Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/5ACTa3VCPpAAB44Mv6bUYi_m8jM.roa
File: 5ACTa3VCPpAAB44Mv6bUYi_m8jM.roa (raw, json)
Hash identifier: zv1/NjG2bJvUO5uL/lJU8wEMfOwBOPlfQSAMQ+zO+qU=
Subject key identifier: E4:00:93:6B:75:42:3E:90:00:07:8E:0C:BF:A6:D4:62:2F:E6:F2:33
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 018E3243C5408C1F2BBD12271A687EFD3DFC
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/5ACTa3VCPpAAB44Mv6bUYi_m8jM.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.247.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c5:40:8c:1f:2b:bd:12:27:1a:68:7e:fd:3d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e400936b75423e9000078e0cbfa6d4622fe6f233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ab:9e:f7:cc:4f:6c:8d:a9:8f:74:b9:2b:8d:
c3:59:83:80:b2:85:61:c1:f9:df:19:b7:63:c3:b1:
2e:d4:e2:b2:2d:4d:18:28:a3:6c:4d:35:d1:7b:45:
f7:5b:5a:e8:93:d5:93:aa:ea:2c:e2:bb:bd:ca:0f:
72:5b:01:2d:fe:9c:24:16:9a:e9:7c:ef:93:a6:55:
b6:63:fe:2a:f5:5c:91:40:42:4b:1b:34:0e:4b:2c:
b1:5b:a7:0b:95:87:41:e7:bd:45:ed:0c:20:25:75:
0a:30:2e:3c:44:d0:ec:a7:63:15:90:6c:d1:2f:2a:
5a:dd:9b:15:e5:9e:71:3d:b2:25:d7:32:48:ba:41:
60:01:29:8d:88:7f:ef:3c:be:52:b2:26:66:0b:f3:
fe:43:91:9c:17:03:7d:49:d1:66:a6:ef:96:b8:2d:
1f:bd:37:0a:2b:c5:d1:40:fe:ba:78:f2:d2:e2:34:
e8:41:62:10:ec:f8:f3:c5:bf:31:2f:f6:4d:dd:02:
e4:d2:ee:1c:c7:64:f0:e2:c6:8b:1c:44:9d:df:4c:
87:87:4a:0d:8d:a5:18:f8:68:00:6c:bc:d4:39:26:
99:2e:2c:70:94:f7:d2:40:4f:26:14:86:0b:65:dc:
f7:2b:32:ba:6d:15:34:2d:6a:9a:eb:73:55:ed:81:
5d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:00:93:6B:75:42:3E:90:00:07:8E:0C:BF:A6:D4:62:2F:E6:F2:33
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/5ACTa3VCPpAAB44Mv6bUYi_m8jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:90:73:4d:db:b5:f6:43:64:80:c3:96:3d:cb:09:d7:76:50:
7e:86:bc:20:79:0b:de:dd:15:e0:bf:87:64:35:02:fe:c1:fd:
39:1d:a3:3b:51:29:16:24:49:37:9d:23:d8:50:39:97:2f:55:
41:21:fe:56:78:85:29:b3:03:c0:5a:88:0d:20:96:71:8f:8a:
f4:c6:9c:c1:af:21:20:37:31:7b:49:46:34:28:d0:25:d7:a4:
bd:76:c3:2e:41:b4:23:8b:30:e9:1e:01:28:2e:f9:23:cf:04:
92:77:45:0f:83:0b:fa:55:64:ae:bd:78:58:b4:a3:c1:1a:ca:
ae:4b:93:5c:e8:d9:2d:99:31:dd:01:8b:45:ab:eb:c4:ee:1e:
c0:99:77:25:54:c5:5b:bd:7c:40:52:be:1a:f6:ea:12:c3:53:
bd:20:08:40:46:2c:ab:38:d0:82:76:25:e8:03:9b:55:53:11:
75:ad:4d:f5:07:5a:c7:74:49:b8:1d:8b:d1:40:9d:47:6a:01:
f7:16:4e:c8:af:16:26:98:6f:70:ad:ed:46:46:c2:39:01:1d:
a6:c3:8d:d6:62:56:9f:75:6e:d2:f2:d4:15:85:91:a3:68:c9:
f9:ad:a2:bb:24:55:6a:ef:32:33:ed:bf:f3:b5:49:45:1b:68:
d6:0d:75:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8VAjB8rvRInGmh+/T38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDAwOTM2Yjc1NDIzZTkwMDAwNzhlMGNiZmE2ZDQ2MjJmZTZmMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgque98xPbI2pj3S5K43DWYOAsoVh
wfnfGbdjw7Eu1OKyLU0YKKNsTTXRe0X3W1rok9WTquos4ru9yg9yWwEt/pwkFprp
fO+TplW2Y/4q9VyRQEJLGzQOSyyxW6cLlYdB571F7QwgJXUKMC48RNDsp2MVkGzR
Lypa3ZsV5Z5xPbIl1zJIukFgASmNiH/vPL5SsiZmC/P+Q5GcFwN9SdFmpu+WuC0f
vTcKK8XRQP66ePLS4jToQWIQ7Pjzxb8xL/ZN3QLk0u4cx2Tw4saLHESd30yHh0oN
jaUY+GgAbLzUOSaZLixwlPfSQE8mFIYLZdz3KzK6bRU0LWqa63NV7YFdiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQAk2t1Qj6QAAeODL+m1GIv5vIzMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvNUFDVGEzVkNQcEFBQjQ0TXY2YlVZaV9tOGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/eqMA0G
CSqGSIb3DQEBCwUAA4IBAQCakHNN27X2Q2SAw5Y9ywnXdlB+hrwgeQve3RXgv4dk
NQL+wf05HaM7USkWJEk3nSPYUDmXL1VBIf5WeIUpswPAWogNIJZxj4r0xpzBryEg
NzF7SUY0KNAl16S9dsMuQbQjizDpHgEoLvkjzwSSd0UPgwv6VWSuvXhYtKPBGsqu
S5Nc6NktmTHdAYtFq+vE7h7AmXclVMVbvXxAUr4a9uoSw1O9IAhARiyrONCCdiXo
A5tVUxF1rU31B1rHdEm4HYvRQJ1HagH3Fk7IrxYmmG9wre1GRsI5AR2mw43WYlaf
dW7S8tQVhZGjaMn5raK7JFVq7zIz7b/ztUlFG2jWDXVx
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:58:21 2024 by rpki-client on console-fra.rpki-client.org