Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/6n2szMXzvkf4JAn6uQqXtVeql60.roa
File: 6n2szMXzvkf4JAn6uQqXtVeql60.roa (raw, json)
Hash identifier: TomHlAiKEamADdNHZa8KIHnkuTYHK7N4+ddLx0r0j4o=
Subject key identifier: EA:7D:AC:CC:C5:F3:BE:47:F8:24:09:FA:B9:0A:97:B5:57:AA:97:AD
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0185C9CD79CB5533AAF8CE1A9FEDC4B3C561
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/6n2szMXzvkf4JAn6uQqXtVeql60.roa
Signing time: Thu 19 Jan 2023 11:32:44 +0000
ROA not before: Thu 19 Jan 2023 11:32:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 91.234.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:cd:79:cb:55:33:aa:f8:ce:1a:9f:ed:c4:b3:c5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 19 11:32:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea7dacccc5f3be47f82409fab90a97b557aa97ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7e:3c:f7:7c:60:e7:b7:ba:01:d9:ef:94:ba:
e6:f9:18:d1:9d:50:f6:62:60:ae:ec:f4:50:6d:b8:
64:36:86:0d:57:94:1c:45:f7:40:84:c1:79:a3:2b:
3d:31:3c:22:60:9b:36:11:5a:f6:24:28:24:e5:cd:
4f:05:ad:c8:4c:c7:f0:de:eb:cb:0a:22:1d:9b:62:
42:ab:0a:c1:60:34:9b:35:ec:e5:02:09:99:f4:07:
9e:d9:b3:24:a0:86:45:18:10:7e:9e:1b:a4:79:dd:
f3:e0:ad:b7:e0:e2:30:70:cf:eb:87:da:d8:ea:20:
74:3a:1c:b7:76:e5:21:9c:32:fc:1f:3c:f9:35:79:
b1:8a:82:42:e1:79:6a:24:8d:23:7d:42:65:2e:f6:
77:c4:83:84:aa:66:44:28:5b:01:d6:c1:57:e8:0a:
11:28:66:dd:79:95:e7:83:af:af:57:37:ee:ea:7c:
6d:a3:9e:93:8b:9e:74:20:f3:fb:95:4f:19:37:e8:
d1:a7:ae:3a:a2:8a:61:1d:97:64:ef:f3:7f:00:28:
72:3b:6a:e7:38:e1:ce:6a:8f:9e:8a:f0:be:d1:d2:
b3:37:87:e0:c8:8f:52:f4:63:65:c6:df:3d:3c:7f:
62:d2:0a:72:f1:00:e8:de:f0:5d:cf:aa:a2:b6:c3:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7D:AC:CC:C5:F3:BE:47:F8:24:09:FA:B9:0A:97:B5:57:AA:97:AD
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/6n2szMXzvkf4JAn6uQqXtVeql60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.11.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d6:02:7d:7f:13:dc:88:a6:68:3b:ff:15:a7:a8:c1:ba:94:
cb:56:f7:9b:24:9d:3e:1f:8e:e9:a8:14:a7:0a:4f:63:24:30:
ae:9d:70:f5:2f:85:ff:0c:b2:3d:98:08:e5:ee:41:24:69:55:
ba:2f:22:71:4a:74:5f:78:b8:e3:66:cd:9a:6b:b6:fa:0b:05:
8a:73:67:1b:de:81:4b:07:2d:0d:6e:a0:61:f2:f2:e1:6b:5b:
d4:98:05:14:d6:ac:bc:72:0f:29:a8:b0:2e:24:69:d2:3f:21:
8f:d6:64:c1:ff:62:00:fa:64:aa:1f:13:4d:56:a9:87:9f:9d:
c3:87:06:52:90:59:2d:23:54:df:7d:3e:5a:42:e0:ab:6e:fb:
32:e4:dd:67:b6:1e:47:cb:5f:fa:3a:9e:36:29:4c:a0:02:80:
b5:23:41:f5:a5:7a:29:95:b0:d9:f5:be:2a:7a:78:f9:e2:c2:
17:94:82:55:3d:f7:f2:bc:34:88:32:96:d7:f5:13:b7:03:95:
4b:94:b8:70:32:c6:e2:08:58:4f:3d:c0:e7:36:cb:29:a4:78:
7a:bf:5e:55:42:7e:a3:fd:1f:70:77:52:8f:c9:0a:45:ac:f4:
b3:90:40:de:08:d1:44:1e:6a:39:fa:fb:94:5c:f4:f2:5b:41:
57:cb:ad:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXJzXnLVTOq+M4an+3Es8VhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMTE5MTEzMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdkYWNjY2M1ZjNiZTQ3ZjgyNDA5ZmFiOTBhOTdiNTU3YWE5N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA434893xg57e6AdnvlLrm+RjRnVD2
YmCu7PRQbbhkNoYNV5QcRfdAhMF5oys9MTwiYJs2EVr2JCgk5c1PBa3ITMfw3uvL
CiIdm2JCqwrBYDSbNezlAgmZ9Aee2bMkoIZFGBB+nhuked3z4K234OIwcM/rh9rY
6iB0Ohy3duUhnDL8Hzz5NXmxioJC4XlqJI0jfUJlLvZ3xIOEqmZEKFsB1sFX6AoR
KGbdeZXng6+vVzfu6nxto56Ti550IPP7lU8ZN+jRp646oophHZdk7/N/AChyO2rn
OOHOao+eivC+0dKzN4fgyI9S9GNlxt89PH9i0gpy8QDo3vBdz6qitsP9lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOp9rMzF875H+CQJ+rkKl7VXqpetMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvNm4yc3pNWHp2a2Y0SkFuNnVRcVh0VmVxbDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oLMA0G
CSqGSIb3DQEBCwUAA4IBAQAw1gJ9fxPciKZoO/8Vp6jBupTLVvebJJ0+H47pqBSn
Ck9jJDCunXD1L4X/DLI9mAjl7kEkaVW6LyJxSnRfeLjjZs2aa7b6CwWKc2cb3oFL
By0NbqBh8vLha1vUmAUU1qy8cg8pqLAuJGnSPyGP1mTB/2IA+mSqHxNNVqmHn53D
hwZSkFktI1TffT5aQuCrbvsy5N1nth5Hy1/6Op42KUygAoC1I0H1pXoplbDZ9b4q
enj54sIXlIJVPffyvDSIMpbX9RO3A5VLlLhwMsbiCFhPPcDnNssppHh6v15VQn6j
/R9wd1KPyQpFrPSzkEDeCNFEHmo5+vuUXPTyW0FXy62J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:27 2024 by rpki-client on console-fra.rpki-client.org