Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/R0i1iKEhUDMT6St66AUaF74lCPQ.roa
File: R0i1iKEhUDMT6St66AUaF74lCPQ.roa (raw, json)
Hash identifier: E1TIMxQS1lmw2YNbib8kst1V5MUlta3b3uEmugf0EGw=
Subject key identifier: 47:48:B5:88:A1:21:50:33:13:E9:2B:7A:E8:05:1A:17:BE:25:08:F4
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0185C675FDB3AA27E0D6D570645EF3A64EFD
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/R0i1iKEhUDMT6St66AUaF74lCPQ.roa
Signing time: Wed 18 Jan 2023 19:58:19 +0000
ROA not before: Wed 18 Jan 2023 19:58:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44774
IP address blocks: 91.234.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c6:75:fd:b3:aa:27:e0:d6:d5:70:64:5e:f3:a6:4e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 18 19:58:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4748b588a121503313e92b7ae8051a17be2508f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:31:ce:61:1a:e5:2f:f0:5e:60:0b:2c:9c:c7:
44:f9:5f:63:c9:25:ad:99:85:dc:1b:6d:e4:03:d0:
a9:89:f7:f3:ad:1e:b9:10:29:9c:26:24:0a:3a:b7:
28:80:fa:6b:ef:0f:77:8c:d9:ad:f8:a7:ff:d7:c3:
3a:ca:2c:b9:64:9b:f3:18:b1:a7:fd:aa:27:f8:5e:
04:9a:f9:be:7d:8e:b8:e6:41:30:17:d8:75:6c:c1:
81:bf:c0:19:cb:15:12:6b:c4:3f:10:9d:23:16:f6:
3c:bb:b5:0a:4b:ce:02:dd:24:9d:8f:d4:9a:33:19:
3b:46:85:08:8c:49:0c:19:b0:60:b0:9d:9a:2b:9b:
27:2a:14:a5:af:fb:4d:f6:97:02:11:cf:e9:51:df:
84:6d:6a:9c:29:ec:50:23:ed:54:ed:93:57:40:e2:
9f:73:7f:62:3f:1c:60:e4:86:9e:af:07:1a:f9:f7:
e8:d6:1c:2d:39:4d:7f:01:a9:f0:5e:00:4d:10:3a:
ac:7f:b6:2c:31:52:31:ce:d4:63:26:7e:15:e1:09:
0f:40:48:0a:01:4d:2a:2d:3d:db:8b:e8:7d:1f:3a:
40:84:00:e2:38:89:8b:2d:b6:1a:f3:a1:da:db:0d:
42:fd:38:40:34:5b:0e:75:91:5b:76:7b:80:51:0a:
e0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:48:B5:88:A1:21:50:33:13:E9:2B:7A:E8:05:1A:17:BE:25:08:F4
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/R0i1iKEhUDMT6St66AUaF74lCPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.11.0/24
Signature Algorithm: sha256WithRSAEncryption
95:17:71:f2:c2:e3:12:7c:98:91:bb:93:6f:72:b5:05:d9:dd:
c2:63:94:7e:d4:a5:40:cd:6d:63:7d:9b:30:44:45:db:a5:83:
8c:e8:ed:5f:2a:66:6e:45:10:fe:24:df:85:34:f4:dc:bd:29:
2a:90:cf:ac:5f:69:9d:44:20:7f:61:32:23:ee:ce:57:db:db:
9f:40:b3:bf:22:be:d1:11:13:56:fe:f2:55:64:be:06:66:14:
7c:08:a5:b3:b2:20:14:73:fa:b3:d4:b4:e3:89:14:00:75:ff:
e4:b2:9c:60:e4:e4:ef:18:a9:6a:05:e5:19:9b:5d:de:f8:1b:
2a:a2:20:8b:03:0b:bc:d1:3b:bd:a2:63:84:dc:1f:d2:47:b7:
97:94:5d:53:71:ab:c7:ae:85:f8:1f:e4:45:00:c2:ab:8a:65:
24:90:44:8f:ed:82:b4:6a:f5:c6:e6:20:85:81:cf:19:e3:6f:
d5:ba:a3:64:9e:97:5c:22:5f:c9:d3:33:14:be:e9:a8:b7:15:
5a:a9:84:65:5e:2b:48:91:c4:10:61:34:a2:a8:1b:4d:f4:b1:
7b:ee:13:05:55:1f:84:81:63:e7:95:de:6b:79:83:2f:cc:67:
e3:cf:63:40:9f:ed:f7:86:53:f8:78:86:27:50:1e:69:ef:85:
b3:63:5d:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXGdf2zqifg1tVwZF7zpk79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMTE4MTk1ODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ4YjU4OGExMjE1MDMzMTNlOTJiN2FlODA1MWExN2JlMjUwOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTHOYRrlL/BeYAssnMdE+V9jySWt
mYXcG23kA9CpiffzrR65ECmcJiQKOrcogPpr7w93jNmt+Kf/18M6yiy5ZJvzGLGn
/aon+F4Emvm+fY645kEwF9h1bMGBv8AZyxUSa8Q/EJ0jFvY8u7UKS84C3SSdj9Sa
Mxk7RoUIjEkMGbBgsJ2aK5snKhSlr/tN9pcCEc/pUd+EbWqcKexQI+1U7ZNXQOKf
c39iPxxg5Iaerwca+ffo1hwtOU1/AanwXgBNEDqsf7YsMVIxztRjJn4V4QkPQEgK
AU0qLT3bi+h9HzpAhADiOImLLbYa86Ha2w1C/ThANFsOdZFbdnuAUQrgHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdItYihIVAzE+kreugFGhe+JQj0MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvUjBpMWlLRWhVRE1UNlN0NjZBVWFGNzRsQ1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oLMA0G
CSqGSIb3DQEBCwUAA4IBAQCVF3HywuMSfJiRu5NvcrUF2d3CY5R+1KVAzW1jfZsw
REXbpYOM6O1fKmZuRRD+JN+FNPTcvSkqkM+sX2mdRCB/YTIj7s5X29ufQLO/Ir7R
ERNW/vJVZL4GZhR8CKWzsiAUc/qz1LTjiRQAdf/kspxg5OTvGKlqBeUZm13e+Bsq
oiCLAwu80Tu9omOE3B/SR7eXlF1TcavHroX4H+RFAMKrimUkkESP7YK0avXG5iCF
gc8Z42/VuqNknpdcIl/J0zMUvumotxVaqYRlXitIkcQQYTSiqBtN9LF77hMFVR+E
gWPnld5reYMvzGfjz2NAn+33hlP4eIYnUB5p74WzY117
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org