Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/TVdp_-t9nP7wwu1qhQ_wh7z_r6M.roa
File: TVdp_-t9nP7wwu1qhQ_wh7z_r6M.roa (raw, json)
Hash identifier: pWJUN+f703r0CIhav5gg7p1v5PeZKmRJQI1DZNyRCI4=
Subject key identifier: 4D:57:69:FF:EB:7D:9C:FE:F0:C2:ED:6A:85:0F:F0:87:BC:FF:AF:A3
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 02263B
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/TVdp_-t9nP7wwu1qhQ_wh7z_r6M.roa
Signing time: Tue 08 Feb 2022 10:20:07 +0000
ROA not before: Tue 08 Feb 2022 10:20:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42074
IP address blocks: 91.218.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140859 (0x2263b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Feb 8 10:20:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d5769ffeb7d9cfef0c2ed6a850ff087bcffafa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:db:23:df:aa:53:c9:b0:88:8e:6a:17:fb:
dc:68:29:a0:3e:59:a0:66:f4:9b:d1:40:63:b2:f8:
24:f4:b8:8c:a3:ec:44:0f:88:7b:60:ba:f1:76:0d:
fb:34:32:bf:70:bb:a5:16:f4:73:c3:7d:24:41:cd:
dc:3a:74:c8:0c:20:5f:a5:c8:08:90:bb:ea:15:08:
68:2c:f6:8b:08:0f:47:f0:61:4b:74:6c:85:27:ad:
83:a2:35:ed:04:54:b3:c8:56:15:4a:97:ae:12:e1:
f1:d1:8e:9f:25:15:ea:81:1e:8b:3e:ac:ee:c4:0b:
06:80:7b:47:3b:d5:f3:48:4c:28:25:0f:08:ba:36:
91:65:55:08:5c:3e:10:c1:66:69:53:b9:7a:cc:cb:
7b:ff:d8:21:03:11:5b:b6:2d:5a:23:e2:23:be:46:
fd:39:ab:0c:5f:f5:5c:35:86:6a:42:02:5f:b7:ec:
bc:d9:cd:ab:1a:22:6c:16:f1:c6:ff:c8:87:ce:33:
48:2f:bf:83:ba:57:fe:ec:3d:c6:1a:0e:6c:1f:b0:
0f:54:f2:fb:f3:a1:df:05:bd:50:f0:94:b5:f2:89:
c2:fb:39:fb:f4:16:0b:46:eb:fa:8a:a8:f0:c7:2f:
42:6f:df:19:a9:31:36:df:54:0a:9c:12:0c:01:5e:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:57:69:FF:EB:7D:9C:FE:F0:C2:ED:6A:85:0F:F0:87:BC:FF:AF:A3
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/TVdp_-t9nP7wwu1qhQ_wh7z_r6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.195.0/24
Signature Algorithm: sha256WithRSAEncryption
04:14:f2:c3:84:be:dc:7c:29:21:7e:41:d0:05:bc:70:8d:a1:
5e:93:35:0e:f0:e4:c3:91:96:f6:2e:78:0e:25:fd:cb:dc:89:
78:44:74:36:58:4f:b5:8f:97:f3:85:89:ec:f1:02:b7:90:bc:
17:09:ae:d5:d7:80:b9:be:ed:5d:06:fb:15:02:59:95:d8:ad:
52:90:cc:08:61:36:94:0e:b3:06:af:c0:c4:c8:a8:cb:b5:18:
23:03:84:e6:1c:06:3d:24:eb:ed:5f:b9:04:5f:b1:7c:ce:3c:
9b:6b:51:f8:96:42:a6:41:c6:8f:d0:1f:82:46:ee:5f:2d:eb:
be:a9:1a:3a:d8:a0:d2:cd:cf:43:ff:25:ff:90:79:42:33:13:
dd:1a:9e:ca:0a:3f:e3:16:5f:99:6d:db:d9:0c:78:43:3e:6e:
fe:ef:d9:08:dc:3c:12:44:6d:7c:ee:df:72:2e:ae:aa:c8:da:
1c:17:3b:0d:1d:3a:e0:92:1c:18:99:a7:b1:af:59:e9:2d:b0:
17:3b:fc:77:c7:1b:cb:11:dc:b2:10:06:b0:31:39:cf:69:13:
0c:be:81:8a:80:c4:ac:f3:50:8b:e0:e2:06:7f:bf:cd:6f:7b:
f6:0e:96:c2:6d:51:27:54:9d:83:c6:9f:d9:4f:56:d8:d3:9e:
9b:10:c9:a3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAiY7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYy
YmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1OTVmNzYwHhcNMjIwMjA4
MTAyMDA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZDU3NjlmZmViN2Q5
Y2ZlZjBjMmVkNmE4NTBmZjA4N2JjZmZhZmEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqXLbI9+qU8mwiI5qF/vcaCmgPlmgZvSb0UBjsvgk9LiMo+xE
D4h7YLrxdg37NDK/cLulFvRzw30kQc3cOnTIDCBfpcgIkLvqFQhoLPaLCA9H8GFL
dGyFJ62DojXtBFSzyFYVSpeuEuHx0Y6fJRXqgR6LPqzuxAsGgHtHO9XzSEwoJQ8I
ujaRZVUIXD4QwWZpU7l6zMt7/9ghAxFbti1aI+Ijvkb9OasMX/VcNYZqQgJft+y8
2c2rGiJsFvHG/8iHzjNIL7+Dulf+7D3GGg5sH7APVPL786HfBb1Q8JS18onC+zn7
9BYLRuv6iqjwxy9Cb98ZqTE231QKnBIMAV7J3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE1Xaf/rfZz+8MLtaoUP8Ie8/6+jMB8GA1UdIwQYMBaAFGK9bCvfYeI+r+I9
3gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIzLzEv
VFZkcF8tdDluUDd3d3UxcWhRX3doN3pfcjZNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80
YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIzLzEvWXIxc0s5OWg0ajZ2
NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9rDMA0GCSqGSIb3DQEBCwUAA4IB
AQAEFPLDhL7cfCkhfkHQBbxwjaFekzUO8OTDkZb2LngOJf3L3Il4RHQ2WE+1j5fz
hYns8QK3kLwXCa7V14C5vu1dBvsVAlmV2K1SkMwIYTaUDrMGr8DEyKjLtRgjA4Tm
HAY9JOvtX7kEX7F8zjyba1H4lkKmQcaP0B+CRu5fLeu+qRo62KDSzc9D/yX/kHlC
MxPdGp7KCj/jFl+ZbdvZDHhDPm7+79kI3DwSRG187t9yLq6qyNocFzsNHTrgkhwY
maexr1npLbAXO/x3xxvLEdyyEAawMTnPaRMMvoGKgMSs81CL4OIGf7/Nb3v2DpbC
bVEnVJ2Dxp/ZT1bY056bEMmj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:35 2025 by rpki-client