Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/93xyhjm6cC4SG5aWfTAppacWWyY.roa
File: 93xyhjm6cC4SG5aWfTAppacWWyY.roa (raw, json)
Hash identifier: ISFsMb47ju/osNcTjHZz+Vs9lvMVeofbLWiWYkM6+rY=
Subject key identifier: F7:7C:72:86:39:BA:70:2E:12:1B:96:96:7D:30:29:A5:A7:16:5B:26
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0193874472F23E1352729051078933F6473B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/93xyhjm6cC4SG5aWfTAppacWWyY.roa
Signing time: Mon 02 Dec 2024 12:07:10 +0000
ROA not before: Mon 02 Dec 2024 12:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.186.216.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:44:72:f2:3e:13:52:72:90:51:07:89:33:f6:47:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Dec 2 12:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f77c728639ba702e121b96967d3029a5a7165b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0a:c2:95:21:03:f0:a7:1e:ed:ff:85:80:cf:
fb:d6:4e:17:ab:f8:e5:f0:e6:ab:1f:bc:38:c4:b9:
c7:a6:b1:24:ec:3e:6c:4a:16:e2:a2:9c:5a:c1:34:
c1:38:d6:40:34:23:8b:b9:90:74:d4:98:61:63:12:
b5:49:ca:62:81:5b:cc:8a:83:32:34:8f:43:c2:b6:
a0:f8:44:f3:b6:bc:d8:35:4e:b8:8a:fe:12:b8:be:
79:91:d2:67:b0:25:c7:c5:16:76:3f:18:4e:ab:96:
eb:48:40:56:2e:50:90:97:b1:0a:40:6a:0d:1a:92:
cf:89:2c:09:96:c4:55:67:80:58:74:17:da:43:6c:
3f:75:4a:d7:27:76:f3:0b:81:cb:e8:16:71:cc:86:
ee:12:21:47:ab:ee:d2:32:f0:fa:d9:4e:b1:d2:c5:
82:fd:95:ab:06:01:ca:33:da:9f:aa:f4:8a:c3:9a:
cf:f9:eb:a7:7a:05:13:fe:40:1a:4d:da:5c:9f:02:
ea:14:ee:20:e6:a4:52:25:62:7c:14:f3:51:70:20:
25:2b:f3:3e:19:09:4b:87:9c:a2:43:d1:47:4c:94:
22:69:43:c5:fc:14:39:6a:85:7e:48:ff:50:0f:5b:
bc:ee:2e:ad:42:79:3d:a9:eb:30:01:bb:7a:ef:99:
7d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7C:72:86:39:BA:70:2E:12:1B:96:96:7D:30:29:A5:A7:16:5B:26
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/93xyhjm6cC4SG5aWfTAppacWWyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.216.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a2:86:1a:66:71:d5:89:f4:52:e2:67:2a:3e:8b:52:fd:6a:
99:66:e7:48:4c:25:1e:1f:3f:e9:90:61:31:7d:2c:57:96:32:
f1:76:9a:c7:42:38:91:20:fe:c3:79:ff:54:79:32:b0:ee:38:
41:56:25:84:8e:3d:cc:fd:00:a0:19:65:9d:23:d6:ab:3b:d1:
b0:0a:70:f4:6a:4e:d9:ab:e6:84:fe:7c:18:b3:7f:cd:c4:db:
fc:76:82:a8:34:24:49:27:08:81:ea:84:87:c5:3d:40:c4:25:
4b:ac:e8:fd:3b:7f:15:f3:31:01:b7:7b:ce:d9:1d:d7:1d:f1:
dc:bb:c3:cc:22:bb:df:ae:ce:d8:07:8e:45:5c:fa:ef:ed:80:
d8:72:ca:94:a6:6e:31:bf:b6:ca:2d:4b:84:2e:8e:98:95:43:
2a:92:72:b4:ff:6d:c7:18:c9:7d:ed:7d:ef:66:4b:3f:80:21:
00:5b:63:2c:63:67:b5:36:33:47:fe:e3:18:da:2e:f5:c2:e5:
cd:cb:7a:13:44:94:24:41:37:47:c3:28:06:a6:12:e8:51:56:
c9:0f:2a:c1:e4:a7:c0:54:0e:fd:3c:3c:d1:64:e4:be:56:24:
98:b8:98:2e:c0:89:a5:d9:40:2c:2e:35:5d:79:3d:ea:4a:1c:
5a:ed:be:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOHRHLyPhNScpBRB4kz9kc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMjAyMTIwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzdjNzI4NjM5YmE3MDJlMTIxYjk2OTY3ZDMwMjlhNWE3MTY1YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwrClSED8Kce7f+FgM/71k4Xq/jl
8OarH7w4xLnHprEk7D5sShbiopxawTTBONZANCOLuZB01JhhYxK1ScpigVvMioMy
NI9Dwrag+ETztrzYNU64iv4SuL55kdJnsCXHxRZ2PxhOq5brSEBWLlCQl7EKQGoN
GpLPiSwJlsRVZ4BYdBfaQ2w/dUrXJ3bzC4HL6BZxzIbuEiFHq+7SMvD62U6x0sWC
/ZWrBgHKM9qfqvSKw5rP+eunegUT/kAaTdpcnwLqFO4g5qRSJWJ8FPNRcCAlK/M+
GQlLh5yiQ9FHTJQiaUPF/BQ5aoV+SP9QD1u87i6tQnk9qeswAbt675l9sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPd8coY5unAuEhuWln0wKaWnFlsmMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvOTN4eWhqbTZjQzRTRzVhV2ZUQXBwYWNXV3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rYMA0G
CSqGSIb3DQEBCwUAA4IBAQBwooYaZnHVifRS4mcqPotS/WqZZudITCUeHz/pkGEx
fSxXljLxdprHQjiRIP7Def9UeTKw7jhBViWEjj3M/QCgGWWdI9arO9GwCnD0ak7Z
q+aE/nwYs3/NxNv8doKoNCRJJwiB6oSHxT1AxCVLrOj9O38V8zEBt3vO2R3XHfHc
u8PMIrvfrs7YB45FXPrv7YDYcsqUpm4xv7bKLUuELo6YlUMqknK0/23HGMl97X3v
Zks/gCEAW2MsY2e1NjNH/uMY2i71wuXNy3oTRJQkQTdHwygGphLoUVbJDyrB5KfA
VA79PDzRZOS+ViSYuJguwIml2UAsLjVdeT3qShxa7b5A
-----END CERTIFICATE-----
Generated at Mon May 12 01:25:06 2025 by rpki-client