Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/d_6ooIno-Y15gPT0fft5o5Y4uSw.roa
File: d_6ooIno-Y15gPT0fft5o5Y4uSw.roa (raw, json)
Hash identifier: IS8mZlh/9KCF3fTARDH+u8kv1nnoDhA5UneT3Qz+UvU=
Subject key identifier: 77:FE:A8:A0:89:E8:F9:8D:79:80:F4:F4:7D:FB:79:A3:96:38:B9:2C
Certificate issuer: /CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Certificate serial: 018F619DB57606363CA5A9E89639D7BB92E9
Authority key identifier: D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/d_6ooIno-Y15gPT0fft5o5Y4uSw.roa
Signing time: Fri 10 May 2024 08:27:56 +0000
ROA not before: Fri 10 May 2024 08:27:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 91.217.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:9d:b5:76:06:36:3c:a5:a9:e8:96:39:d7:bb:92:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Validity
Not Before: May 10 08:27:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77fea8a089e8f98d7980f4f47dfb79a39638b92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4a:da:ed:9d:95:0f:5c:19:f5:53:04:80:d3:
4d:d3:c0:89:92:91:e4:13:02:85:6b:2c:ca:c4:26:
2d:49:6b:ed:ab:43:78:4d:07:26:fe:51:3c:a4:41:
bc:ca:3b:57:7b:0b:10:46:9a:84:99:e5:69:6c:b6:
f3:d1:f2:8b:4b:21:c9:0a:e3:02:45:ed:0d:35:0f:
f8:3f:a0:33:10:d9:fe:ed:3c:17:56:4b:8e:e6:ff:
e7:c9:e4:f4:b4:cf:55:5f:10:38:1d:23:dc:ff:98:
ef:f7:d7:b6:8b:5b:4e:e0:4b:be:88:65:46:63:fe:
89:3d:37:4a:af:5d:81:e9:6b:df:18:89:1a:c9:9b:
5d:4f:e5:30:b2:2b:c9:a3:5f:74:11:1f:62:ab:6c:
88:0d:b8:3c:c7:c3:84:6f:ba:3c:d8:63:0e:1b:62:
4f:e4:6e:7b:05:11:4d:be:b1:a5:97:ec:81:89:02:
4d:7f:d6:67:7c:e9:04:71:cd:b1:8b:9e:dd:6f:e1:
ed:93:88:bf:89:49:36:12:6a:fc:c6:cc:74:4b:55:
6b:ab:1a:60:20:f5:b6:c6:b0:73:4c:a3:4f:ec:08:
4e:04:24:22:74:14:94:7e:e9:6e:20:3d:f9:52:2e:
90:ef:ad:5f:5d:3d:54:b7:10:c1:29:64:f3:72:0b:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:FE:A8:A0:89:E8:F9:8D:79:80:F4:F4:7D:FB:79:A3:96:38:B9:2C
X509v3 Authority Key Identifier:
keyid:D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/d_6ooIno-Y15gPT0fft5o5Y4uSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/2O6yCogM20lOnmLUOy7yjJDLnu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
Signature Algorithm: sha256WithRSAEncryption
21:df:9d:55:1a:d6:df:6e:1b:58:90:41:0d:de:a6:55:28:39:
db:5e:a8:43:7f:f9:bb:ba:02:15:e2:89:e2:66:8d:6f:4c:fe:
4e:0e:06:68:c3:cd:dd:11:1d:99:16:41:62:61:f5:db:34:04:
cc:86:0c:d6:e9:b7:b0:89:26:16:a3:fe:e5:35:58:8f:c2:eb:
b3:3d:fc:c2:82:5d:44:ac:23:88:15:9a:eb:31:68:cf:9e:b8:
d3:5f:99:03:eb:eb:7f:b8:88:6c:2f:68:2d:f1:6c:9f:7f:2e:
c2:92:71:44:df:11:98:1e:c6:95:92:a2:23:13:14:06:68:ea:
c3:9f:c3:49:17:0b:62:9e:36:6f:02:cc:cd:a7:a8:f0:a0:99:
b3:9d:1d:e8:77:cc:0f:db:7d:c0:a5:30:d8:44:78:90:f7:8b:
97:fc:af:11:4f:2f:d4:d9:86:14:7a:37:3f:a1:3a:15:c4:4f:
06:79:98:dd:ea:e7:53:0d:02:c5:91:11:33:a3:b2:62:4b:ff:
2c:ae:3a:e4:a2:ba:80:e5:9d:a2:e5:bd:45:ce:0e:d7:8b:e6:
d4:39:b2:66:e1:5b:0c:c6:bb:9f:76:6d:bc:26:c6:d6:69:9e:
25:15:d4:06:e1:34:7a:10:55:11:79:b3:74:1f:d5:d8:ee:96:
99:e9:37:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9hnbV2BjY8panoljnXu5LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWViMjBhODgwY2RiNDk0ZTllNjJkNDNiMmVmMjhjOTBj
YjllZWYwHhcNMjQwNTEwMDgyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ZlYThhMDg5ZThmOThkNzk4MGY0ZjQ3ZGZiNzlhMzk2MzhiOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Era7Z2VD1wZ9VMEgNNN08CJkpHk
EwKFayzKxCYtSWvtq0N4TQcm/lE8pEG8yjtXewsQRpqEmeVpbLbz0fKLSyHJCuMC
Re0NNQ/4P6AzENn+7TwXVkuO5v/nyeT0tM9VXxA4HSPc/5jv99e2i1tO4Eu+iGVG
Y/6JPTdKr12B6WvfGIkayZtdT+UwsivJo190ER9iq2yIDbg8x8OEb7o82GMOG2JP
5G57BRFNvrGll+yBiQJNf9ZnfOkEcc2xi57db+Htk4i/iUk2Emr8xsx0S1Vrqxpg
IPW2xrBzTKNP7AhOBCQidBSUfuluID35Ui6Q761fXT1UtxDBKWTzcgvihQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHf+qKCJ6PmNeYD09H37eaOWOLksMB8GA1UdIwQY
MBaAFNjusgqIDNtJTp5i1Dsu8oyQy57vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzct
OTZiNTBiY2M3YTA4LzEvZF82b29Jbm8tWTE1Z1BUMGZmdDVvNVk0dVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzctOTZiNTBiY2M3YTA4
LzEvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nbMA0G
CSqGSIb3DQEBCwUAA4IBAQAh351VGtbfbhtYkEEN3qZVKDnbXqhDf/m7ugIV4oni
Zo1vTP5ODgZow83dER2ZFkFiYfXbNATMhgzW6bewiSYWo/7lNViPwuuzPfzCgl1E
rCOIFZrrMWjPnrjTX5kD6+t/uIhsL2gt8Wyffy7CknFE3xGYHsaVkqIjExQGaOrD
n8NJFwtinjZvAszNp6jwoJmznR3od8wP233ApTDYRHiQ94uX/K8RTy/U2YYUejc/
oToVxE8GeZjd6udTDQLFkREzo7JiS/8srjrkorqA5Z2i5b1Fzg7Xi+bUObJm4VsM
xrufdm28JsbWaZ4lFdQG4TR6EFURebN0H9XY7paZ6TdS
-----END CERTIFICATE-----
Generated at Thu May 8 03:42:15 2025 by rpki-client