Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/IyqgKDA2ml-csGAuSWUyEzoy8Uk.roa
File: IyqgKDA2ml-csGAuSWUyEzoy8Uk.roa (raw, json)
Hash identifier: KZvPwZ/9fqdN5H+wEZXIn4d4Bs1f5Egq/xe+WrTLQ7A=
Subject key identifier: 23:2A:A0:28:30:36:9A:5F:9C:B0:60:2E:49:65:32:13:3A:32:F1:49
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0694B2FB
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/IyqgKDA2ml-csGAuSWUyEzoy8Uk.roa
Signing time: Sat 01 Jan 2022 08:57:12 +0000
ROA not before: Sat 01 Jan 2022 08:57:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 193.106.96.0/23 maxlen: 23
91.202.232.0/23 maxlen: 23
194.242.26.0/23 maxlen: 23
91.195.110.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110408443 (0x694b2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 08:57:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=232aa02830369a5f9cb0602e496532133a32f149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:49:f6:a1:c0:ec:cc:b5:f0:a3:93:e5:49:c0:
7d:d1:8e:97:26:c8:76:78:24:f5:8c:60:16:8f:a4:
4a:97:a3:e9:86:03:62:40:eb:00:eb:c3:9e:60:5f:
bb:81:1a:d9:44:57:e0:3f:34:da:ef:bf:43:fd:89:
c3:e0:29:aa:06:54:d5:00:e5:f0:b2:0c:bd:6a:61:
af:a2:f0:d1:2f:e7:6b:fe:0a:72:43:9c:72:0e:82:
1a:df:9f:45:6e:8c:4f:8b:aa:89:b7:e6:52:d6:be:
8f:e4:ee:34:22:66:f9:3c:a6:26:87:03:90:f9:e5:
da:e6:aa:c5:4d:a9:3a:91:8f:18:a6:02:fa:71:d4:
d1:5e:ba:01:a1:03:e1:8e:ee:67:d6:92:5d:f0:d9:
3d:c6:a1:a9:88:9b:3f:f4:aa:f6:54:48:2c:78:16:
3b:f0:14:c4:76:d9:bf:25:83:4b:53:a9:67:86:cf:
f9:fc:59:b6:b3:a8:24:a8:c9:81:9d:d1:cb:6f:de:
03:1a:05:8a:18:41:62:7a:24:19:34:7e:f0:d8:51:
63:35:1b:4c:73:0e:e1:cf:d4:ca:f1:bf:d9:94:c8:
4b:2b:e9:08:3c:10:3e:71:ef:0a:97:33:ac:4f:e0:
50:42:97:ae:30:e4:0c:43:07:d0:6f:91:9e:97:31:
e3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:A0:28:30:36:9A:5F:9C:B0:60:2E:49:65:32:13:3A:32:F1:49
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/IyqgKDA2ml-csGAuSWUyEzoy8Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.110.0/23
91.202.232.0/23
193.106.96.0/23
194.242.26.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:ff:13:a7:cf:25:86:b4:a5:1b:6b:21:a1:ff:be:2b:22:5e:
21:36:75:f4:29:02:fd:69:6d:f2:03:4a:e8:aa:d5:7e:4e:2a:
53:84:2c:3f:77:a4:06:3e:87:64:ab:76:49:0c:d0:11:f4:21:
ce:1a:55:82:c1:31:11:78:78:c4:07:6d:88:b2:56:4b:d0:42:
21:6a:01:b2:6e:bb:78:e5:a9:61:67:9b:4f:54:2b:bf:2a:4f:
67:5a:65:de:3f:1d:98:12:d9:c4:04:9b:d2:ed:55:e0:5b:52:
7c:b5:fc:4f:dd:db:2f:96:44:28:9f:09:ed:d7:05:e1:f0:eb:
e3:ea:70:30:49:a3:bc:cc:5c:3a:54:44:a9:40:f3:0e:8b:d4:
49:44:d5:a7:b3:bf:1a:1e:a8:d0:c1:08:f4:f5:8d:01:f7:42:
c9:12:54:55:ac:f7:27:a9:43:11:4d:41:1a:44:be:ff:ad:cf:
04:8e:1a:61:a7:7c:bd:ca:ca:1a:9d:b2:ad:03:8b:7e:63:0e:
7e:bc:7f:a8:ca:f5:6c:0c:41:4b:fb:f2:7a:fd:c7:7b:ce:ae:
c6:35:20:0b:5c:16:83:65:7b:cf:38:fb:a3:49:73:b2:90:e2:
0a:54:d9:5e:48:9c:55:aa:3e:87:32:79:7a:95:a6:74:f0:79:
ca:25:39:98
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBpSy+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Nzk1NWIxYWExYzAyODRkMjg0M2I5NmYyNmM1ZmU3NTFlNjY5NDZmMB4XDTIyMDEw
MTA4NTcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjMyYWEwMjgzMDM2
OWE1ZjljYjA2MDJlNDk2NTMyMTMzYTMyZjE0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5J9qHA7My18KOT5UnAfdGOlybIdngk9YxgFo+kSpej6YYD
YkDrAOvDnmBfu4Ea2URX4D802u+/Q/2Jw+ApqgZU1QDl8LIMvWphr6Lw0S/na/4K
ckOccg6CGt+fRW6MT4uqibfmUta+j+TuNCJm+TymJocDkPnl2uaqxU2pOpGPGKYC
+nHU0V66AaED4Y7uZ9aSXfDZPcahqYibP/Sq9lRILHgWO/AUxHbZvyWDS1OpZ4bP
+fxZtrOoJKjJgZ3Ry2/eAxoFihhBYnokGTR+8NhRYzUbTHMO4c/UyvG/2ZTISyvp
CDwQPnHvCpczrE/gUEKXrjDkDEMH0G+Rnpcx4zcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQjKqAoMDaaX5ywYC5JZTITOjLxSTAfBgNVHSMEGDAWgBRnlVsaocAoTShD
uW8mxf51HmaUbzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1VmJHcUhBS0Uwb1E3bHZKc1gtZFI1bWxHOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8x
L0l5cWdLREEybWwtY3NHQXVTV1V5RXpveThVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NjMxOTI1LTZiMGUtNGVhNS05MWQ3LTA4YWQ5NDEwMWQ3ZS8xL1o1VmJHcUhBS0Uw
b1E3bHZKc1gtZFI1bWxHOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVvDbgMEAVvK6AMEAcFqYAMEAcLy
GjANBgkqhkiG9w0BAQsFAAOCAQEAPv8Tp88lhrSlG2shof++KyJeITZ19CkC/Wlt
8gNK6KrVfk4qU4QsP3ekBj6HZKt2SQzQEfQhzhpVgsExEXh4xAdtiLJWS9BCIWoB
sm67eOWpYWebT1QrvypPZ1pl3j8dmBLZxASb0u1V4FtSfLX8T93bL5ZEKJ8J7dcF
4fDr4+pwMEmjvMxcOlREqUDzDovUSUTVp7O/Gh6o0MEI9PWNAfdCyRJUVaz3J6lD
EU1BGkS+/63PBI4aYad8vcrKGp2yrQOLfmMOfrx/qMr1bAxBS/vyev3He86uxjUg
C1wWg2V7zzj7o0lzspDiClTZXkicVao+hzJ5epWmdPB5yiU5mA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:55 2023 by rpki-client on console-fra.rpki-client.org