Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/X0gv7YJ-NUtJvo8_gGwkBja4cN8.roa
File: X0gv7YJ-NUtJvo8_gGwkBja4cN8.roa (raw, json)
Hash identifier: 2yesntXjeSlU3Bae8ITR60SPvaunp8MHklb7KtfCqDo=
Subject key identifier: 5F:48:2F:ED:82:7E:35:4B:49:BE:8F:3F:80:6C:24:06:36:B8:70:DF
Certificate issuer: /CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Certificate serial: 01930CDF4E738F032115CC0296846D34721E
Authority key identifier: D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/X0gv7YJ-NUtJvo8_gGwkBja4cN8.roa
Signing time: Fri 08 Nov 2024 17:43:01 +0000
ROA not before: Fri 08 Nov 2024 17:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214998
IP address blocks: 91.217.219.0/24 maxlen: 24
2a12:62c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:df:4e:73:8f:03:21:15:cc:02:96:84:6d:34:72:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Validity
Not Before: Nov 8 17:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f482fed827e354b49be8f3f806c240636b870df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:13:f4:6e:0f:26:8d:29:a3:52:fa:10:4b:1c:
ad:74:5e:35:d8:08:a2:71:74:09:72:b6:d3:3c:cf:
85:f5:ce:da:27:fb:75:84:55:b7:4a:1c:e5:19:fa:
ba:7c:e4:96:ab:34:0a:cb:5f:c7:25:02:d5:8f:e7:
99:ca:de:dc:27:e4:f0:88:4b:ff:7c:5b:a0:f8:2a:
9a:14:1d:bb:e8:67:72:1e:20:4a:1c:37:28:e3:e7:
76:5d:ac:13:36:12:0d:30:d0:a6:e7:ae:1f:13:c3:
77:56:9a:1e:96:e9:63:49:b8:1f:fc:ec:4a:24:fb:
cb:26:a9:95:8d:2d:00:41:4b:4a:71:b0:89:b0:1c:
fa:fb:65:da:d7:30:4d:33:47:6c:99:2e:91:8e:85:
81:78:62:b7:95:7c:4e:7a:cf:eb:c4:86:9e:e2:fb:
12:32:d1:b6:5f:18:ca:75:54:6d:a6:80:70:d8:77:
08:e3:08:4c:09:00:7c:43:40:2e:49:03:4a:f3:5d:
1c:8f:0d:88:96:42:17:5c:0a:87:bd:5d:ca:58:41:
87:50:14:3c:68:9b:94:19:8c:56:fc:0c:5f:18:69:
db:a8:3a:97:f7:bf:5e:8e:63:9b:f8:7c:44:91:f9:
38:ed:c5:2b:ad:31:70:4d:da:90:ad:16:7f:9a:3b:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:48:2F:ED:82:7E:35:4B:49:BE:8F:3F:80:6C:24:06:36:B8:70:DF
X509v3 Authority Key Identifier:
keyid:D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/X0gv7YJ-NUtJvo8_gGwkBja4cN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/2O6yCogM20lOnmLUOy7yjJDLnu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
IPv6:
2a12:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:db:4c:04:fb:85:a0:5a:3a:93:29:cb:0d:e8:bf:75:49:dd:
5a:f4:92:82:a2:ed:cd:56:d3:34:f9:87:fb:70:f1:d5:97:1e:
92:fa:68:97:a4:39:61:c8:ad:74:72:5e:ab:41:20:5b:6e:bb:
d9:de:ff:5a:be:4b:eb:e3:0f:e8:af:91:a5:05:af:db:e7:a7:
44:a4:02:02:3c:b3:c4:13:76:18:55:fd:76:df:7b:2b:ab:cf:
02:0b:83:b6:4e:b6:c1:e5:83:47:82:3f:a4:9d:c8:64:08:29:
97:ca:dd:31:25:43:70:16:40:58:d8:69:f0:32:de:66:93:15:
3d:8b:d8:e9:da:ab:40:bc:d5:8b:e1:7c:a6:22:07:de:38:3f:
69:d3:07:4b:ef:39:08:ae:05:41:61:f9:2d:b4:e3:8f:82:f3:
c8:b2:e6:37:4b:8c:76:96:b2:80:c1:9d:8a:9f:08:0b:81:97:
eb:15:11:ef:53:c4:6b:ab:5d:95:6c:0f:74:dc:61:8d:a7:9a:
76:78:c2:eb:ca:0d:89:4d:c5:b7:49:3c:87:33:10:10:48:88:
30:bd:28:a7:84:0f:a2:90:ea:7b:60:3a:3c:02:51:50:27:04:
ea:db:d6:51:4b:13:2f:6e:f9:46:a4:02:df:c5:67:46:68:19:
c6:55:f3:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMM305zjwMhFcwCloRtNHIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWViMjBhODgwY2RiNDk0ZTllNjJkNDNiMmVmMjhjOTBj
YjllZWYwHhcNMjQxMTA4MTc0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ4MmZlZDgyN2UzNTRiNDliZThmM2Y4MDZjMjQwNjM2Yjg3MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhP0bg8mjSmjUvoQSxytdF412Aii
cXQJcrbTPM+F9c7aJ/t1hFW3ShzlGfq6fOSWqzQKy1/HJQLVj+eZyt7cJ+TwiEv/
fFug+CqaFB276GdyHiBKHDco4+d2XawTNhINMNCm564fE8N3VpoeluljSbgf/OxK
JPvLJqmVjS0AQUtKcbCJsBz6+2Xa1zBNM0dsmS6RjoWBeGK3lXxOes/rxIae4vsS
MtG2XxjKdVRtpoBw2HcI4whMCQB8Q0AuSQNK810cjw2IlkIXXAqHvV3KWEGHUBQ8
aJuUGYxW/AxfGGnbqDqX979ejmOb+HxEkfk47cUrrTFwTdqQrRZ/mjsYPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF9IL+2CfjVLSb6PP4BsJAY2uHDfMB8GA1UdIwQY
MBaAFNjusgqIDNtJTp5i1Dsu8oyQy57vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzct
OTZiNTBiY2M3YTA4LzEvWDBndjdZSi1OVXRKdm84X2dHd2tCamE0Y044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzctOTZiNTBiY2M3YTA4
LzEvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9nbMA0E
AgACMAcDBQMqEmLAMA0GCSqGSIb3DQEBCwUAA4IBAQCu20wE+4WgWjqTKcsN6L91
Sd1a9JKCou3NVtM0+Yf7cPHVlx6S+miXpDlhyK10cl6rQSBbbrvZ3v9avkvr4w/o
r5GlBa/b56dEpAICPLPEE3YYVf1233srq88CC4O2TrbB5YNHgj+knchkCCmXyt0x
JUNwFkBY2GnwMt5mkxU9i9jp2qtAvNWL4XymIgfeOD9p0wdL7zkIrgVBYfkttOOP
gvPIsuY3S4x2lrKAwZ2KnwgLgZfrFRHvU8Rrq12VbA903GGNp5p2eMLryg2JTcW3
STyHMxAQSIgwvSinhA+ikOp7YDo8AlFQJwTq29ZRSxMvbvlGpALfxWdGaBnGVfPz
-----END CERTIFICATE-----
Generated at Tue Nov 12 18:29:14 2024 by rpki-client on console-fra.rpki-client.org