Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ixXs5_V_XaZ8NogDiMix-G1CVbg.roa
File: ixXs5_V_XaZ8NogDiMix-G1CVbg.roa (raw, json)
Hash identifier: dzOlPGyRKyJZMUnxsTvayAtmcBDw6vPOhl3ocngjaso=
Subject key identifier: 8B:15:EC:E7:F5:7F:5D:A6:7C:36:88:03:88:C8:B1:F8:6D:42:55:B8
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0B772EF3
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ixXs5_V_XaZ8NogDiMix-G1CVbg.roa
Signing time: Sat 16 Apr 2022 19:04:29 +0000
ROA not before: Sat 16 Apr 2022 19:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203377
IP address blocks: 91.151.87.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192360179 (0xb772ef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Apr 16 19:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b15ece7f57f5da67c36880388c8b1f86d4255b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e4:5e:df:fb:e0:f2:70:a5:fa:2c:2d:34:54:
69:36:8f:d4:f4:97:46:f0:3d:c3:e6:f6:76:c8:e6:
99:9e:88:3a:d6:f8:62:83:94:46:27:64:f4:af:0b:
7f:70:8e:76:7c:7a:42:7e:8d:ad:98:eb:c5:93:5d:
0e:e9:b0:26:73:04:5d:88:9c:1b:16:80:dc:39:b3:
36:89:32:5c:e8:6e:7a:43:d9:25:dc:1c:5b:57:70:
f4:7d:2f:dc:da:d0:61:24:2d:22:6b:f6:f6:56:a5:
82:2d:af:9d:4d:b9:19:0c:8f:a8:95:fd:26:a0:61:
0d:28:1f:af:1b:bf:a3:6e:35:c0:d1:f7:7c:db:28:
47:0d:80:46:b5:ff:d6:99:fe:9c:e1:93:4b:1c:f2:
3b:bd:9e:83:0f:56:8c:c5:94:7a:d6:7f:e4:0f:a1:
f6:2b:17:d4:81:69:d0:8d:a9:98:92:b6:63:8b:05:
8c:29:a5:65:75:3f:5a:2f:f4:36:ab:c1:ca:3f:82:
91:dc:49:24:c5:31:53:3c:f6:d1:ae:e8:ee:ec:09:
24:d3:49:47:5b:bb:53:a9:28:b3:22:b7:c3:54:f4:
8c:a5:d9:54:e5:cf:13:83:29:fb:26:4e:1f:b8:ed:
8a:f9:26:33:dc:d4:6d:1c:74:a6:5f:ce:84:56:14:
36:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:15:EC:E7:F5:7F:5D:A6:7C:36:88:03:88:C8:B1:F8:6D:42:55:B8
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ixXs5_V_XaZ8NogDiMix-G1CVbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.87.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:0c:b0:16:96:46:49:c3:cb:79:03:db:94:bd:86:ba:0c:0b:
94:1f:b1:20:b9:98:fa:d8:10:c1:dd:20:04:f5:64:32:3a:ae:
56:ac:1c:b8:67:30:4e:94:66:7c:61:eb:b3:f2:c8:d4:d2:b0:
0a:70:11:bf:76:1b:3a:c0:e4:86:1e:78:8f:10:96:3f:58:ad:
c6:d5:24:6e:df:06:2b:65:b5:1e:92:d8:61:2e:35:dd:41:56:
89:f8:53:ee:c0:83:df:21:ac:df:e7:d3:95:af:93:cb:6f:51:
bd:8d:a1:53:14:56:34:dc:72:8b:f3:46:a8:c3:1b:f2:4e:7d:
a6:f9:48:7e:3a:45:26:32:e4:fc:cf:f6:ea:d7:eb:bf:48:7a:
c6:42:60:c2:17:24:1a:b6:31:76:9c:bf:d4:b3:87:c6:46:70:
99:f4:5b:dd:cd:19:0d:57:a5:0d:61:6e:e1:b5:c5:5c:aa:38:
5c:bb:86:06:3f:c5:e1:34:c9:f0:1c:47:ac:85:97:2e:f6:1f:
ec:1c:98:a7:52:1c:46:1f:04:5e:4b:b1:b8:5d:d5:cd:2e:b8:
c8:5a:0a:c6:7e:42:f6:9e:1c:8a:2e:3a:a2:c4:ea:91:df:88:
b5:b6:7f:13:b7:3c:22:4b:11:41:61:f6:32:de:3f:d8:30:91:
90:9e:64:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC3cu8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDQx
NjE5MDQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIxNWVjZTdmNTdm
NWRhNjdjMzY4ODAzODhjOGIxZjg2ZDQyNTViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnkXt/74PJwpfosLTRUaTaP1PSXRvA9w+b2dsjmmZ6IOtb4
YoOURidk9K8Lf3COdnx6Qn6NrZjrxZNdDumwJnMEXYicGxaA3DmzNokyXOhuekPZ
JdwcW1dw9H0v3NrQYSQtImv29lalgi2vnU25GQyPqJX9JqBhDSgfrxu/o241wNH3
fNsoRw2ARrX/1pn+nOGTSxzyO72egw9WjMWUetZ/5A+h9isX1IFp0I2pmJK2Y4sF
jCmlZXU/Wi/0NqvByj+CkdxJJMUxUzz20a7o7uwJJNNJR1u7U6kosyK3w1T0jKXZ
VOXPE4Mp+yZOH7jtivkmM9zUbRx0pl/OhFYUNn8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSLFezn9X9dpnw2iAOIyLH4bUJVuDAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L2l4WHM1X1ZfWGFaOE5vZ0RpTWl4LUcxQ1ZiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuXVzANBgkqhkiG9w0BAQsFAAOC
AQEA0wywFpZGScPLeQPblL2GugwLlB+xILmY+tgQwd0gBPVkMjquVqwcuGcwTpRm
fGHrs/LI1NKwCnARv3YbOsDkhh54jxCWP1itxtUkbt8GK2W1HpLYYS413UFWifhT
7sCD3yGs3+fTla+Ty29RvY2hUxRWNNxyi/NGqMMb8k59pvlIfjpFJjLk/M/26tfr
v0h6xkJgwhckGrYxdpy/1LOHxkZwmfRb3c0ZDVelDWFu4bXFXKo4XLuGBj/F4TTJ
8BxHrIWXLvYf7ByYp1IcRh8EXkuxuF3VzS64yFoKxn5C9p4cii46osTqkd+ItbZ/
E7c8IksRQWH2Mt4/2DCRkJ5kGQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org