Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/imLK9OTHEPK2E4mG3voDK7joJb4.roa
File: imLK9OTHEPK2E4mG3voDK7joJb4.roa (raw, json)
Hash identifier: IBVgbtfe5bFfzru1Eah2YkRLY2havxYIbfXieLh9Okk=
Subject key identifier: 8A:62:CA:F4:E4:C7:10:F2:B6:13:89:86:DE:FA:03:2B:B8:E8:25:BE
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3D58116C
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/imLK9OTHEPK2E4mG3voDK7joJb4.roa
Signing time: Sat 01 Jan 2022 06:55:17 +0000
ROA not before: Sat 01 Jan 2022 06:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204116
IP address blocks: 146.0.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1029181804 (0x3d58116c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 06:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a62caf4e4c710f2b6138986defa032bb8e825be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:27:22:4e:29:bd:5c:f9:dc:9f:32:c9:1b:b2:
04:d9:11:4e:b6:94:e6:73:1f:99:c0:44:4e:6b:5f:
16:a7:83:0c:b2:60:9b:dc:d9:4d:4e:2e:7c:fa:65:
cb:ba:4d:89:5c:b5:a4:a5:e3:bf:ea:f8:2c:7d:86:
05:88:7c:30:6d:b3:ed:db:0b:ec:98:c3:41:b8:96:
15:32:7a:20:db:fe:2c:6b:8b:d1:ea:cb:13:1f:23:
de:04:57:5f:90:d3:47:a1:87:7a:6d:38:f5:fa:97:
24:7e:8c:bb:07:86:b0:8f:0c:1d:14:9f:a0:b2:d4:
80:a9:54:fb:45:c5:8f:be:b0:bf:fd:98:f8:79:be:
df:d0:b7:2b:54:37:d4:e8:86:f9:22:8c:6c:ad:47:
d0:2b:96:55:44:54:79:4e:28:c6:ae:fb:43:7f:8e:
f3:7b:95:14:aa:fa:0f:e8:27:67:61:cb:69:cb:c8:
70:f3:59:af:f6:ad:f8:52:bc:e5:91:09:a5:d0:b7:
72:2f:c0:2d:11:9b:40:d1:08:a7:3d:f8:7e:80:f2:
05:be:4f:7d:30:42:40:ae:82:97:52:ba:1b:11:7e:
c1:39:df:a5:07:3d:b9:33:57:c5:60:13:fd:2b:06:
0c:7f:17:e4:d3:7c:58:54:9f:ba:ee:ff:48:e3:64:
98:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:62:CA:F4:E4:C7:10:F2:B6:13:89:86:DE:FA:03:2B:B8:E8:25:BE
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/imLK9OTHEPK2E4mG3voDK7joJb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:56:95:f9:4b:d4:92:f6:ea:6d:54:18:aa:b3:52:37:4b:c2:
d2:a4:53:68:db:b4:e4:d4:79:d3:31:64:5f:15:6e:8c:3b:99:
6a:68:2b:b5:6c:5d:13:6b:a5:10:b7:3c:8f:c2:e4:dc:74:8f:
6f:d5:44:93:aa:21:d8:74:71:ec:4e:b4:b6:c5:c6:77:96:7c:
ab:91:08:1b:5e:46:f8:f9:05:00:cf:b8:02:94:e7:40:73:d9:
16:c2:5d:e4:9d:48:18:97:6e:68:f0:ec:88:e9:b8:94:f3:1f:
ff:52:3e:9f:0f:62:06:1a:d2:8e:32:2d:12:be:53:f6:47:81:
d9:0b:63:4e:8b:ab:91:1f:4c:04:20:aa:82:fe:79:11:06:89:
c6:e3:3d:8b:e9:b7:1a:ce:bb:de:d5:ec:f1:42:c5:95:c1:47:
77:d5:14:b4:30:42:b0:37:75:8f:0f:90:16:14:39:39:44:a3:
20:ca:17:7a:dc:ab:11:12:31:3e:c1:8a:e6:93:6d:e1:6f:78:
5c:50:c1:ad:52:68:6d:32:73:63:26:3e:04:d5:59:41:6f:53:
56:49:8b:7f:ed:cc:fd:4b:35:d8:c6:d5:8b:d4:c7:02:41:d8:
0f:29:4d:69:53:ec:e1:db:80:77:17:95:57:9d:70:cd:e8:94:
b0:88:0a:7c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPVgRbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDEw
MTA2NTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE2MmNhZjRlNGM3
MTBmMmI2MTM4OTg2ZGVmYTAzMmJiOGU4MjViZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAnIk4pvVz53J8yyRuyBNkRTraU5nMfmcBETmtfFqeDDLJg
m9zZTU4ufPply7pNiVy1pKXjv+r4LH2GBYh8MG2z7dsL7JjDQbiWFTJ6INv+LGuL
0erLEx8j3gRXX5DTR6GHem049fqXJH6MuweGsI8MHRSfoLLUgKlU+0XFj76wv/2Y
+Hm+39C3K1Q31OiG+SKMbK1H0CuWVURUeU4oxq77Q3+O83uVFKr6D+gnZ2HLacvI
cPNZr/at+FK85ZEJpdC3ci/ALRGbQNEIpz34foDyBb5PfTBCQK6Cl1K6GxF+wTnf
pQc9uTNXxWAT/SsGDH8X5NN8WFSfuu7/SONkmBECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKYsr05McQ8rYTiYbe+gMruOglvjAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L2ltTEs5T1RIRVBLMkU0bUczdm9ESzdqb0piNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJIA7zANBgkqhkiG9w0BAQsFAAOC
AQEAL1aV+UvUkvbqbVQYqrNSN0vC0qRTaNu05NR50zFkXxVujDuZamgrtWxdE2ul
ELc8j8Lk3HSPb9VEk6oh2HRx7E60tsXGd5Z8q5EIG15G+PkFAM+4ApTnQHPZFsJd
5J1IGJduaPDsiOm4lPMf/1I+nw9iBhrSjjItEr5T9keB2QtjTourkR9MBCCqgv55
EQaJxuM9i+m3Gs673tXs8ULFlcFHd9UUtDBCsDd1jw+QFhQ5OUSjIMoXetyrERIx
PsGK5pNt4W94XFDBrVJobTJzYyY+BNVZQW9TVkmLf+3M/Us12MbVi9THAkHYDylN
aVPs4duAdxeVV51wzeiUsIgKfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org