Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/W1cosoozXwmobaW3pwiVlhowVy0.roa
File: W1cosoozXwmobaW3pwiVlhowVy0.roa (raw, json)
Hash identifier: l3WCgENf0qGCiW0hrSkDdHi1IMVm5JJi4J6jFPk9/E8=
Subject key identifier: 5B:57:28:B2:8A:33:5F:09:A8:6D:A5:B7:A7:08:95:96:1A:30:57:2D
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018B81EA45FD5BD55E28D1E059DAB07F8E92
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/W1cosoozXwmobaW3pwiVlhowVy0.roa
Signing time: Mon 30 Oct 2023 18:48:16 +0000
ROA not before: Mon 30 Oct 2023 18:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216068
IP address blocks: 91.231.136.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:ea:45:fd:5b:d5:5e:28:d1:e0:59:da:b0:7f:8e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Oct 30 18:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b5728b28a335f09a86da5b7a70895961a30572d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a0:45:1e:8e:02:ed:14:0a:21:d6:87:e2:87:
4d:45:8c:4e:6c:61:8b:91:3f:d9:81:9d:0b:e5:b6:
77:ec:12:ea:20:9d:f4:25:13:19:bc:ae:9e:39:d4:
85:69:70:4c:a5:2f:1f:99:69:41:20:0a:0f:01:e1:
09:56:96:95:39:0f:a2:89:c9:58:5d:89:4d:d3:56:
e9:27:50:47:fc:88:7d:03:9e:77:d3:3b:4d:b5:e7:
cf:a7:0e:3c:a8:2f:88:91:5c:17:79:aa:1f:c5:03:
60:4b:9f:b1:ec:fd:ad:9a:43:24:82:88:f5:53:7a:
92:b7:c7:96:83:8b:87:74:d7:6c:7e:09:c1:f9:ed:
f1:bb:74:e6:23:f9:a2:17:9e:fa:e4:58:f3:e9:32:
47:68:59:c9:63:dd:6a:33:64:0c:93:80:14:45:e8:
79:32:d3:1d:b1:a8:fa:8c:41:03:cb:ac:ec:a4:56:
b2:9d:bf:be:10:05:cc:e8:a4:37:4f:de:be:e5:6c:
56:41:28:9f:69:39:60:3b:b0:c7:89:92:b2:50:b6:
a1:f1:3c:68:78:89:6e:13:6c:bf:d8:cc:60:32:7e:
e6:d5:56:b4:c7:af:cf:7f:7a:fa:d9:88:52:f6:68:
e8:23:b4:81:17:d7:dd:c2:44:f6:1c:4b:89:ce:cd:
07:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:57:28:B2:8A:33:5F:09:A8:6D:A5:B7:A7:08:95:96:1A:30:57:2D
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/W1cosoozXwmobaW3pwiVlhowVy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.136.0/24
Signature Algorithm: sha256WithRSAEncryption
56:b5:36:64:a6:80:41:b0:c0:13:18:3f:df:90:85:80:c0:04:
55:10:15:dd:d3:44:a4:90:ca:93:96:62:ed:94:b0:82:87:55:
4e:39:5f:b2:29:bf:6c:99:a5:1a:db:66:4c:1f:8b:64:c0:75:
79:0e:a6:f0:40:a0:eb:05:00:6f:9d:f1:8d:23:1b:64:2b:fd:
39:ca:1b:b4:fa:35:53:d3:a1:02:bf:de:3d:69:31:fa:f5:74:
2c:0a:72:62:99:95:af:4b:25:f7:24:06:7d:21:ef:40:19:a1:
64:ba:cd:e6:27:e3:ab:05:9c:46:7b:90:ca:5a:07:75:cc:b6:
e4:0c:7b:96:ba:d0:e6:0b:fd:1a:23:ac:ed:ad:c9:ad:88:28:
95:d6:12:27:ca:06:31:e1:bc:1f:38:59:07:a0:61:e0:34:c7:
9e:d0:d1:56:2a:40:a6:c3:1e:57:0c:b4:a4:83:7a:ec:26:56:
98:57:26:7b:9d:cb:0e:9b:f4:c6:6b:e5:b7:88:37:79:cf:ca:
98:76:c0:03:16:1c:a9:4c:4d:0e:46:77:2d:9e:a3:c9:37:c3:
a8:c5:34:06:d7:2d:20:67:bd:74:d5:2e:f1:83:27:59:0a:0b:
c1:75:1e:e4:ef:22:89:e8:2d:24:47:83:80:4f:7b:cd:e4:d0:
de:23:03:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuB6kX9W9VeKNHgWdqwf46SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMxMDMwMTg0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU3MjhiMjhhMzM1ZjA5YTg2ZGE1YjdhNzA4OTU5NjFhMzA1NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqBFHo4C7RQKIdaH4odNRYxObGGL
kT/ZgZ0L5bZ37BLqIJ30JRMZvK6eOdSFaXBMpS8fmWlBIAoPAeEJVpaVOQ+iiclY
XYlN01bpJ1BH/Ih9A5530ztNtefPpw48qC+IkVwXeaofxQNgS5+x7P2tmkMkgoj1
U3qSt8eWg4uHdNdsfgnB+e3xu3TmI/miF5765Fjz6TJHaFnJY91qM2QMk4AUReh5
MtMdsaj6jEEDy6zspFaynb++EAXM6KQ3T96+5WxWQSifaTlgO7DHiZKyULah8Txo
eIluE2y/2MxgMn7m1Va0x6/Pf3r62YhS9mjoI7SBF9fdwkT2HEuJzs0HkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFtXKLKKM18JqG2lt6cIlZYaMFctMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvVzFjb3Nvb3pYd21vYmFXM3B3aVZsaG93VnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+eIMA0G
CSqGSIb3DQEBCwUAA4IBAQBWtTZkpoBBsMATGD/fkIWAwARVEBXd00SkkMqTlmLt
lLCCh1VOOV+yKb9smaUa22ZMH4tkwHV5DqbwQKDrBQBvnfGNIxtkK/05yhu0+jVT
06ECv949aTH69XQsCnJimZWvSyX3JAZ9Ie9AGaFkus3mJ+OrBZxGe5DKWgd1zLbk
DHuWutDmC/0aI6ztrcmtiCiV1hInygYx4bwfOFkHoGHgNMee0NFWKkCmwx5XDLSk
g3rsJlaYVyZ7ncsOm/TGa+W3iDd5z8qYdsADFhypTE0ORnctnqPJN8OoxTQG1y0g
Z7101S7xgydZCgvBdR7k7yKJ6C0kR4OAT3vN5NDeIwNo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org