Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/JVqqNNn3oU0Z8y0aryuTvl3wA8o.roa
File: JVqqNNn3oU0Z8y0aryuTvl3wA8o.roa (raw, json)
Hash identifier: mJo0eUqkbIZ3QLRIu1cu+lG/PvGtEnwD0RZQuf5Gi44=
Subject key identifier: 25:5A:AA:34:D9:F7:A1:4D:19:F3:2D:1A:AF:2B:93:BE:5D:F0:03:CA
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 018603AE6CAF6DD767F279837104216456A5
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/JVqqNNn3oU0Z8y0aryuTvl3wA8o.roa
Signing time: Mon 30 Jan 2023 17:16:48 +0000
ROA not before: Mon 30 Jan 2023 17:16:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44418
IP address blocks: 91.220.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:03:ae:6c:af:6d:d7:67:f2:79:83:71:04:21:64:56:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jan 30 17:16:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=255aaa34d9f7a14d19f32d1aaf2b93be5df003ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:27:2b:56:9f:49:15:b8:64:02:1c:89:95:12:
36:fb:eb:f2:a7:1f:1c:b9:be:26:be:c6:28:84:19:
10:53:7b:5e:95:bd:98:25:05:6e:c8:ef:d4:ba:fb:
1f:4f:82:63:13:7e:45:6e:15:61:da:51:2f:e3:e2:
fd:c3:bc:cf:c5:3c:64:2d:3b:63:a9:46:c5:9e:ef:
f8:08:08:bb:83:cf:a0:68:7a:71:20:8a:6f:88:6c:
49:29:b9:80:47:f8:db:d3:5f:1a:6f:5d:64:8d:c2:
e2:f3:0b:e9:5e:f6:39:f0:ea:cb:39:23:52:9d:20:
9a:52:2b:28:4e:b7:f5:1a:c2:74:86:cd:3a:76:a6:
15:b5:69:c4:04:1a:e9:a8:2a:d4:2b:5f:67:c3:2c:
d4:7c:88:aa:75:8f:aa:2a:3f:aa:1b:fd:e4:40:68:
af:fe:b0:53:b8:d6:40:e3:6a:9f:c9:aa:c5:80:92:
97:f4:6d:de:ce:fe:32:df:fd:ba:d5:5d:6b:f0:2f:
2a:d1:e3:2d:64:97:32:7b:e1:8a:99:66:e0:f9:f7:
6c:d1:fe:2a:a8:d5:03:f4:cd:df:b5:50:82:22:20:
8b:e8:d0:51:b2:3d:64:19:51:39:8d:86:9d:2a:c0:
03:65:e1:25:fc:ec:0f:f6:96:5c:47:07:a0:d3:91:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5A:AA:34:D9:F7:A1:4D:19:F3:2D:1A:AF:2B:93:BE:5D:F0:03:CA
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/JVqqNNn3oU0Z8y0aryuTvl3wA8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.75.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a8:15:fa:1a:24:ff:1b:cf:c4:6b:cd:df:4b:c9:dc:cd:7e:
c5:70:3d:cc:25:c9:d8:ab:35:b6:9a:5c:0f:7a:66:18:23:24:
77:a1:00:66:16:ce:1c:61:41:14:44:5b:b2:56:34:b9:e2:b8:
14:fc:e2:29:33:4f:d2:98:aa:3a:5e:be:c5:88:f2:7c:99:c0:
01:01:3c:65:66:b6:cb:87:bf:26:1c:ef:a6:31:d1:8e:76:9f:
b1:da:5c:0a:ad:f8:e7:a6:9b:50:20:c9:b8:7c:41:3e:a5:c5:
95:0c:cc:a9:9d:6d:cf:98:5b:60:92:c0:40:af:65:91:42:14:
7c:72:86:b6:1b:1a:22:9e:40:1f:91:b6:ad:0e:52:4e:26:6e:
aa:fe:ca:5d:ae:98:bf:31:3d:7d:5d:e9:35:76:84:8b:8a:b6:
b3:6f:7e:77:83:b8:86:f0:ec:82:c8:51:32:3e:10:e0:ea:0f:
18:56:3d:db:06:82:23:f3:dd:71:ad:63:c9:e2:d6:52:9e:0b:
80:55:ec:ac:14:14:02:26:f8:c9:71:92:9d:34:a2:7e:72:86:
b4:e0:ba:34:ba:19:3a:ca:98:4b:70:09:f3:1a:32:44:fa:cd:
d6:e9:62:2c:72:c1:43:11:43:b4:45:dc:a9:65:c9:e0:ae:28:
4e:c2:19:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYDrmyvbddn8nmDcQQhZFalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjMwMTMwMTcxNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVhYWEzNGQ5ZjdhMTRkMTlmMzJkMWFhZjJiOTNiZTVkZjAwM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuycrVp9JFbhkAhyJlRI2++vypx8c
ub4mvsYohBkQU3telb2YJQVuyO/UuvsfT4JjE35FbhVh2lEv4+L9w7zPxTxkLTtj
qUbFnu/4CAi7g8+gaHpxIIpviGxJKbmAR/jb018ab11kjcLi8wvpXvY58OrLOSNS
nSCaUisoTrf1GsJ0hs06dqYVtWnEBBrpqCrUK19nwyzUfIiqdY+qKj+qG/3kQGiv
/rBTuNZA42qfyarFgJKX9G3ezv4y3/261V1r8C8q0eMtZJcye+GKmWbg+fds0f4q
qNUD9M3ftVCCIiCL6NBRsj1kGVE5jYadKsADZeEl/OwP9pZcRweg05FnAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVaqjTZ96FNGfMtGq8rk75d8APKMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvSlZxcU5ObjNvVTBaOHkwYXJ5dVR2bDN3QThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xLMA0G
CSqGSIb3DQEBCwUAA4IBAQAnqBX6GiT/G8/Ea83fS8nczX7FcD3MJcnYqzW2mlwP
emYYIyR3oQBmFs4cYUEURFuyVjS54rgU/OIpM0/SmKo6Xr7FiPJ8mcABATxlZrbL
h78mHO+mMdGOdp+x2lwKrfjnpptQIMm4fEE+pcWVDMypnW3PmFtgksBAr2WRQhR8
coa2GxoinkAfkbatDlJOJm6q/spdrpi/MT19Xek1doSLirazb353g7iG8OyCyFEy
PhDg6g8YVj3bBoIj891xrWPJ4tZSnguAVeysFBQCJvjJcZKdNKJ+coa04Lo0uhk6
yphLcAnzGjJE+s3W6WIscsFDEUO0RdypZcngrihOwhlB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org