Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/WJYnj5A9C0VoVIzg57jY8q5J7pM.roa
File: WJYnj5A9C0VoVIzg57jY8q5J7pM.roa (raw, json)
Hash identifier: zoWXXcCiWsW6VFn8ycdqFHwpJwW7fmJn5rwJd99YMVw=
Subject key identifier: 58:96:27:8F:90:3D:0B:45:68:54:8C:E0:E7:B8:D8:F2:AE:49:EE:93
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 0186C0AB3BCA28EBEA6BDA4246C0B7CDDA06
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/WJYnj5A9C0VoVIzg57jY8q5J7pM.roa
Signing time: Wed 08 Mar 2023 10:01:32 +0000
ROA not before: Wed 08 Mar 2023 10:01:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 81.88.67.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:ab:3b:ca:28:eb:ea:6b:da:42:46:c0:b7:cd:da:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Mar 8 10:01:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5896278f903d0b4568548ce0e7b8d8f2ae49ee93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cb:f8:2a:60:b1:e7:6b:14:e6:5d:7f:26:03:
4d:af:50:7e:0a:be:0d:c9:1a:58:36:5a:ef:f3:23:
87:9f:9f:90:39:4b:60:c2:3d:0c:a2:97:de:8d:c2:
f6:12:92:31:dd:52:11:37:b4:a1:fd:21:b2:d3:f1:
0e:34:2a:9d:97:5b:b1:aa:c5:a1:ae:18:63:34:e9:
cd:ae:75:26:a7:13:bb:04:f2:85:dc:d4:9a:5f:0c:
f9:79:62:8e:ce:ae:01:d9:a7:61:d8:88:62:3d:72:
ac:8a:91:93:ac:b5:0f:0f:d5:d7:e2:3d:1f:26:29:
c0:d0:18:be:5c:cf:d4:62:47:d8:55:d6:ad:2d:27:
6f:89:29:99:f5:bb:10:b6:47:26:05:c2:b7:a8:e5:
89:75:b5:04:50:d1:36:b2:79:84:c7:67:d5:51:f8:
dd:c7:4b:ec:b0:4b:4f:e3:db:42:53:b9:99:dc:a6:
ea:b5:88:a2:70:88:18:62:a5:a2:7e:f0:1a:c6:04:
62:76:da:9c:7f:30:f9:6b:a1:af:00:d8:01:ae:cb:
f7:ab:c3:7c:03:3f:55:81:2c:03:b4:18:da:ae:fe:
f7:54:cb:6c:d9:9e:a5:a7:26:bf:49:1a:2f:85:40:
00:1b:e9:94:f8:ac:92:b7:02:57:5e:72:4c:90:5a:
b1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:96:27:8F:90:3D:0B:45:68:54:8C:E0:E7:B8:D8:F2:AE:49:EE:93
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/WJYnj5A9C0VoVIzg57jY8q5J7pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.67.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b7:29:49:e0:1c:4f:7f:fa:c0:e6:c7:f3:10:c3:85:56:1a:
af:a5:48:b6:a9:7b:59:a6:63:91:e6:b1:23:75:81:cc:ea:68:
1c:50:b5:00:62:7f:2e:1d:37:08:0e:8a:e2:e5:8f:88:a6:df:
45:4c:02:f4:b0:85:b5:c9:88:b1:ea:ac:d6:bb:82:87:28:46:
79:e6:ba:bc:eb:3c:3c:db:8b:3f:9d:42:92:ed:16:0c:3f:f8:
f0:04:34:43:89:ac:13:84:be:9e:23:e6:de:cc:cc:5e:83:eb:
28:03:a9:31:99:3e:5f:3c:f7:ae:be:9d:a6:ec:be:a0:7a:40:
73:1d:39:e5:5c:79:77:26:51:bf:fd:c9:e6:81:0f:b3:a4:c6:
6c:18:8f:a9:a0:d9:20:42:7c:f2:43:fc:e5:b6:1c:36:1d:f6:
ec:a1:0f:20:b7:9e:d9:1c:61:e0:f1:5d:46:e3:70:3b:d3:69:
b1:88:e1:f7:46:75:85:fc:75:90:6d:04:57:f7:23:2c:ce:10:
7d:4b:73:fe:b9:2e:ba:f6:4f:da:8a:86:84:99:4a:ba:f2:e1:
a9:82:64:2c:c1:7f:75:7c:ba:f1:af:9b:ed:f6:00:f5:e4:5c:
65:58:26:ab:1e:45:aa:37:70:5a:68:8c:25:08:e1:1e:3d:55:
63:08:c6:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbAqzvKKOvqa9pCRsC3zdoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwMzA4MTAwMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODk2Mjc4ZjkwM2QwYjQ1Njg1NDhjZTBlN2I4ZDhmMmFlNDllZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcv4KmCx52sU5l1/JgNNr1B+Cr4N
yRpYNlrv8yOHn5+QOUtgwj0MopfejcL2EpIx3VIRN7Sh/SGy0/EONCqdl1uxqsWh
rhhjNOnNrnUmpxO7BPKF3NSaXwz5eWKOzq4B2adh2IhiPXKsipGTrLUPD9XX4j0f
JinA0Bi+XM/UYkfYVdatLSdviSmZ9bsQtkcmBcK3qOWJdbUEUNE2snmEx2fVUfjd
x0vssEtP49tCU7mZ3KbqtYiicIgYYqWifvAaxgRidtqcfzD5a6GvANgBrsv3q8N8
Az9VgSwDtBjarv73VMts2Z6lpya/SRovhUAAG+mU+KyStwJXXnJMkFqxewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiWJ4+QPQtFaFSM4Oe42PKuSe6TMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvV0pZbmo1QTlDMFZvVkl6ZzU3alk4cTVKN3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVhDMA0G
CSqGSIb3DQEBCwUAA4IBAQCDtylJ4BxPf/rA5sfzEMOFVhqvpUi2qXtZpmOR5rEj
dYHM6mgcULUAYn8uHTcIDori5Y+Ipt9FTAL0sIW1yYix6qzWu4KHKEZ55rq86zw8
24s/nUKS7RYMP/jwBDRDiawThL6eI+bezMxeg+soA6kxmT5fPPeuvp2m7L6gekBz
HTnlXHl3JlG//cnmgQ+zpMZsGI+poNkgQnzyQ/zlthw2HfbsoQ8gt57ZHGHg8V1G
43A702mxiOH3RnWF/HWQbQRX9yMszhB9S3P+uS669k/aioaEmUq68uGpgmQswX91
fLrxr5vt9gD15FxlWCarHkWqN3BaaIwlCOEePVVjCMb8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org