Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/4--5gkeIYvyRuby6Ij77GeFzWAQ.roa
File: 4--5gkeIYvyRuby6Ij77GeFzWAQ.roa (raw, json)
Hash identifier: /tBmHBkE/cXimFS2N6IowJvLhVBOfYeDlE6j3t3Sh9w=
Subject key identifier: E3:EF:B9:82:47:88:62:FC:91:B9:BC:BA:22:3E:FB:19:E1:73:58:04
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 01837AF82E58B031E3C318C0B2F431B22831
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/4--5gkeIYvyRuby6Ij77GeFzWAQ.roa
Signing time: Mon 26 Sep 2022 18:03:48 +0000
ROA not before: Mon 26 Sep 2022 18:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12325
IP address blocks: 194.8.80.0/24 maxlen: 24
91.220.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:f8:2e:58:b0:31:e3:c3:18:c0:b2:f4:31:b2:28:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Sep 26 18:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3efb982478862fc91b9bcba223efb19e1735804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:06:a5:1e:07:6f:da:49:d5:d9:3c:97:e9:47:
a3:64:f5:9f:52:0a:6c:75:7f:0a:b9:59:1c:ca:98:
47:64:d6:ad:36:f9:f1:b5:2e:d2:71:63:c1:34:86:
ea:50:fe:4b:65:02:21:62:b2:18:bf:c3:e1:79:a9:
15:87:0b:db:43:7e:6a:fa:8e:4d:bf:b0:7a:d1:bf:
32:98:00:6f:f1:6a:9e:e2:10:05:85:b1:da:10:4d:
60:48:1e:11:2e:73:34:d2:75:39:d4:d5:c9:10:6e:
fe:cb:69:d6:9e:b9:bf:6d:ff:bf:ab:01:99:2a:fd:
3b:48:4e:0a:da:14:5f:4b:55:0a:2a:1d:83:48:76:
f3:44:df:6b:cb:b1:a6:25:56:ed:b7:3f:09:e4:01:
64:f1:c9:62:48:a3:2c:42:9c:b3:54:0f:e5:bb:4e:
a8:9c:c7:92:44:d5:b7:67:25:90:87:12:20:b1:cc:
ef:04:85:76:c9:2d:df:e8:48:eb:89:20:0f:fd:2c:
81:0c:e0:9a:68:58:41:f0:67:ab:49:e6:a9:82:fa:
13:4b:8f:72:90:ee:59:ea:6e:85:1c:dd:4b:df:2d:
8f:1b:79:05:2e:a8:bc:59:09:9d:65:d2:f5:9e:1f:
27:01:93:db:8d:0e:c7:a0:1e:0e:c9:79:69:51:08:
d2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EF:B9:82:47:88:62:FC:91:B9:BC:BA:22:3E:FB:19:E1:73:58:04
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/4--5gkeIYvyRuby6Ij77GeFzWAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.75.0/24
194.8.80.0/24
Signature Algorithm: sha256WithRSAEncryption
97:1a:6d:5d:0e:ea:be:fd:68:d3:c7:f0:78:a4:6c:04:53:8a:
6c:e9:1e:0a:27:2a:79:73:28:fe:c1:63:ea:d0:a0:4a:c8:77:
61:bd:a9:58:09:ab:c9:5f:10:87:ed:ee:30:98:c8:55:b2:ed:
0c:56:be:62:2e:e7:20:ba:18:90:95:6d:5d:af:23:e6:7d:ae:
fb:c5:13:c4:17:3c:c9:ed:95:29:06:6f:07:97:a4:40:05:e3:
e9:ae:a9:aa:aa:eb:81:c0:46:93:1b:15:ad:34:5a:93:48:f6:
7b:95:84:13:e2:d5:24:6d:57:70:5a:68:a9:b3:e0:06:5d:99:
84:24:2a:67:77:18:2e:63:1e:74:e7:98:f8:9f:2d:5f:07:c6:
b2:3d:b1:a0:3c:ed:79:25:51:d5:09:e9:4e:74:25:d4:c5:8f:
ae:c7:91:d5:06:d2:fd:65:4d:b4:a1:09:1d:45:7d:5c:14:14:
82:a3:4c:71:7e:c0:31:9f:83:57:6e:e4:84:66:ea:12:fe:8a:
50:d8:d0:0f:b4:04:e5:9c:b3:52:cb:d1:74:0d:75:4d:94:cd:
ab:44:f8:6a:10:59:56:a9:72:a2:40:62:7e:4a:de:6c:ff:bc:
b7:23:d6:c0:93:06:c4:d7:5f:cc:bd:16:ac:e2:65:fa:f7:26:
73:5b:a4:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYN6+C5YsDHjwxjAsvQxsigxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjIwOTI2MTgwMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2VmYjk4MjQ3ODg2MmZjOTFiOWJjYmEyMjNlZmIxOWUxNzM1ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQalHgdv2knV2TyX6UejZPWfUgps
dX8KuVkcyphHZNatNvnxtS7ScWPBNIbqUP5LZQIhYrIYv8PheakVhwvbQ35q+o5N
v7B60b8ymABv8Wqe4hAFhbHaEE1gSB4RLnM00nU51NXJEG7+y2nWnrm/bf+/qwGZ
Kv07SE4K2hRfS1UKKh2DSHbzRN9ry7GmJVbttz8J5AFk8cliSKMsQpyzVA/lu06o
nMeSRNW3ZyWQhxIgsczvBIV2yS3f6EjriSAP/SyBDOCaaFhB8GerSeapgvoTS49y
kO5Z6m6FHN1L3y2PG3kFLqi8WQmdZdL1nh8nAZPbjQ7HoB4OyXlpUQjSjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOPvuYJHiGL8kbm8uiI++xnhc1gEMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvNC0tNWdrZUlZdnlSdWJ5NklqNzdHZUZ6V0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9xLAwQA
wghQMA0GCSqGSIb3DQEBCwUAA4IBAQCXGm1dDuq+/WjTx/B4pGwEU4ps6R4KJyp5
cyj+wWPq0KBKyHdhvalYCavJXxCH7e4wmMhVsu0MVr5iLucguhiQlW1dryPmfa77
xRPEFzzJ7ZUpBm8Hl6RABePprqmqquuBwEaTGxWtNFqTSPZ7lYQT4tUkbVdwWmip
s+AGXZmEJCpndxguYx5055j4ny1fB8ayPbGgPO15JVHVCelOdCXUxY+ux5HVBtL9
ZU20oQkdRX1cFBSCo0xxfsAxn4NXbuSEZuoS/opQ2NAPtATlnLNSy9F0DXVNlM2r
RPhqEFlWqXKiQGJ+St5s/7y3I9bAkwbE11/MvRas4mX69yZzW6RC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org