Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u_XfwzzlVnXlJ-Oe9_fKnS0aaSg.roa
File: u_XfwzzlVnXlJ-Oe9_fKnS0aaSg.roa (raw, json)
Hash identifier: Us+CI331wUt/HnT871gR/TbEVU8GMRD09WDksplO35A=
Subject key identifier: BB:F5:DF:C3:3C:E5:56:75:E5:27:E3:9E:F7:F7:CA:9D:2D:1A:69:28
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018571832084E069D561FBCAC2744CFA898E
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u_XfwzzlVnXlJ-Oe9_fKnS0aaSg.roa
Signing time: Mon 02 Jan 2023 08:04:57 +0000
ROA not before: Mon 02 Jan 2023 08:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51091
IP address blocks: 91.216.142.0/24 maxlen: 24
2001:67c:2864::/48 maxlen: 48
2a00:1188:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:20:84:e0:69:d5:61:fb:ca:c2:74:4c:fa:89:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 08:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbf5dfc33ce55675e527e39ef7f7ca9d2d1a6928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:9b:3e:a1:64:c0:99:0b:e4:ba:82:68:fd:
42:9b:dc:02:10:09:29:b9:36:55:8d:d3:8e:ea:a9:
db:37:ea:b6:e2:da:4f:72:73:1d:92:6e:08:c8:d4:
30:91:67:f1:14:f8:5b:7f:0d:9e:01:d1:55:e6:4d:
15:66:2e:c3:67:37:13:2c:f0:2b:de:fc:30:a2:b1:
67:30:16:04:f5:13:70:79:fc:a8:96:3d:0f:03:97:
67:88:57:d1:c4:86:2b:81:58:26:cc:ba:65:97:6a:
a7:89:82:f7:b3:3b:6b:69:b5:53:83:36:41:66:6a:
17:68:44:85:cc:a4:3a:44:e6:0f:e7:92:30:b1:13:
95:f5:75:23:bd:02:4a:48:4d:f1:8c:ad:04:af:26:
25:00:57:ce:81:9e:97:d3:68:38:1f:20:97:95:42:
94:17:a7:59:31:a6:a2:20:5e:08:cc:7c:85:89:93:
97:36:96:37:54:fb:fb:8a:24:4b:07:ed:8e:38:89:
4f:2b:be:5d:bb:a4:f7:91:94:06:e1:ee:a0:f0:9a:
1a:0d:e4:a5:ab:c0:01:b5:3d:75:06:f3:d8:c1:26:
63:94:25:75:0c:c6:28:21:c9:db:ab:f9:42:e4:74:
ea:ba:4e:bc:2f:3c:04:54:98:78:0c:e1:08:ec:43:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F5:DF:C3:3C:E5:56:75:E5:27:E3:9E:F7:F7:CA:9D:2D:1A:69:28
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u_XfwzzlVnXlJ-Oe9_fKnS0aaSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.142.0/24
IPv6:
2001:67c:2864::/48
2a00:1188:f::/48
Signature Algorithm: sha256WithRSAEncryption
18:3f:0f:72:75:f8:72:be:79:0f:d6:2d:8b:8d:54:25:99:e2:
5f:60:1d:33:4a:d8:26:20:cc:a9:b3:27:4c:13:24:76:5d:b1:
ff:d1:1b:3c:38:c4:14:59:b6:6c:ac:06:01:76:f4:00:f5:7b:
c7:e4:d3:af:9a:c4:b0:e2:95:51:66:b8:2e:14:98:ba:3d:13:
fc:b3:fc:2c:c6:47:59:03:77:02:03:be:47:38:77:c6:5c:bd:
bc:f8:15:29:c0:46:b3:14:09:f8:62:fa:1f:9d:9d:9b:08:4a:
55:b9:a0:b6:8c:b0:ea:a8:57:5f:94:76:ea:df:5e:bc:02:15:
ca:6a:7e:02:15:5a:eb:34:d6:b1:b8:aa:3f:df:7a:54:16:b3:
41:63:3c:2c:5b:bb:10:ec:cb:87:57:02:e3:b7:2b:9a:10:bd:
85:f8:f3:21:25:ee:c1:ce:2e:64:6c:a6:8e:d0:bf:17:1d:18:
ad:9b:89:84:7c:fb:c5:3e:9d:24:94:df:f4:6a:dd:0a:37:96:
c8:fe:03:83:d1:3f:72:06:28:50:9f:41:71:18:f7:df:10:b7:
49:a6:96:a6:ba:50:a9:d8:2d:bd:59:f0:81:2d:8a:09:bb:31:
a6:a1:cf:a5:e8:c7:5b:ff:b8:e7:4f:2c:a4:a3:97:ff:b3:4a:
be:98:3e:4c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVxgyCE4GnVYfvKwnRM+omOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjMwMTAyMDgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmY1ZGZjMzNjZTU1Njc1ZTUyN2UzOWVmN2Y3Y2E5ZDJkMWE2OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYmbPqFkwJkL5LqCaP1Cm9wCEAkp
uTZVjdOO6qnbN+q24tpPcnMdkm4IyNQwkWfxFPhbfw2eAdFV5k0VZi7DZzcTLPAr
3vwworFnMBYE9RNwefyolj0PA5dniFfRxIYrgVgmzLpll2qniYL3sztrabVTgzZB
ZmoXaESFzKQ6ROYP55IwsROV9XUjvQJKSE3xjK0EryYlAFfOgZ6X02g4HyCXlUKU
F6dZMaaiIF4IzHyFiZOXNpY3VPv7iiRLB+2OOIlPK75du6T3kZQG4e6g8JoaDeSl
q8ABtT11BvPYwSZjlCV1DMYoIcnbq/lC5HTquk68LzwEVJh4DOEI7EO17wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLv138M85VZ15Sfjnvf3yp0tGmkoMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvdV9YZnd6emxWblhsSi1PZTlfZktuUzBhYVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW9iOMBgE
AgACMBIDBwAgAQZ8KGQDBwAqABGIAA8wDQYJKoZIhvcNAQELBQADggEBABg/D3J1
+HK+eQ/WLYuNVCWZ4l9gHTNK2CYgzKmzJ0wTJHZdsf/RGzw4xBRZtmysBgF29AD1
e8fk06+axLDilVFmuC4UmLo9E/yz/CzGR1kDdwIDvkc4d8Zcvbz4FSnARrMUCfhi
+h+dnZsISlW5oLaMsOqoV1+UdurfXrwCFcpqfgIVWus01rG4qj/felQWs0FjPCxb
uxDsy4dXAuO3K5oQvYX48yEl7sHOLmRspo7QvxcdGK2biYR8+8U+nSSU3/Rq3Qo3
lsj+A4PRP3IGKFCfQXEY998Qt0mmlqa6UKnYLb1Z8IEtigm7Maahz6Xox1v/uOdP
LKSjl/+zSr6YPkw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org