:38:b7:5c:14:53:09:
87:b1:a4:87:4f:1c:f2:88:c9:e5:52:a7:d0:6d:6a:
09:1f:8b:ac:99:20:0e:26:a5:f5:ac:21:b0:2d:42:
d8:78:e2:91:60:3d:cf:e5:59:76:87:2f:b3:43:2f:
94:88:19:af:1f:8f:d3:67:02:b2:5c:56:4a:0c:e6:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:2E:C6:66:82:A4:AB:8E:C3:13:19:87:31:5F:0D:BB:61:8B:E9:1E
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/Ji7GZoKkq47DExmHMV8Nu2GL6R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.142.0/24
IPv6:
2001:67c:2864::/48
2a00:1188:f::/48
Signature Algorithm: sha256WithRSAEncryption
35:73:cd:37:88:14:9f:2c:8f:30:2e:30:16:a3:2a:da:3d:c6:
57:19:7e:6a:bb:ad:c7:c9:84:1c:da:ad:c9:7b:d7:01:52:d5:
f0:aa:91:1b:b5:1f:8d:89:7d:69:d6:c5:68:28:0f:5f:62:c0:
44:7f:53:d7:f1:50:b1:12:ea:d6:b2:72:00:fd:58:ae:84:df:
59:4b:49:ab:9b:10:68:23:f0:07:cc:1d:bb:20:c0:16:f5:3d:
33:88:78:31:4b:3b:79:1d:d3:31:2d:68:54:24:07:92:1a:27:
50:22:bc:b5:80:29:e5:0c:b0:4c:b4:fa:bf:98:ac:3d:64:d8:
0e:29:9e:6e:e1:12:50:30:4a:8d:c9:4c:73:6a:c6:49:89:23:
7a:51:79:07:b2:a8:db:b6:47:cd:00:c7:68:de:8f:73:8c:3d:
56:ac:a9:c5:20:26:7c:55:ea:97:3c:35:22:07:56:d6:ef:22:
30:15:d7:e0:21:3f:98:84:be:a0:a7:61:31:f1:bf:f9:fc:ed:
74:f1:0a:32:52:f1:fe:ba:70:5d:aa:de:93:bb:69:20:68:c1:
5f:fc:99:81:14:8f:f0:db:41:62:bf:dc:ec:4f:75:d4:0e:0f:
e9:cc:db:10:ab:e9:b0:00:b1:3b:8d:0e:a5:56:29:e7:24:76:
5d:d3:c7:b5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIby+xSH2qIHl6CnskY/L7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjQwMTAyMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjJlYzY2NjgyYTRhYjhlYzMxMzE5ODczMTVmMGRiYjYxOGJlOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L0ZNSaUZYMWSktVOK4JaVoTtyNC
HYeRRrEX3SCsrBkVQ4uwO9qd47Oa6CWsRk47eRvnKoUJOS3XRiZ+fK8sCg5jGxxN
u4o1KDCLT/CGxve1LAbQ6oTCXBZQBs6QtqShkBqV1bJjZ6I1ZQ6i8Q7mGETTpFxv
jVwMPmEnbPlQgYTEav6I5TWlEguXf99J/FjxyL3uZksPFgidEdHhjCyKvE20GuHW
psG/Rf/ooexhbsuZ0NY+/6SnMjfHIh04t1wUUwmHsaSHTxzyiMnlUqfQbWoJH4us
mSAOJqX1rCGwLULYeOKRYD3P5Vl2hy+zQy+UiBmvH4/TZwKyXFZKDOYOpwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCYuxmaCpKuOwxMZhzFfDbthi+keMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvSmk3R1pvS2txNDdERXhtSE1WOE51MkdMNlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW9iOMBgE
AgACMBIDBwAgAQZ8KGQDBwAqABGIAA8wDQYJKoZIhvcNAQELBQADggEBADVzzTeI
FJ8sjzAuMBajKto9xlcZfmq7rcfJhBzarcl71wFS1fCqkRu1H42JfWnWxWgoD19i
wER/U9fxULES6taycgD9WK6E31lLSaubEGgj8AfMHbsgwBb1PTOIeDFLO3kd0zEt
aFQkB5IaJ1AivLWAKeUMsEy0+r+YrD1k2A4pnm7hElAwSo3JTHNqxkmJI3pReQey
qNu2R80Ax2jej3OMPVasqcUgJnxV6pc8NSIHVtbvIjAV1+AhP5iEvqCnYTHxv/n8
7XTxCjJS8f66cF2q3pO7aSBowV/8mYEUj/DbQWK/3OxPddQOD+nM2xCr6bAAsTuN
DqVWKeckdl3Tx7U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:03 2024 by rpki-client on console-ams.rpki-client.org