Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/83ZViAPAzwF9Y4EMCnW5OKkIYdU.roa
File: 83ZViAPAzwF9Y4EMCnW5OKkIYdU.roa (raw, json)
Hash identifier: GAvY1ZuzJqoHhKKcVmZqd5acFDTOzBtM1peJIg84ifo=
Subject key identifier: F3:76:55:88:03:C0:CF:01:7D:63:81:0C:0A:75:B9:38:A9:08:61:D5
Certificate issuer: /CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Certificate serial: 0190495299901363D16AEAABCE0FF00A3F2E
Authority key identifier: D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/83ZViAPAzwF9Y4EMCnW5OKkIYdU.roa
Signing time: Mon 24 Jun 2024 08:17:48 +0000
ROA not before: Mon 24 Jun 2024 08:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.217.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:52:99:90:13:63:d1:6a:ea:ab:ce:0f:f0:0a:3f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8eeb20a880cdb494e9e62d43b2ef28c90cb9eef
Validity
Not Before: Jun 24 08:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f376558803c0cf017d63810c0a75b938a90861d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:fb:44:16:db:bd:b3:e5:8f:d7:ea:8b:3c:
66:d1:76:a6:fb:9a:40:86:75:4c:66:c7:0d:ae:76:
5e:0a:ed:ba:c4:d9:0f:a6:62:d9:ab:5a:25:d5:5d:
f3:2c:96:76:43:41:76:1f:c0:42:6c:84:3a:91:30:
10:54:d4:7e:91:46:df:02:c4:15:b6:93:cc:d2:fb:
c3:be:a3:ee:09:f1:5b:ce:e6:3d:08:2e:84:b9:3b:
f3:56:0a:73:b8:7e:59:17:2f:a4:ac:48:cd:32:67:
ff:44:cb:4c:68:48:fa:c1:a3:c4:30:cc:d3:1a:b6:
e8:fd:c4:c5:08:37:88:f8:31:c5:73:9f:55:74:8c:
c9:a4:fe:01:b7:6c:51:d0:8a:25:73:97:c3:ed:7a:
30:3e:32:bb:38:36:60:4d:92:bc:1f:52:af:e9:7b:
ec:51:81:1b:9d:3a:82:8a:4e:1d:49:f4:bf:28:88:
2d:43:88:8b:81:5a:78:8e:6c:54:f1:ce:3e:a5:40:
d4:83:f0:30:00:9b:9d:ba:c8:2c:7c:ca:0d:b1:89:
aa:1a:24:7d:da:1e:02:78:52:e6:7f:71:c3:86:0d:
2a:94:3e:34:a5:e6:96:b9:a6:6b:a6:3d:3a:d9:51:
c5:b9:9d:57:db:41:13:65:3b:74:de:7d:a4:3f:6c:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:76:55:88:03:C0:CF:01:7D:63:81:0C:0A:75:B9:38:A9:08:61:D5
X509v3 Authority Key Identifier:
keyid:D8:EE:B2:0A:88:0C:DB:49:4E:9E:62:D4:3B:2E:F2:8C:90:CB:9E:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6yCogM20lOnmLUOy7yjJDLnu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/83ZViAPAzwF9Y4EMCnW5OKkIYdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/fe3dbe-9708-4242-9277-96b50bcc7a08/1/2O6yCogM20lOnmLUOy7yjJDLnu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:1f:fe:b4:0f:f4:26:20:c5:00:b2:4d:6b:fd:5d:9a:e5:2e:
71:05:7c:7a:79:f8:13:bd:01:72:13:6e:e2:45:a9:05:86:41:
12:66:80:9e:6b:e1:f0:07:33:68:59:43:37:68:cc:df:cd:13:
08:54:3e:9f:ad:05:6b:6a:82:67:3a:20:8e:09:1a:d3:0c:f4:
e5:0c:fb:1a:db:6a:1f:35:29:85:41:a0:d8:af:ca:bc:7d:95:
8a:70:e5:3f:67:17:9b:fe:76:4a:ef:aa:75:76:f2:28:f0:42:
54:c9:f1:d4:1f:2a:74:81:d4:2f:e0:e5:22:51:80:75:96:4a:
8d:a3:6c:f4:75:7f:da:f5:99:1c:1a:fa:27:65:94:cc:94:c1:
a2:2c:ca:87:52:96:50:95:48:70:d2:1b:0c:b4:de:cc:a7:92:
58:66:ce:4e:16:11:f7:65:1a:8a:65:17:5d:8b:6c:31:24:d1:
01:ad:25:7c:7b:2a:47:22:72:4d:35:57:5d:83:1f:72:0a:28:
0c:53:ef:47:cd:2c:a4:a1:bb:c7:bc:86:93:20:cf:1b:f0:80:
67:03:17:82:8d:86:e2:86:b5:1b:33:ab:c4:40:1f:68:26:66:
0e:cc:a1:17:1a:92:32:fe:5e:40:b3:0b:f7:63:45:1d:de:c2:
93:e4:da:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBJUpmQE2PRauqrzg/wCj8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWViMjBhODgwY2RiNDk0ZTllNjJkNDNiMmVmMjhjOTBj
YjllZWYwHhcNMjQwNjI0MDgxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzc2NTU4ODAzYzBjZjAxN2Q2MzgxMGMwYTc1YjkzOGE5MDg2MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwn7RBbbvbPlj9fqizxm0Xam+5pA
hnVMZscNrnZeCu26xNkPpmLZq1ol1V3zLJZ2Q0F2H8BCbIQ6kTAQVNR+kUbfAsQV
tpPM0vvDvqPuCfFbzuY9CC6EuTvzVgpzuH5ZFy+krEjNMmf/RMtMaEj6waPEMMzT
Grbo/cTFCDeI+DHFc59VdIzJpP4Bt2xR0Iolc5fD7XowPjK7ODZgTZK8H1Kv6Xvs
UYEbnTqCik4dSfS/KIgtQ4iLgVp4jmxU8c4+pUDUg/AwAJudusgsfMoNsYmqGiR9
2h4CeFLmf3HDhg0qlD40peaWuaZrpj062VHFuZ1X20ETZTt03n2kP2yCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPN2VYgDwM8BfWOBDAp1uTipCGHVMB8GA1UdIwQY
MBaAFNjusgqIDNtJTp5i1Dsu8oyQy57vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzct
OTZiNTBiY2M3YTA4LzEvODNaVmlBUEF6d0Y5WTRFTUNuVzVPS2tJWWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mZTNkYmUtOTcwOC00MjQyLTkyNzctOTZiNTBiY2M3YTA4
LzEvMk82eUNvZ00yMGxPbm1MVU95N3lqSkRMbnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nbMA0G
CSqGSIb3DQEBCwUAA4IBAQAfH/60D/QmIMUAsk1r/V2a5S5xBXx6efgTvQFyE27i
RakFhkESZoCea+HwBzNoWUM3aMzfzRMIVD6frQVraoJnOiCOCRrTDPTlDPsa22of
NSmFQaDYr8q8fZWKcOU/Zxeb/nZK76p1dvIo8EJUyfHUHyp0gdQv4OUiUYB1lkqN
o2z0dX/a9ZkcGvonZZTMlMGiLMqHUpZQlUhw0hsMtN7Mp5JYZs5OFhH3ZRqKZRdd
i2wxJNEBrSV8eypHInJNNVddgx9yCigMU+9HzSykobvHvIaTIM8b8IBnAxeCjYbi
hrUbM6vEQB9oJmYOzKEXGpIy/l5Aswv3Y0Ud3sKT5NoN
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:34:41 2025 by rpki-client