Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Y4K-5iJ4fFfb0O7TGyyqjad-z9c.roa
File: Y4K-5iJ4fFfb0O7TGyyqjad-z9c.roa (raw, json)
Hash identifier: alng1jtdjS08R6j3qWB4oU4h7vXzKRl3HknWVAhx1Wg=
Subject key identifier: 63:82:BE:E6:22:78:7C:57:DB:D0:EE:D3:1B:2C:AA:8D:A7:7E:CF:D7
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01872D1E8C992A1D3C086DD17832932E2A29
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Y4K-5iJ4fFfb0O7TGyyqjad-z9c.roa
Signing time: Wed 29 Mar 2023 11:26:29 +0000
ROA not before: Wed 29 Mar 2023 11:26:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 91.193.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:1e:8c:99:2a:1d:3c:08:6d:d1:78:32:93:2e:2a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Mar 29 11:26:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6382bee622787c57dbd0eed31b2caa8da77ecfd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7f:28:1e:a6:6a:c1:74:cc:12:83:09:7c:c6:
e1:76:74:0d:2a:11:e2:80:b0:99:b1:cf:e6:ba:e0:
25:e7:95:0d:0b:e9:43:2c:05:7c:6f:02:a4:0d:ef:
5d:8e:f7:7c:bc:9f:87:2a:57:a2:e3:02:03:53:91:
c3:ec:1d:32:25:a6:45:b2:50:6e:fe:ee:e9:15:06:
60:1f:bf:2b:78:51:0a:5d:31:7c:39:d4:37:85:73:
3e:cf:c5:a2:de:23:4a:ea:24:1a:ca:67:fd:20:e0:
cf:9b:15:10:99:35:cf:37:f1:93:6c:11:8d:1a:0d:
0b:92:27:b8:44:80:74:fb:c2:c8:b4:87:25:85:a6:
7f:d7:15:8b:23:f2:d1:18:50:f5:c1:9c:1c:11:b8:
37:54:27:e1:53:98:88:f8:b0:6a:46:4d:24:d6:e7:
3e:9e:49:d7:3a:f6:c3:3c:1d:da:79:51:17:81:75:
dc:53:49:a9:ea:2c:40:16:0c:30:57:20:f1:d6:92:
09:1c:fc:d2:0a:53:9b:93:27:e2:f2:5b:04:bc:7b:
cb:9b:bb:79:40:b2:c2:d7:c1:ad:6c:8b:9d:be:2e:
bc:d9:75:6e:5d:2d:fe:2c:90:79:e4:21:fb:a2:ae:
c1:bb:2b:db:1b:5f:5a:60:d2:06:a5:32:c9:e7:e1:
0e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:82:BE:E6:22:78:7C:57:DB:D0:EE:D3:1B:2C:AA:8D:A7:7E:CF:D7
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Y4K-5iJ4fFfb0O7TGyyqjad-z9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.110.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:14:8a:20:78:10:e4:ef:38:35:79:20:95:8f:cd:6b:34:cc:
d4:8f:3f:8e:fa:cd:d9:6e:33:23:78:87:b5:8b:77:6f:a1:62:
aa:8d:cb:c0:0a:20:2d:86:46:b2:64:f2:33:82:4c:c4:54:84:
3a:53:79:cc:60:ce:96:2e:04:b9:e2:4b:02:39:03:a3:13:bd:
aa:f5:d7:2e:02:2b:09:31:59:4e:cf:77:2b:ce:d7:b8:65:92:
61:cf:30:33:c9:a2:4a:5c:91:55:b9:c7:87:07:d4:43:94:cd:
f3:3a:f9:65:f8:33:3e:40:4d:c8:48:99:39:4f:81:02:0f:12:
f0:7f:f7:c7:9d:14:2a:ce:3a:3e:25:82:5e:85:54:f4:a2:0f:
f0:2d:e7:41:43:f0:0b:77:1c:b7:24:06:bf:20:95:d4:22:49:
af:8d:a4:10:65:ea:00:ae:7d:61:21:b3:7a:e3:ce:c4:90:35:
36:94:f7:79:ec:69:a3:6e:cb:3f:ea:5e:5c:d8:a7:a0:64:b8:
35:ea:1e:2c:0c:7b:4b:60:31:d2:f5:72:d1:88:7f:07:fa:b4:
53:32:d8:42:08:b0:5b:be:3a:de:e1:3f:1c:dd:fa:e1:73:43:
39:d2:cc:68:26:d0:96:29:80:33:8b:6b:0b:5d:4e:60:ee:e5:
ab:6c:48:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYctHoyZKh08CG3ReDKTLiopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwMzI5MTEyNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzgyYmVlNjIyNzg3YzU3ZGJkMGVlZDMxYjJjYWE4ZGE3N2VjZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn8oHqZqwXTMEoMJfMbhdnQNKhHi
gLCZsc/muuAl55UNC+lDLAV8bwKkDe9djvd8vJ+HKlei4wIDU5HD7B0yJaZFslBu
/u7pFQZgH78reFEKXTF8OdQ3hXM+z8Wi3iNK6iQaymf9IODPmxUQmTXPN/GTbBGN
Gg0Lkie4RIB0+8LItIclhaZ/1xWLI/LRGFD1wZwcEbg3VCfhU5iI+LBqRk0k1uc+
nknXOvbDPB3aeVEXgXXcU0mp6ixAFgwwVyDx1pIJHPzSClObkyfi8lsEvHvLm7t5
QLLC18GtbIudvi682XVuXS3+LJB55CH7oq7BuyvbG19aYNIGpTLJ5+EOcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOCvuYieHxX29Du0xssqo2nfs/XMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvWTRLLTVpSjRmRmZiME83VEd5eXFqYWQtejljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8FuMA0G
CSqGSIb3DQEBCwUAA4IBAQBLFIogeBDk7zg1eSCVj81rNMzUjz+O+s3ZbjMjeIe1
i3dvoWKqjcvACiAthkayZPIzgkzEVIQ6U3nMYM6WLgS54ksCOQOjE72q9dcuAisJ
MVlOz3crzte4ZZJhzzAzyaJKXJFVuceHB9RDlM3zOvll+DM+QE3ISJk5T4ECDxLw
f/fHnRQqzjo+JYJehVT0og/wLedBQ/ALdxy3JAa/IJXUIkmvjaQQZeoArn1hIbN6
487EkDU2lPd57Gmjbss/6l5c2KegZLg16h4sDHtLYDHS9XLRiH8H+rRTMthCCLBb
vjre4T8c3frhc0M50sxoJtCWKYAzi2sLXU5g7uWrbEiw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org