Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/M1ONo4c46tacBNq5J7OMcnpu02M.roa
File: M1ONo4c46tacBNq5J7OMcnpu02M.roa (raw, json)
Hash identifier: dXUQNmUItLkikLDZfcswIkMx3dihhwBbl6fxFrDKx60=
Subject key identifier: 33:53:8D:A3:87:38:EA:D6:9C:04:DA:B9:27:B3:8C:72:7A:6E:D3:63
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 37EB4C9C
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/M1ONo4c46tacBNq5J7OMcnpu02M.roa
Signing time: Sat 01 Jan 2022 00:54:57 +0000
ROA not before: Sat 01 Jan 2022 00:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51091
IP address blocks: 91.216.142.0/24 maxlen: 24
2001:67c:2864::/48 maxlen: 48
2a00:1188:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938167452 (0x37eb4c9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 1 00:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33538da38738ead69c04dab927b38c727a6ed363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:9c:cb:8e:31:17:40:78:98:d4:57:b0:12:
2b:ef:ee:c3:e9:18:20:4a:03:82:5f:c1:1a:ed:fd:
2f:68:c8:e1:42:6e:88:6b:c3:fc:79:46:30:d8:13:
ad:60:e0:a3:23:b4:ed:03:84:e4:10:1a:4c:52:6c:
98:ac:db:e2:00:3f:a6:7f:df:fe:c9:2e:21:8c:d1:
19:02:cc:70:98:9e:6e:45:82:8f:07:0a:ca:eb:0f:
e2:f4:3d:b2:a1:86:97:c3:80:95:b4:cd:c5:1f:3e:
c3:6d:6e:b6:0f:61:59:ec:c2:85:3e:d9:01:ce:6f:
73:70:b4:ee:bb:96:14:1b:8f:89:c1:8a:93:6c:12:
00:3c:d9:46:f4:44:89:73:8b:61:d5:dd:01:dc:8f:
d8:39:07:79:f8:2c:bc:3d:1e:78:44:b9:89:0b:1a:
c4:2c:61:23:5a:d8:b8:05:b5:ed:d1:39:cf:eb:bd:
79:c1:02:11:c1:7f:8e:42:77:ab:ab:f7:7f:36:f6:
8e:1a:a6:7f:ae:03:83:e1:86:30:21:13:9b:34:8d:
03:3c:c4:28:c1:c0:4f:3f:4b:ed:02:2a:ab:e0:05:
53:0c:93:46:06:aa:78:7a:36:c6:ef:b3:59:1d:6f:
f0:f6:8f:ea:71:1c:48:10:f5:25:a6:16:78:34:9a:
f4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:53:8D:A3:87:38:EA:D6:9C:04:DA:B9:27:B3:8C:72:7A:6E:D3:63
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/M1ONo4c46tacBNq5J7OMcnpu02M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.142.0/24
IPv6:
2001:67c:2864::/48
2a00:1188:f::/48
Signature Algorithm: sha256WithRSAEncryption
a1:40:e9:77:38:a7:52:df:18:2a:c6:93:9b:a2:cf:50:fe:3f:
34:7c:4e:04:4e:0c:76:56:69:cc:0e:41:65:41:db:8e:6d:e8:
1a:33:91:64:ff:98:0b:5d:1a:a0:5d:09:b8:1a:99:26:7b:b9:
50:06:c8:4d:de:f3:cf:37:37:6a:e7:ab:0d:37:f5:2c:a1:e9:
eb:f3:44:28:b9:84:18:3d:c4:a3:59:a2:62:20:77:06:87:00:
24:9e:c8:6e:cd:60:50:fc:97:de:b6:12:4b:71:69:47:c9:57:
53:ce:99:04:47:b6:d9:46:30:fd:f9:fa:c1:50:3a:72:d2:31:
21:a8:d2:3c:7c:4d:f6:8b:bf:9a:92:06:a3:87:52:32:b9:f3:
76:d6:9f:0f:4c:17:84:d3:52:53:08:f0:6f:f5:58:ec:05:fc:
4b:7a:27:25:0d:6c:0a:10:52:e8:18:97:e9:5f:76:ed:7b:be:
b5:50:82:92:de:3b:22:43:9a:8f:73:00:cd:05:f4:65:67:ac:
fe:59:9b:82:da:5e:34:09:af:ed:fa:7c:d8:e3:37:30:87:43:
7c:15:44:b7:eb:38:a3:e4:7f:06:2c:8e:dd:2a:95:b6:56:ea:
21:9c:c8:77:a1:fc:69:70:db:61:cc:24:f5:30:05:5e:62:6d:
ff:33:b5:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEN+tMnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Yzk2OTQ2YzUwMWRkZjQ4Njk2ZGEyY2YxMTBmZGNlYjI4NmZhYzk4MB4XDTIyMDEw
MTAwNTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM1MzhkYTM4NzM4
ZWFkNjljMDRkYWI5MjdiMzhjNzI3YTZlZDM2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIlnMuOMRdAeJjUV7ASK+/uw+kYIEoDgl/BGu39L2jI4UJu
iGvD/HlGMNgTrWDgoyO07QOE5BAaTFJsmKzb4gA/pn/f/skuIYzRGQLMcJiebkWC
jwcKyusP4vQ9sqGGl8OAlbTNxR8+w21utg9hWezChT7ZAc5vc3C07ruWFBuPicGK
k2wSADzZRvREiXOLYdXdAdyP2DkHefgsvD0eeES5iQsaxCxhI1rYuAW17dE5z+u9
ecECEcF/jkJ3q6v3fzb2jhqmf64Dg+GGMCETmzSNAzzEKMHATz9L7QIqq+AFUwyT
RgaqeHo2xu+zWR1v8PaP6nEcSBD1JaYWeDSa9AUCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQzU42jhzjq1pwE2rkns4xyem7TYzAfBgNVHSMEGDAWgBQslpRsUB3fSGlt
os8RD9zrKG+smDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xKYVViRkFkMzBocGJhTFBFUV9jNnlodnJKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRmZWY4LWQyZGYtNGY3YS05MmI0LTdmOTcwYTNhZjljZC8x
L00xT05vNGM0NnRhY0JOcTVKN09NY25wdTAyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRmZWY4LWQyZGYtNGY3YS05MmI0LTdmOTcwYTNhZjljZC8xL0xKYVViRkFkMzBo
cGJhTFBFUV9jNnlodnJKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAFvYjjAYBAIAAjASAwcAIAEGfChk
AwcAKgARiAAPMA0GCSqGSIb3DQEBCwUAA4IBAQChQOl3OKdS3xgqxpObos9Q/j80
fE4ETgx2VmnMDkFlQduObegaM5Fk/5gLXRqgXQm4Gpkme7lQBshN3vPPNzdq56sN
N/Usoenr80QouYQYPcSjWaJiIHcGhwAknshuzWBQ/JfethJLcWlHyVdTzpkER7bZ
RjD9+frBUDpy0jEhqNI8fE32i7+akgajh1IyufN21p8PTBeE01JTCPBv9VjsBfxL
eiclDWwKEFLoGJfpX3bte761UIKS3jsiQ5qPcwDNBfRlZ6z+WZuC2l40Ca/t+nzY
4zcwh0N8FUS36zij5H8GLI7dKpW2VuohnMh3ofxpcNthzCT1MAVeYm3/M7UA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:03 2024 by rpki-client on console-ams.rpki-client.org