Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_6qgDdTb6jFFK1Bbh07KgtsUZro.roa
File: _6qgDdTb6jFFK1Bbh07KgtsUZro.roa (raw, json)
Hash identifier: z5HMf/2dJhA5eFsDTBMZdvfJE4IAWZjJZRtEcGHA8vA=
Subject key identifier: FF:AA:A0:0D:D4:DB:EA:31:45:2B:50:5B:87:4E:CA:82:DB:14:66:BA
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018CC7275F48A2F8698D44B671F5C6445697
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_6qgDdTb6jFFK1Bbh07KgtsUZro.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 91.234.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5f:48:a2:f8:69:8d:44:b6:71:f5:c6:44:56:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffaaa00dd4dbea31452b505b874eca82db1466ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:a9:6e:4c:f8:54:41:ae:8a:d4:f3:fa:04:
0e:ff:53:93:00:fc:d8:d2:72:a3:7d:4a:71:1d:e9:
37:57:52:aa:42:b8:2a:a8:bc:96:61:f1:05:a3:ef:
fe:94:97:8b:1f:93:55:57:4d:0c:88:33:9c:36:63:
44:e1:d6:0b:70:a5:ad:15:65:3c:b9:89:7d:57:48:
15:8c:fb:38:1d:84:bb:f4:c2:d8:d3:d9:22:1b:78:
e9:b9:13:e4:c9:02:5b:71:37:44:f6:4c:6b:1d:e8:
89:fa:0f:9c:00:e2:03:f5:3b:3e:ae:a7:d1:69:bf:
46:fe:4b:ab:95:06:8e:de:f4:80:a7:b1:c0:30:9d:
b7:16:b5:c0:ad:11:a2:10:84:df:33:dc:64:8d:94:
7a:55:e4:d9:42:f6:48:91:0c:79:d5:f5:d4:04:3f:
f8:88:29:22:25:4b:f4:f2:85:b2:4d:28:02:67:08:
68:78:83:ab:be:cd:22:16:ec:9e:6a:fe:32:28:b1:
c9:e8:e3:6d:11:8d:2b:d3:33:b0:83:5f:7f:cd:9d:
d0:f4:54:38:fa:84:60:69:8b:ac:8c:89:77:89:b8:
be:04:d2:45:d0:bb:72:a5:76:8e:4e:b7:e7:a0:d8:
3e:70:6b:ea:cc:8d:d0:ce:b2:e9:99:2b:ca:08:44:
71:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AA:A0:0D:D4:DB:EA:31:45:2B:50:5B:87:4E:CA:82:DB:14:66:BA
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/_6qgDdTb6jFFK1Bbh07KgtsUZro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.11.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c6:ad:0e:a7:8d:68:9f:c1:58:08:e4:4b:a6:3d:49:f3:d3:
14:64:21:f8:68:dc:5e:71:b7:0d:e4:83:c5:bb:0b:f1:f9:6d:
5c:b2:97:e8:2c:fa:c5:c0:64:ba:29:12:0e:04:08:a6:1f:26:
a7:9a:bf:c1:01:b6:ab:a3:bd:2e:1a:71:f8:4f:a7:c1:39:2d:
c5:2e:01:db:a9:ec:44:c8:ff:79:51:7a:cd:f5:15:3f:30:43:
af:36:80:6d:e3:b8:99:46:96:e2:04:8d:52:44:f6:19:02:b3:
7b:57:96:9a:35:3d:10:92:98:58:b6:2b:20:a2:e6:d0:13:06:
2c:09:c0:7a:f1:a2:c9:b5:45:91:46:91:d7:11:72:e3:5b:73:
ba:55:be:48:38:b8:8a:3f:af:5e:ec:4b:2b:2a:6b:74:24:4f:
0e:8c:0d:fa:2f:94:46:43:2a:7d:dd:9f:99:af:2e:74:54:4f:
7c:99:87:2a:08:59:f5:b5:80:b1:57:f4:0b:71:ca:69:48:fc:
8f:4b:68:89:77:90:58:aa:00:06:6f:8d:02:7d:6f:f5:b6:eb:
15:af:9f:e1:56:b9:85:a3:11:e3:69:b0:ea:9f:9a:6a:16:9d:
28:d5:df:6d:a1:06:41:27:5e:c1:f7:ac:0a:3d:fd:72:2c:47:
0f:c1:de:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ19IovhpjUS2cfXGRFaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFhYTAwZGQ0ZGJlYTMxNDUyYjUwNWI4NzRlY2E4MmRiMTQ2NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcKpbkz4VEGuitTz+gQO/1OTAPzY
0nKjfUpxHek3V1KqQrgqqLyWYfEFo+/+lJeLH5NVV00MiDOcNmNE4dYLcKWtFWU8
uYl9V0gVjPs4HYS79MLY09kiG3jpuRPkyQJbcTdE9kxrHeiJ+g+cAOID9Ts+rqfR
ab9G/kurlQaO3vSAp7HAMJ23FrXArRGiEITfM9xkjZR6VeTZQvZIkQx51fXUBD/4
iCkiJUv08oWyTSgCZwhoeIOrvs0iFuyeav4yKLHJ6ONtEY0r0zOwg19/zZ3Q9FQ4
+oRgaYusjIl3ibi+BNJF0LtypXaOTrfnoNg+cGvqzI3QzrLpmSvKCERxBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+qoA3U2+oxRStQW4dOyoLbFGa6MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvXzZxZ0RkVGI2akZGSzFCYmgwN0tndHNVWnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+oLMA0G
CSqGSIb3DQEBCwUAA4IBAQCKxq0Op41on8FYCORLpj1J89MUZCH4aNxecbcN5IPF
uwvx+W1cspfoLPrFwGS6KRIOBAimHyanmr/BAbaro70uGnH4T6fBOS3FLgHbqexE
yP95UXrN9RU/MEOvNoBt47iZRpbiBI1SRPYZArN7V5aaNT0QkphYtisgoubQEwYs
CcB68aLJtUWRRpHXEXLjW3O6Vb5IOLiKP69e7EsrKmt0JE8OjA36L5RGQyp93Z+Z
ry50VE98mYcqCFn1tYCxV/QLccppSPyPS2iJd5BYqgAGb40CfW/1tusVr5/hVrmF
oxHjabDqn5pqFp0o1d9toQZBJ17B96wKPf1yLEcPwd6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:52 2024 by rpki-client on console-ams.rpki-client.org