Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/5VZmqMik1gGFK7sjvQfQ2XxW728.roa
File: 5VZmqMik1gGFK7sjvQfQ2XxW728.roa (raw, json)
Hash identifier: 5Vp8L1RwMXZG+d/2746T+3CG9fb0VcLgr6Dsl2M4hIU=
Subject key identifier: E5:56:66:A8:C8:A4:D6:01:85:2B:BB:23:BD:07:D0:D9:7C:56:EF:6F
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 0188B3EFE5C1D9F8DA5126EC9F3D85F7B43F
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/5VZmqMik1gGFK7sjvQfQ2XxW728.roa
Signing time: Tue 13 Jun 2023 08:47:03 +0000
ROA not before: Tue 13 Jun 2023 08:47:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42074
IP address blocks: 91.218.195.0/24 maxlen: 24
91.218.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:ef:e5:c1:d9:f8:da:51:26:ec:9f:3d:85:f7:b4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Jun 13 08:47:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e55666a8c8a4d601852bbb23bd07d0d97c56ef6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3c:6e:96:99:8c:20:40:a2:cb:4d:35:87:0d:
73:bd:de:bf:5a:c4:1d:38:03:fb:bb:85:96:18:af:
10:12:51:da:52:cb:b8:d7:3f:cb:43:39:b1:b9:6f:
4e:40:80:5e:8f:30:4a:f8:40:a8:5e:2e:0f:6d:29:
b8:96:90:9b:bd:2c:b3:94:8d:9f:43:4f:9c:00:3c:
b0:bd:82:f4:26:ef:ec:ed:3a:ac:3e:3a:cf:d1:aa:
61:5b:d7:a7:fb:e4:5c:c9:66:fb:0f:65:e7:ad:c9:
b3:7f:13:3d:37:e0:1b:4f:04:21:7e:f4:0d:39:2d:
45:59:91:b5:45:6f:23:3f:d5:d5:6f:4e:4b:db:d6:
1e:1e:2b:85:b3:14:1c:2a:fd:6c:02:c4:c1:3d:dd:
9f:02:b4:5b:5c:b1:ba:01:68:da:cf:e1:db:9f:35:
01:66:7c:81:6a:8b:91:b3:21:f0:c1:48:ed:08:f8:
13:3c:5f:f0:b7:38:7a:e2:d8:85:04:21:1d:ea:e4:
c6:b4:65:b5:58:7d:8c:82:b6:0f:3c:fb:7f:a4:00:
4e:da:35:9f:88:6e:87:69:87:79:82:d2:fe:39:27:
12:01:e4:7b:7f:eb:1a:83:89:3e:a8:15:1c:bb:07:
0c:e0:fd:c6:02:4d:5d:ce:4a:c4:3c:c7:7c:e4:ff:
e6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:56:66:A8:C8:A4:D6:01:85:2B:BB:23:BD:07:D0:D9:7C:56:EF:6F
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/5VZmqMik1gGFK7sjvQfQ2XxW728.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.194.0/23
Signature Algorithm: sha256WithRSAEncryption
10:9c:98:c4:03:60:ea:cb:90:47:95:f0:5c:90:13:02:e1:46:
90:01:d5:3f:19:09:ba:76:77:a2:07:e0:03:f1:a2:fb:9e:66:
6b:57:da:1b:57:bd:ee:cf:28:33:8f:78:11:ff:94:23:d1:d6:
cc:d2:1f:48:02:d7:39:e3:f5:50:92:44:39:da:bd:9c:96:17:
59:4c:3e:06:4e:a9:96:ae:5b:cc:dc:d9:4a:69:4d:78:98:c4:
87:a0:c4:a1:75:70:3b:f4:1b:9f:7e:a4:bc:46:b5:9f:56:f5:
52:c0:ed:54:c6:b9:4d:40:91:8a:5f:e6:e6:08:ee:df:03:f0:
01:68:66:9d:69:f9:d2:fe:3d:da:2d:ca:85:99:e3:9c:5c:98:
b5:44:00:d3:f3:c2:8f:1c:19:77:c0:28:6e:b2:df:a9:a3:c1:
72:e6:5c:54:f4:a1:c8:86:7a:5b:c2:6d:e8:70:23:42:84:0c:
0a:ca:47:b3:54:5e:56:62:67:b4:a2:b8:18:52:a7:8c:f0:55:
e9:f4:d7:5e:22:62:dc:ed:01:12:65:af:e6:ea:a1:6e:de:0d:
8c:43:1a:79:71:c1:be:a6:a0:bf:a8:20:08:56:a9:f5:4e:b5:
52:2c:17:46:ab:ab:7a:83:b6:10:1f:5b:49:93:7d:a8:bb:34:
a2:86:1b:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiz7+XB2fjaUSbsnz2F97Q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1
OTVmNzYwHhcNMjMwNjEzMDg0NzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU2NjZhOGM4YTRkNjAxODUyYmJiMjNiZDA3ZDBkOTdjNTZlZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojxulpmMIECiy001hw1zvd6/WsQd
OAP7u4WWGK8QElHaUsu41z/LQzmxuW9OQIBejzBK+ECoXi4PbSm4lpCbvSyzlI2f
Q0+cADywvYL0Ju/s7TqsPjrP0aphW9en++RcyWb7D2XnrcmzfxM9N+AbTwQhfvQN
OS1FWZG1RW8jP9XVb05L29YeHiuFsxQcKv1sAsTBPd2fArRbXLG6AWjaz+HbnzUB
ZnyBaouRsyHwwUjtCPgTPF/wtzh64tiFBCEd6uTGtGW1WH2MgrYPPPt/pABO2jWf
iG6HaYd5gtL+OScSAeR7f+sag4k+qBUcuwcM4P3GAk1dzkrEPMd85P/mnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVWZqjIpNYBhSu7I70H0Nl8Vu9vMB8GA1UdIwQY
MBaAFGK9bCvfYeI+r+I93gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzct
YjgyYjBlZDJkMzIzLzEvNVZabXFNaWsxZ0dGSzdzanZRZlEyWHhXNzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIz
LzEvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9rCMA0G
CSqGSIb3DQEBCwUAA4IBAQAQnJjEA2Dqy5BHlfBckBMC4UaQAdU/GQm6dneiB+AD
8aL7nmZrV9obV73uzygzj3gR/5Qj0dbM0h9IAtc54/VQkkQ52r2clhdZTD4GTqmW
rlvM3NlKaU14mMSHoMShdXA79BuffqS8RrWfVvVSwO1UxrlNQJGKX+bmCO7fA/AB
aGadafnS/j3aLcqFmeOcXJi1RADT88KPHBl3wChust+po8Fy5lxU9KHIhnpbwm3o
cCNChAwKykezVF5WYme0orgYUqeM8FXp9NdeImLc7QESZa/m6qFu3g2MQxp5ccG+
pqC/qCAIVqn1TrVSLBdGq6t6g7YQH1tJk32ouzSihhsV
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:15 2025 by rpki-client