Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1v2CHvikDBvxn31lDoRmZs4I5M.roa
File: d1v2CHvikDBvxn31lDoRmZs4I5M.roa (raw, json)
Hash identifier: DsAOAaY3CgouWSAGRmU67v2O3BPsxSVq8H3Z9iqaIjs=
Subject key identifier: 77:5B:F6:08:7B:E2:90:30:6F:C6:7D:F5:94:3A:11:99:9B:38:23:93
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 018D3BDFFDCBB1028BA4EECE442A6A8219E2
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1v2CHvikDBvxn31lDoRmZs4I5M.roa
Signing time: Wed 24 Jan 2024 14:29:11 +0000
ROA not before: Wed 24 Jan 2024 14:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 91.213.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:df:fd:cb:b1:02:8b:a4:ee:ce:44:2a:6a:82:19:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jan 24 14:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=775bf6087be290306fc67df5943a11999b382393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e7:da:1d:9c:11:99:c4:8e:a2:ea:9e:50:c1:
d0:f2:31:77:8d:2b:f1:30:4b:9f:0f:ce:c5:61:31:
04:a1:66:40:32:60:5c:d5:35:76:30:6a:1a:a4:87:
1a:54:ca:fc:e4:96:f2:3f:0a:cd:f7:72:fc:05:66:
93:45:f3:49:c0:fb:0c:a3:e9:59:1f:eb:54:90:f5:
aa:90:f3:68:3d:c1:ed:0b:ea:b1:a1:58:49:d9:6a:
7e:10:51:1a:a8:cd:d1:11:d9:a9:1d:83:12:de:db:
aa:ac:c0:56:b9:9c:20:78:bd:7b:10:a8:83:ec:e1:
d4:50:72:f0:75:75:20:1c:7a:54:c0:89:c5:36:92:
52:1e:50:ab:44:ae:b0:4e:15:66:68:c7:d4:9c:e8:
0f:b9:19:80:29:55:c7:ab:1a:13:4a:59:de:7b:c3:
e6:89:f5:d4:5e:23:b8:28:ec:ea:22:8a:90:ec:f7:
47:57:1e:8f:b0:86:ff:59:08:a9:49:28:36:4d:08:
7f:0a:23:d8:07:93:43:35:f5:4c:79:93:16:23:94:
58:a6:72:cb:c8:4e:cd:f8:ab:dd:93:a9:a9:ef:fd:
f9:3c:08:6b:97:cc:d8:1b:4b:eb:a2:8f:c6:0b:15:
5e:69:35:ea:e0:cd:47:d1:cb:b5:f4:5a:11:e8:6f:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5B:F6:08:7B:E2:90:30:6F:C6:7D:F5:94:3A:11:99:9B:38:23:93
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1v2CHvikDBvxn31lDoRmZs4I5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.155.0/24
Signature Algorithm: sha256WithRSAEncryption
27:42:64:8e:92:92:b5:39:d4:7f:ea:57:ea:d9:62:19:44:2a:
56:c5:d7:7a:9e:6b:54:ed:18:dd:ea:33:dd:49:8a:1b:6d:ee:
a4:75:48:bf:cd:6c:20:84:77:60:14:c6:09:17:c4:35:69:fb:
8a:b8:03:af:36:7c:8f:a3:7e:ed:08:60:d6:bf:8b:29:a8:2b:
a1:6f:4b:2c:91:1d:0a:ff:ec:97:15:88:f2:1c:f7:00:d6:bd:
a2:30:c5:2e:8c:8b:a7:f7:b4:90:78:0d:e5:fb:42:b7:8c:f5:
77:78:0c:5d:ec:24:d4:4f:3e:4a:b8:86:a8:43:51:58:f2:10:
bf:e2:c4:14:3d:0b:88:1d:e4:17:46:4d:a0:bf:e4:f2:00:5f:
d9:dc:64:c5:bd:d8:1e:18:d9:cb:44:35:7d:b6:ca:46:c2:e0:
f9:72:64:65:4d:54:67:d1:73:b0:4e:16:e5:32:a9:2e:95:75:
a4:41:de:51:89:d0:2c:9a:20:d9:37:d3:98:ec:f3:41:66:4b:
7c:ff:25:d2:89:0c:e5:22:31:eb:54:7c:e4:16:3b:4f:ca:0c:
cf:05:84:01:8b:d5:22:43:d9:d5:dd:a4:7f:6e:70:97:21:d8:
42:5a:69:ec:d8:9d:41:c1:ed:76:83:01:56:e4:ac:71:db:6c:
12:73:04:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY073/3LsQKLpO7ORCpqghniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwMTI0MTQyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzViZjYwODdiZTI5MDMwNmZjNjdkZjU5NDNhMTE5OTliMzgyMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgufaHZwRmcSOouqeUMHQ8jF3jSvx
MEufD87FYTEEoWZAMmBc1TV2MGoapIcaVMr85JbyPwrN93L8BWaTRfNJwPsMo+lZ
H+tUkPWqkPNoPcHtC+qxoVhJ2Wp+EFEaqM3REdmpHYMS3tuqrMBWuZwgeL17EKiD
7OHUUHLwdXUgHHpUwInFNpJSHlCrRK6wThVmaMfUnOgPuRmAKVXHqxoTSlnee8Pm
ifXUXiO4KOzqIoqQ7PdHVx6PsIb/WQipSSg2TQh/CiPYB5NDNfVMeZMWI5RYpnLL
yE7N+Kvdk6mp7/35PAhrl8zYG0vroo/GCxVeaTXq4M1H0cu19FoR6G9aNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdb9gh74pAwb8Z99ZQ6EZmbOCOTMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvZDF2MkNIdmlrREJ2eG4zMWxEb1JtWnM0STVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WbMA0G
CSqGSIb3DQEBCwUAA4IBAQAnQmSOkpK1OdR/6lfq2WIZRCpWxdd6nmtU7Rjd6jPd
SYobbe6kdUi/zWwghHdgFMYJF8Q1afuKuAOvNnyPo37tCGDWv4spqCuhb0sskR0K
/+yXFYjyHPcA1r2iMMUujIun97SQeA3l+0K3jPV3eAxd7CTUTz5KuIaoQ1FY8hC/
4sQUPQuIHeQXRk2gv+TyAF/Z3GTFvdgeGNnLRDV9tspGwuD5cmRlTVRn0XOwThbl
MqkulXWkQd5RidAsmiDZN9OY7PNBZkt8/yXSiQzlIjHrVHzkFjtPygzPBYQBi9Ui
Q9nV3aR/bnCXIdhCWmns2J1Bwe12gwFW5Kxx22wScwTT
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:58:21 2024 by rpki-client on console-fra.rpki-client.org