Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TN6LpiihCO64KxynZ4NJVxHitLo.roa
File: TN6LpiihCO64KxynZ4NJVxHitLo.roa (raw, json)
Hash identifier: TJInYyfp8S670Dstl+vsNAwRS4AIYMlpg65MwpPI+S0=
Subject key identifier: 4C:DE:8B:A6:28:A1:08:EE:B8:2B:1C:A7:67:83:49:57:11:E2:B4:BA
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018FF19CFABFE36F3167839CE0287B66D36A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TN6LpiihCO64KxynZ4NJVxHitLo.roa
Signing time: Fri 07 Jun 2024 07:32:27 +0000
ROA not before: Fri 07 Jun 2024 07:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.186.200.0/23 maxlen: 24
91.186.202.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:9c:fa:bf:e3:6f:31:67:83:9c:e0:28:7b:66:d3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 7 07:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cde8ba628a108eeb82b1ca76783495711e2b4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:54:d6:c7:56:8f:94:24:bd:29:6c:ce:12:
fa:ca:77:60:0d:34:28:81:e7:43:72:c2:da:88:da:
65:9c:85:d1:c3:33:21:a2:4e:a9:62:82:ee:be:ea:
e2:7d:80:cb:57:c5:b4:89:f8:98:15:75:c5:86:ed:
dd:1e:ba:64:4d:ac:10:7c:f1:d4:63:1a:5d:7b:7f:
d9:13:2f:67:6e:dc:5b:5a:1f:2c:b4:6f:81:76:2a:
c4:67:88:55:b6:27:d7:2b:80:5f:06:39:26:2f:da:
44:49:82:e2:bf:8d:03:bb:3b:cf:c4:7c:fe:50:b6:
3a:94:4e:c5:8e:93:e4:31:ba:e4:37:09:c9:c5:ca:
e6:14:c5:ee:ec:91:f1:a7:7d:01:d8:cb:45:06:4e:
8b:dd:52:82:78:9a:8e:2a:8e:b3:41:39:21:11:04:
dd:60:b5:08:f3:47:10:3b:7f:fc:bf:77:b4:38:72:
03:87:3b:3b:fc:24:a3:22:05:25:f0:15:5e:b6:c6:
50:46:d0:45:58:15:18:30:aa:94:04:3d:8d:e1:ea:
e6:bc:e4:c9:90:9f:56:cb:70:40:6b:8d:fd:6c:e9:
e6:67:10:ad:e4:65:4e:68:2f:f8:ff:74:6f:9d:01:
44:bc:49:f3:c1:61:b0:5b:92:ca:b1:95:53:26:71:
7d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DE:8B:A6:28:A1:08:EE:B8:2B:1C:A7:67:83:49:57:11:E2:B4:BA
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TN6LpiihCO64KxynZ4NJVxHitLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.200.0/22
Signature Algorithm: sha256WithRSAEncryption
60:e9:40:07:55:80:e8:b7:d5:2d:25:38:50:a4:36:a5:ef:1c:
1a:e8:85:ec:65:ff:c1:aa:ea:c5:47:24:c6:ab:00:6e:cd:df:
42:02:c0:02:49:68:21:6d:69:92:77:fa:41:2e:e3:77:76:b5:
5f:2a:56:d9:71:f8:36:1c:96:79:f8:30:a9:23:b6:bd:f3:ce:
e6:5f:72:fd:38:ac:df:04:3b:9b:8f:dd:df:96:c4:3c:c2:eb:
8b:73:23:5c:a7:32:a9:93:61:96:a0:c0:a1:a4:78:6a:7e:7c:
58:0d:03:5a:a9:a7:9a:ef:99:54:85:cc:1f:14:11:b1:4d:b6:
25:8a:96:00:50:11:6c:63:ea:4d:22:f2:9e:c2:69:ec:e7:7e:
b7:b7:65:aa:bd:6a:21:0f:f5:a8:56:0c:13:a6:73:6b:1f:da:
6b:dd:59:2d:3b:9e:e9:5e:e4:37:5a:27:90:47:52:88:b2:66:
ac:cb:83:bc:16:48:43:03:0c:0b:83:73:2e:04:38:a1:96:2f:
69:38:97:79:26:45:b8:8f:d2:4d:32:e6:69:7e:fe:17:cd:92:
27:fa:2f:91:2d:92:c0:6c:de:bf:60:6e:78:39:b8:75:d2:b4:
66:72:06:74:9e:0f:c0:ec:a1:58:6b:77:22:ef:2d:ab:f3:b4:
26:ca:e8:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/xnPq/428xZ4Oc4Ch7ZtNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjA3MDczMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RlOGJhNjI4YTEwOGVlYjgyYjFjYTc2NzgzNDk1NzExZTJiNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3RU1sdWj5QkvSlszhL6yndgDTQo
gedDcsLaiNplnIXRwzMhok6pYoLuvurifYDLV8W0ifiYFXXFhu3dHrpkTawQfPHU
Yxpde3/ZEy9nbtxbWh8stG+BdirEZ4hVtifXK4BfBjkmL9pESYLiv40DuzvPxHz+
ULY6lE7FjpPkMbrkNwnJxcrmFMXu7JHxp30B2MtFBk6L3VKCeJqOKo6zQTkhEQTd
YLUI80cQO3/8v3e0OHIDhzs7/CSjIgUl8BVetsZQRtBFWBUYMKqUBD2N4ermvOTJ
kJ9Wy3BAa439bOnmZxCt5GVOaC/4/3RvnQFEvEnzwWGwW5LKsZVTJnF9UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzei6YooQjuuCscp2eDSVcR4rS6MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVE42THBpaWhDTzY0S3h5blo0TkpWeEhpdExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rIMA0G
CSqGSIb3DQEBCwUAA4IBAQBg6UAHVYDot9UtJThQpDal7xwa6IXsZf/BqurFRyTG
qwBuzd9CAsACSWghbWmSd/pBLuN3drVfKlbZcfg2HJZ5+DCpI7a9887mX3L9OKzf
BDubj93flsQ8wuuLcyNcpzKpk2GWoMChpHhqfnxYDQNaqaea75lUhcwfFBGxTbYl
ipYAUBFsY+pNIvKewmns5363t2WqvWohD/WoVgwTpnNrH9pr3VktO57pXuQ3WieQ
R1KIsmasy4O8FkhDAwwLg3MuBDihli9pOJd5JkW4j9JNMuZpfv4XzZIn+i+RLZLA
bN6/YG54Obh10rRmcgZ0ng/A7KFYa3ci7y2r87QmyuiB
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:21 2025 by rpki-client