Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/30wVTJEMPZv25L4bkYaDdluqDSM.roa
File: 30wVTJEMPZv25L4bkYaDdluqDSM.roa (raw, json)
Hash identifier: 6Ybo+ONdorARWpO0gEg151LJsGBME8QVZnw+4Yt4fAE=
Subject key identifier: DF:4C:15:4C:91:0C:3D:9B:F6:E4:BE:1B:91:86:83:76:5B:AA:0D:23
Certificate issuer: /CN=64ee0489158fe95e1991fd5ce725ea067e11a1fb
Certificate serial: 018CC7946734756BDE1A6413E1444C3E0D49
Authority key identifier: 64:EE:04:89:15:8F:E9:5E:19:91:FD:5C:E7:25:EA:06:7E:11:A1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/30wVTJEMPZv25L4bkYaDdluqDSM.roa
Signing time: Tue 02 Jan 2024 00:30:40 +0000
ROA not before: Tue 02 Jan 2024 00:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 91.218.50.0/23 maxlen: 23
91.218.48.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:67:34:75:6b:de:1a:64:13:e1:44:4c:3e:0d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ee0489158fe95e1991fd5ce725ea067e11a1fb
Validity
Not Before: Jan 2 00:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df4c154c910c3d9bf6e4be1b918683765baa0d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:64:09:0c:9f:08:f1:af:d9:8f:85:0d:48:
44:b6:8d:78:62:32:1f:a0:fd:62:33:f1:0b:d1:09:
af:b4:17:fe:cd:94:eb:4c:a6:63:89:77:f1:44:bd:
1a:9f:ef:42:25:b8:dd:2d:31:4d:f1:51:81:b4:6d:
22:8a:bc:5f:0a:7e:0e:c5:8f:54:55:87:2c:20:74:
d9:fa:26:63:b6:37:44:1b:c6:bd:3e:36:69:b7:27:
5d:0b:58:f8:9e:6e:b0:16:7d:6c:17:16:6c:82:fc:
96:d2:a1:26:b8:34:1e:8d:1c:54:63:64:d5:2a:c6:
14:fe:36:0a:47:19:f7:30:a6:05:43:cb:be:91:85:
1c:1e:1e:99:7a:56:11:71:ec:bb:23:42:8d:b7:48:
14:73:2e:1c:71:11:1e:dd:0c:f8:f4:ac:11:79:c1:
4c:dd:00:86:13:e6:fa:a3:91:e6:47:66:f3:ef:b0:
ce:cc:d6:da:41:4e:de:36:40:3f:17:08:25:d4:6c:
f1:c5:a1:a0:1e:57:1f:eb:7f:fc:bf:9c:f9:8a:83:
c6:d1:35:d5:77:83:81:0d:07:7f:4e:d4:3c:0c:4d:
aa:29:16:70:f0:48:ed:cb:30:2b:f5:d3:75:89:aa:
ab:c9:79:56:1f:57:b3:e1:8c:34:59:33:71:9a:cb:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4C:15:4C:91:0C:3D:9B:F6:E4:BE:1B:91:86:83:76:5B:AA:0D:23
X509v3 Authority Key Identifier:
keyid:64:EE:04:89:15:8F:E9:5E:19:91:FD:5C:E7:25:EA:06:7E:11:A1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/30wVTJEMPZv25L4bkYaDdluqDSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.48.0/22
Signature Algorithm: sha256WithRSAEncryption
12:3b:18:12:4a:35:ee:ab:f1:20:33:d6:0f:50:44:0a:2e:f9:
c2:04:19:bb:eb:c0:c5:97:5f:af:f0:60:09:fb:8f:1c:31:2a:
