Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/YZYxqXqgT5En4J5UPph054_vZmA.roa
File: YZYxqXqgT5En4J5UPph054_vZmA.roa (raw, json)
Hash identifier: 3rSZGh4wRagk3Tjl+H11iYpAcV2OV7CllFFNhfFFHGk=
Subject key identifier: 61:96:31:A9:7A:A0:4F:91:27:E0:9E:54:3E:98:74:E7:8F:EF:66:60
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 01856CEF04F077E69CBF134BE3366EC0871F
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/YZYxqXqgT5En4J5UPph054_vZmA.roa
Signing time: Sun 01 Jan 2023 10:44:41 +0000
ROA not before: Sun 01 Jan 2023 10:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42074
IP address blocks: 91.218.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:04:f0:77:e6:9c:bf:13:4b:e3:36:6e:c0:87:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Jan 1 10:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619631a97aa04f9127e09e543e9874e78fef6660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:4d:72:91:2c:56:32:08:22:5b:90:ce:af:
6a:d5:07:19:22:e7:2c:c4:e3:58:2a:0f:ee:f7:32:
4c:f8:37:2c:c3:6c:49:a1:4b:ca:3b:69:1a:14:25:
22:87:a6:f5:2c:85:71:aa:e5:0a:81:32:5f:06:b4:
49:2c:40:24:41:68:b6:58:c4:b7:8d:1f:94:9e:01:
c4:b8:bb:cd:f4:a9:0c:56:df:f0:63:bb:63:2f:3a:
24:3b:6b:d1:fc:7c:26:bb:fe:46:b9:f6:7b:25:ba:
2b:a6:6b:be:7a:10:d6:78:64:02:f7:01:4b:9a:ed:
c5:4e:bb:51:d1:a6:29:fe:d8:62:71:28:20:06:dd:
20:23:5d:74:f5:d0:0e:49:6b:ea:fd:8f:6a:2f:8d:
e5:0f:09:9f:b7:2d:df:5c:72:c0:cd:c8:84:6e:4c:
5e:14:f7:7f:9b:f6:d5:dd:15:23:ae:23:b6:01:7c:
76:ad:ce:56:81:3e:19:a6:44:cc:74:36:ae:95:d2:
ef:d8:e4:ac:12:e4:6a:89:3c:ca:22:3d:b3:1c:31:
1e:f3:6b:23:a3:fd:4c:b4:ff:68:f0:39:0d:6a:ee:
0e:9e:a4:f9:74:7f:17:6c:07:0c:5c:ba:c5:7e:e1:
a2:c8:c7:2a:8e:51:3c:e4:8a:ae:41:22:45:03:69:
b7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:96:31:A9:7A:A0:4F:91:27:E0:9E:54:3E:98:74:E7:8F:EF:66:60
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/YZYxqXqgT5En4J5UPph054_vZmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.195.0/24
Signature Algorithm: sha256WithRSAEncryption
85:fd:ec:1c:e5:b8:43:bb:f6:56:a3:5f:85:ec:1b:7e:fa:e3:
59:83:c2:20:c0:71:49:52:8e:99:6f:68:17:56:5b:be:3a:25:
95:40:19:bc:88:b8:de:45:0b:e7:05:6a:0b:e8:65:a4:4e:9b:
7b:c6:ab:27:66:74:82:e4:2f:ac:3f:de:f3:1a:0a:ca:5c:14:
16:87:25:c9:2c:e0:74:d9:91:28:37:e8:28:35:31:f2:9a:4b:
2f:99:7b:5f:25:3e:1a:62:bf:2a:ca:03:e2:7a:40:24:e0:9c:
76:da:e6:2d:3a:f8:7e:de:24:24:d6:4a:c2:98:35:79:51:64:
19:72:55:91:64:2b:13:8a:ac:7a:00:64:57:c2:37:76:6a:87:
23:92:35:2b:82:a3:d9:b1:08:ce:11:f2:47:19:db:e4:10:36:
42:7f:76:f7:0e:ff:8a:d5:a7:60:4c:3f:9b:6a:23:6a:95:76:
54:3c:53:a3:88:d2:02:d8:50:29:69:73:c1:ef:01:02:59:8b:
51:94:e7:58:0c:38:c4:28:60:e8:d0:22:c0:eb:24:d4:e9:e8:
80:40:26:4a:5e:3a:b7:1f:c4:96:b9:b9:f7:2d:47:07:40:c4:
37:8b:cd:d3:30:f2:22:a2:6d:63:5a:19:11:cf:fd:50:bc:43:
11:a4:e6:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7wTwd+acvxNL4zZuwIcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1
OTVmNzYwHhcNMjMwMTAxMTA0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk2MzFhOTdhYTA0ZjkxMjdlMDllNTQzZTk4NzRlNzhmZWY2NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjtNcpEsVjIIIluQzq9q1QcZIucs
xONYKg/u9zJM+Dcsw2xJoUvKO2kaFCUih6b1LIVxquUKgTJfBrRJLEAkQWi2WMS3
jR+UngHEuLvN9KkMVt/wY7tjLzokO2vR/Hwmu/5GufZ7Jborpmu+ehDWeGQC9wFL
mu3FTrtR0aYp/thicSggBt0gI1109dAOSWvq/Y9qL43lDwmfty3fXHLAzciEbkxe
FPd/m/bV3RUjriO2AXx2rc5WgT4ZpkTMdDauldLv2OSsEuRqiTzKIj2zHDEe82sj
o/1MtP9o8DkNau4OnqT5dH8XbAcMXLrFfuGiyMcqjlE85IquQSJFA2m3sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGWMal6oE+RJ+CeVD6YdOeP72ZgMB8GA1UdIwQY
MBaAFGK9bCvfYeI+r+I93gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzct
YjgyYjBlZDJkMzIzLzEvWVpZeHFYcWdUNUVuNEo1VVBwaDA1NF92Wm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIz
LzEvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9rDMA0G
CSqGSIb3DQEBCwUAA4IBAQCF/ewc5bhDu/ZWo1+F7Bt++uNZg8IgwHFJUo6Zb2gX
Vlu+OiWVQBm8iLjeRQvnBWoL6GWkTpt7xqsnZnSC5C+sP97zGgrKXBQWhyXJLOB0
2ZEoN+goNTHymksvmXtfJT4aYr8qygPiekAk4Jx22uYtOvh+3iQk1krCmDV5UWQZ
clWRZCsTiqx6AGRXwjd2aocjkjUrgqPZsQjOEfJHGdvkEDZCf3b3Dv+K1adgTD+b
aiNqlXZUPFOjiNIC2FApaXPB7wECWYtRlOdYDDjEKGDo0CLA6yTU6eiAQCZKXjq3
H8SWubn3LUcHQMQ3i83TMPIiom1jWhkRz/1QvEMRpOa/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:16 2025 by rpki-client