Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/5Jq35ryWv2KPAviqNBxddvXD_Eg.roa
File: 5Jq35ryWv2KPAviqNBxddvXD_Eg.roa (raw, json)
Hash identifier: i0z93+jqyZEweTpAANpKJ35P93RbjfOKCmHL+C3x5fs=
Subject key identifier: E4:9A:B7:E6:BC:96:BF:62:8F:02:F8:AA:34:1C:5D:76:F5:C3:FC:48
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 01854306E0C194BE41B76B8E4B9E6A2D0EED
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/5Jq35ryWv2KPAviqNBxddvXD_Eg.roa
Signing time: Sat 24 Dec 2022 07:26:42 +0000
ROA not before: Sat 24 Dec 2022 07:26:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43839
IP address blocks: 91.220.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:06:e0:c1:94:be:41:b7:6b:8e:4b:9e:6a:2d:0e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Dec 24 07:26:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e49ab7e6bc96bf628f02f8aa341c5d76f5c3fc48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e9:ef:3a:d9:11:bc:c8:d9:97:7c:19:0f:df:
e1:01:af:f2:63:98:36:df:cb:95:71:2b:6e:8c:af:
80:a2:b9:f4:7e:5e:9a:c4:bd:77:91:36:6e:29:c7:
ef:55:96:6d:e8:3e:8a:e5:51:9e:73:5c:84:22:8e:
a1:74:e0:f4:35:8e:3d:71:4a:d7:91:f4:96:80:8a:
5f:62:16:fe:ad:8c:bc:b1:b1:fd:2d:4a:bf:0c:ab:
31:d7:2c:71:bf:a0:64:59:ca:9f:35:eb:06:fb:7a:
c9:d9:10:2f:19:8f:2e:e1:27:9b:a5:3c:a8:f9:0a:
9a:0b:fb:a8:f3:04:79:25:0d:0e:09:31:e7:d3:e9:
be:76:19:ce:76:c2:2f:6e:ee:93:93:66:50:f2:3d:
41:83:09:97:1f:ec:0f:01:ed:0f:e2:76:d0:32:34:
c5:28:db:88:aa:e0:91:75:41:b9:47:e1:58:17:48:
c0:98:19:e8:df:9e:72:63:f4:c0:48:75:db:3f:a2:
96:58:21:31:0b:ac:a8:35:99:21:9e:c4:c4:6a:a2:
3f:a3:64:cc:8b:e4:7e:0e:ec:f5:b6:0b:d5:f4:54:
d6:03:7e:28:61:1a:6a:cf:08:d2:a1:2c:df:9f:96:
cf:02:60:ea:0b:62:60:05:48:12:16:33:b3:2f:e0:
3d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9A:B7:E6:BC:96:BF:62:8F:02:F8:AA:34:1C:5D:76:F5:C3:FC:48
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/5Jq35ryWv2KPAviqNBxddvXD_Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.75.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6d:10:77:35:c8:aa:eb:62:3f:5d:7f:63:ac:cd:f0:18:9e:
6e:cc:10:48:b8:42:6b:9a:9e:6f:14:f0:18:74:70:7c:a8:b7:
67:f6:d0:85:69:21:de:4a:fd:2b:e1:68:e8:24:02:cc:de:44:
8b:40:9f:c0:7f:e7:68:d6:7b:83:b6:83:cb:12:88:76:27:5e:
17:ae:07:f6:ce:e5:da:0f:d2:59:ce:06:c9:4a:32:08:19:60:
e1:bf:f7:9f:8c:16:d6:e0:5a:8c:c1:d0:88:f7:8f:4f:5a:ed:
e4:4d:3b:82:c2:08:a1:32:37:49:59:4c:04:e1:c5:b8:c1:b5:
8b:cc:48:0e:45:59:dd:2e:dc:c1:b7:10:53:79:74:7b:3f:76:
98:37:bf:12:7e:33:fe:5f:68:44:e6:76:f3:d2:26:ba:0d:97:
a1:c6:95:7c:00:6e:87:cf:ce:02:c9:c1:27:35:d8:b4:bb:fd:
c0:7e:4e:d6:d1:18:e4:be:89:a5:a4:08:3b:14:6c:a4:99:fa:
4d:9c:a5:f0:c1:42:33:88:3e:eb:9c:97:40:26:ec:c4:d3:a0:
68:0e:e9:61:2c:86:ac:7b:85:c3:db:69:79:52:f4:eb:e4:b9:
3f:fb:ac:30:08:07:ce:6c:41:68:98:f0:e1:78:7f:8f:03:e6:
f7:23:e9:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVDBuDBlL5Bt2uOS55qLQ7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjIxMjI0MDcyNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDlhYjdlNmJjOTZiZjYyOGYwMmY4YWEzNDFjNWQ3NmY1YzNmYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOnvOtkRvMjZl3wZD9/hAa/yY5g2
38uVcStujK+Aorn0fl6axL13kTZuKcfvVZZt6D6K5VGec1yEIo6hdOD0NY49cUrX
kfSWgIpfYhb+rYy8sbH9LUq/DKsx1yxxv6BkWcqfNesG+3rJ2RAvGY8u4SebpTyo
+QqaC/uo8wR5JQ0OCTHn0+m+dhnOdsIvbu6Tk2ZQ8j1BgwmXH+wPAe0P4nbQMjTF
KNuIquCRdUG5R+FYF0jAmBno355yY/TASHXbP6KWWCExC6yoNZkhnsTEaqI/o2TM
i+R+Duz1tgvV9FTWA34oYRpqzwjSoSzfn5bPAmDqC2JgBUgSFjOzL+A9gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSat+a8lr9ijwL4qjQcXXb1w/xIMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvNUpxMzVyeVd2MktQQXZpcU5CeGRkdlhEX0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xLMA0G
CSqGSIb3DQEBCwUAA4IBAQB/bRB3Nciq62I/XX9jrM3wGJ5uzBBIuEJrmp5vFPAY
dHB8qLdn9tCFaSHeSv0r4WjoJALM3kSLQJ/Af+do1nuDtoPLEoh2J14Xrgf2zuXa
D9JZzgbJSjIIGWDhv/efjBbW4FqMwdCI949PWu3kTTuCwgihMjdJWUwE4cW4wbWL
zEgORVndLtzBtxBTeXR7P3aYN78SfjP+X2hE5nbz0ia6DZehxpV8AG6Hz84CycEn
Ndi0u/3Afk7W0RjkvomlpAg7FGykmfpNnKXwwUIziD7rnJdAJuzE06BoDulhLIas
e4XD22l5UvTr5Lk/+6wwCAfObEFomPDheH+PA+b3I+kC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org