24:ad:ba:91:2c:e1:51:87:eb:aa:1e:13:3c:fa:26:13:41:25:
6f:95:a8:99:95:a2:85:45:4c:47:52:c1:b8:7d:b3:b5:a1:80:
ce:7a:00:8b:39:19:84:62:67:cf:ca:72:3d:9e:85:60:da:75:
fa:bf:08:90:3e:98:02:2b:cb:1b:2e:60:8b:51:38:47:29:42:
77:35:86:ee:b1:8a:c6:60:d5:99:7f:93:19:5f:ce:ee:cc:c2:
16:e2:31:72:f0:5c:35:70:e2:ba:82:bd:33:ec:04:b3:59:20:
5a:1e:91:9e:26:50:87:c0:63:a0:c8:5f:00:17:dd:a0:1d:1c:
a5:ec:2d:86:79:f9:af:18:d2:db:be:87:57:c1:10:bf:73:be:
b2:40:36:7a:8b:39:3e:e3:b2:21:66:9a:15:07:32:6f:a0:35:
b5:16:b1:d6:34:c6:2a:08:94:1b:89:14:71:5e:b3:f5:dc:da:
e8:24:f2:26:b7:17:57:66:44:6d:9c:9a:3d:ee:67:55:79:6b:
8d:73:b8:3a:e3:09:ce:9f:2e:15:57:14:af:18:c4:91:26:32:
c6:81:c0:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlGc0dWveGmQT4URMPg1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZWUwNDg5MTU4ZmU5NWUxOTkxZmQ1Y2U3MjVlYTA2N2Ux
MWExZmIwHhcNMjQwMTAyMDAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRjMTU0YzkxMGMzZDliZjZlNGJlMWI5MTg2ODM3NjViYWEwZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozxkCQyfCPGv2Y+FDUhEto14YjIf
oP1iM/EL0QmvtBf+zZTrTKZjiXfxRL0an+9CJbjdLTFN8VGBtG0iirxfCn4OxY9U
VYcsIHTZ+iZjtjdEG8a9PjZptyddC1j4nm6wFn1sFxZsgvyW0qEmuDQejRxUY2TV
KsYU/jYKRxn3MKYFQ8u+kYUcHh6ZelYRcey7I0KNt0gUcy4ccREe3Qz49KwRecFM
3QCGE+b6o5HmR2bz77DOzNbaQU7eNkA/Fwgl1GzxxaGgHlcf63/8v5z5ioPG0TXV
d4OBDQd/TtQ8DE2qKRZw8EjtyzAr9dN1iaqryXlWH1ez4Yw0WTNxmsuwAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9MFUyRDD2b9uS+G5GGg3Zbqg0jMB8GA1UdIwQY
MBaAFGTuBIkVj+leGZH9XOcl6gZ+EaH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk80RWlSV1A2VjRaa2YxYzV5WHFCbjRSb2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xOGFlMDItZTcyZC00NDMwLTg1ZDgt
NDczYzViYTU1MzYyLzEvMzB3VlRKRU1QWnYyNUw0YmtZYURkbHVxRFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xOGFlMDItZTcyZC00NDMwLTg1ZDgtNDczYzViYTU1MzYy
LzEvWk80RWlSV1A2VjRaa2YxYzV5WHFCbjRSb2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9owMA0G
CSqGSIb3DQEBCwUAA4IBAQASOxgSSjXuq/EgM9YPUEQKLvnCBBm768DFl1+v8GAJ
+48cMSokrbqRLOFRh+uqHhM8+iYTQSVvlaiZlaKFRUxHUsG4fbO1oYDOegCLORmE
YmfPynI9noVg2nX6vwiQPpgCK8sbLmCLUThHKUJ3NYbusYrGYNWZf5MZX87uzMIW
4jFy8Fw1cOK6gr0z7ASzWSBaHpGeJlCHwGOgyF8AF92gHRyl7C2GefmvGNLbvodX
wRC/c76yQDZ6izk+47IhZpoVBzJvoDW1FrHWNMYqCJQbiRRxXrP13NroJPImtxdX
ZkRtnJo97mdVeWuNc7g64wnOny4VVxSvGMSRJjLGgcAl
Generated at Mon Jul 29 17:58:36 2024 by rpki-client on console-fra.rpki-client.org