Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/bDyhjMsJQTYuKHC3N43vBz8NvPI.roa
File: bDyhjMsJQTYuKHC3N43vBz8NvPI.roa (raw, json)
Hash identifier: SrWDJo3zTT3VaNAn38sDWS3ETEPZdIiwe4FOS/s+BH4=
Subject key identifier: 6C:3C:A1:8C:CB:09:41:36:2E:28:70:B7:37:8D:EF:07:3F:0D:BC:F2
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0191A34192061919FF06C26C2F07AB133E6B
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/bDyhjMsJQTYuKHC3N43vBz8NvPI.roa
Signing time: Fri 30 Aug 2024 12:27:49 +0000
ROA not before: Fri 30 Aug 2024 12:27:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207429
IP address blocks: 91.151.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:41:92:06:19:19:ff:06:c2:6c:2f:07:ab:13:3e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Aug 30 12:27:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c3ca18ccb0941362e2870b7378def073f0dbcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:64:41:86:55:e8:de:2c:32:27:55:69:32:23:
51:fd:5d:bc:96:75:e1:50:0a:2e:b0:6d:ef:ee:7c:
c2:ae:52:c2:8a:f3:b0:60:e2:c7:d5:38:e9:71:3d:
85:bc:46:bf:92:76:b9:c8:e8:58:a4:95:0c:c7:95:
fa:f7:d6:bf:09:cc:75:1c:53:3a:84:d3:b5:6b:d1:
00:bc:d4:cd:a1:e7:41:1c:be:b7:52:2f:23:80:c6:
42:8e:ed:84:fd:dc:1c:7c:d5:6b:a7:d5:55:c1:89:
08:9a:59:c6:65:64:17:58:a6:4a:f4:44:2a:c5:6e:
00:45:73:c6:84:40:ac:d3:b2:f4:87:4e:eb:d3:6a:
be:6c:42:55:17:5f:ee:6b:d2:ee:ca:39:7e:ae:bc:
15:b0:95:21:03:26:3b:ed:5d:a2:ba:ac:d5:9e:9e:
7d:dd:33:41:b2:0e:fe:de:59:37:6d:00:eb:af:a1:
92:16:b4:55:97:0d:d6:a6:e5:05:f5:35:05:d5:6a:
4d:21:e2:06:56:06:b5:84:24:ef:59:29:20:96:86:
ee:37:9a:5e:2e:1a:11:9e:14:39:69:cc:87:70:46:
ba:f1:6e:ab:19:49:d1:28:b3:77:1a:26:f9:46:4a:
b1:c8:21:a5:51:3f:bd:e6:9f:7a:58:1c:e7:88:57:
4d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:A1:8C:CB:09:41:36:2E:28:70:B7:37:8D:EF:07:3F:0D:BC:F2
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/bDyhjMsJQTYuKHC3N43vBz8NvPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.81.0/24
Signature Algorithm: sha256WithRSAEncryption
95:c1:cb:b5:e3:0b:fc:a0:62:17:76:c6:0b:77:dd:4a:d0:bb:
b7:62:d7:94:a2:f1:99:ca:6b:cb:2c:f0:ff:6b:8f:a7:61:2b:
8c:78:0a:9e:23:17:ab:3a:66:d5:9e:f9:99:c8:7a:1a:89:80:
49:93:f8:1a:62:d6:25:66:cd:9b:6b:d4:c7:a1:5e:9b:0f:30:
0a:11:44:44:33:9c:67:d3:ad:95:c7:2e:22:2a:dd:55:24:5e:
91:e3:56:40:f6:cc:ed:c8:2d:21:53:7f:53:69:2d:9a:03:81:
39:09:58:4b:09:27:78:10:74:c0:b8:9e:46:a3:3c:aa:b1:89:
18:67:bc:b2:58:61:24:19:93:ec:db:77:dc:30:2e:4e:83:a9:
fd:4d:a4:28:53:80:0e:90:d6:b4:0b:b7:62:60:58:d4:cd:6b:
7b:94:c2:4a:3a:ff:95:cd:f5:87:d8:81:8c:09:64:28:6e:57:
3d:8e:80:bd:a2:db:25:c9:93:60:43:f4:90:4b:96:81:0c:c3:
18:86:77:9b:19:32:14:6a:0c:b3:e8:56:cc:b2:6c:71:e6:b9:
c7:b3:76:f8:0a:26:68:43:0a:16:95:6e:25:fd:e3:df:b4:c5:
24:04:ae:9a:22:e1:61:38:6a:7f:ad:61:40:7f:94:00:0a:0f:
77:d8:2e:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGjQZIGGRn/BsJsLwerEz5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwODMwMTIyNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNjYTE4Y2NiMDk0MTM2MmUyODcwYjczNzhkZWYwNzNmMGRiY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmRBhlXo3iwyJ1VpMiNR/V28lnXh
UAousG3v7nzCrlLCivOwYOLH1TjpcT2FvEa/kna5yOhYpJUMx5X699a/Ccx1HFM6
hNO1a9EAvNTNoedBHL63Ui8jgMZCju2E/dwcfNVrp9VVwYkImlnGZWQXWKZK9EQq
xW4ARXPGhECs07L0h07r02q+bEJVF1/ua9Luyjl+rrwVsJUhAyY77V2iuqzVnp59
3TNBsg7+3lk3bQDrr6GSFrRVlw3WpuUF9TUF1WpNIeIGVga1hCTvWSkglobuN5pe
LhoRnhQ5acyHcEa68W6rGUnRKLN3Gib5RkqxyCGlUT+95p96WBzniFdNCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw8oYzLCUE2LihwtzeN7wc/DbzyMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvYkR5aGpNc0pRVFl1S0hDM040M3ZCejhOdlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5dRMA0G
CSqGSIb3DQEBCwUAA4IBAQCVwcu14wv8oGIXdsYLd91K0Lu3YteUovGZymvLLPD/
a4+nYSuMeAqeIxerOmbVnvmZyHoaiYBJk/gaYtYlZs2ba9THoV6bDzAKEUREM5xn
062Vxy4iKt1VJF6R41ZA9sztyC0hU39TaS2aA4E5CVhLCSd4EHTAuJ5GozyqsYkY
Z7yyWGEkGZPs23fcMC5Og6n9TaQoU4AOkNa0C7diYFjUzWt7lMJKOv+VzfWH2IGM
CWQoblc9joC9otslyZNgQ/SQS5aBDMMYhnebGTIUagyz6FbMsmxx5rnHs3b4CiZo
QwoWlW4l/ePftMUkBK6aIuFhOGp/rWFAf5QACg932C5Y
-----END CERTIFICATE-----
Generated at Wed Nov 20 09:39:30 2024 by rpki-client on console-ams.rpki-client.org