Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/_tF4DUN3ApyClSnJrUu_SEgeUtk.roa
File: _tF4DUN3ApyClSnJrUu_SEgeUtk.roa (raw, json)
Hash identifier: S8/BoH0ktwyUTwJ9LyMBOqp9DiLXerOKbOwOudorrA0=
Subject key identifier: FE:D1:78:0D:43:77:02:9C:82:95:29:C9:AD:4B:BF:48:48:1E:52:D9
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0181ECBA2AB451D6847DA46633265AEF43CA
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/_tF4DUN3ApyClSnJrUu_SEgeUtk.roa
Signing time: Mon 11 Jul 2022 10:07:12 +0000
ROA not before: Mon 11 Jul 2022 10:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59934
IP address blocks: 89.35.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:ba:2a:b4:51:d6:84:7d:a4:66:33:26:5a:ef:43:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jul 11 10:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fed1780d4377029c829529c9ad4bbf48481e52d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:85:5b:6c:75:f6:4b:78:87:39:8c:ac:c8:ea:
05:5b:c7:34:16:79:3c:a3:14:12:6f:7d:2f:a7:57:
a2:80:5d:a2:20:88:5a:c4:13:f9:f4:12:ae:67:ac:
ea:98:f1:c3:07:88:ce:2f:b0:28:b4:45:a4:3a:9c:
46:6b:88:b7:28:51:69:d9:07:9a:30:a0:bd:39:3a:
63:d5:74:f0:bc:39:2b:18:4b:9a:af:09:6a:1d:d0:
ba:59:d5:4e:15:e4:ae:cc:55:af:e8:0c:75:83:08:
e7:eb:28:11:a7:b3:2b:b0:af:5e:f1:59:19:d1:16:
27:6f:dd:fe:0b:59:10:6f:fa:27:d2:d9:2c:b1:ff:
e5:3a:00:f1:bf:4d:93:6a:75:9b:2a:81:5a:06:a5:
5b:63:15:ed:c3:dd:1c:93:29:f3:38:74:bd:0a:12:
e2:7d:33:e0:e7:48:de:9a:e1:89:cd:02:d7:7c:e6:
35:0c:9f:e5:81:a7:72:85:7d:55:d8:62:57:a3:e0:
24:27:7f:ee:7d:76:9b:6c:2b:ab:ce:3a:4f:ce:03:
a4:ff:f0:e4:27:9a:1e:6d:24:3b:b7:ea:30:2f:67:
d1:e3:c3:be:f8:16:a9:3b:5e:92:e7:43:9d:ab:e9:
e3:65:a8:43:c8:67:5e:ab:e1:29:d7:8d:c1:a4:9d:
a8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D1:78:0D:43:77:02:9C:82:95:29:C9:AD:4B:BF:48:48:1E:52:D9
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/_tF4DUN3ApyClSnJrUu_SEgeUtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.35.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:d5:b7:05:76:ed:a8:21:a5:6f:a7:62:82:80:91:52:b3:da:
af:48:af:89:86:e9:85:cd:c7:63:b4:a6:ba:bc:9e:b5:3c:7b:
cb:a2:f2:17:35:9a:da:fd:01:1d:87:38:8b:da:f5:3b:04:8e:
10:2f:1b:f4:0c:59:4f:7a:fe:96:c5:47:af:8a:33:a2:bf:90:
d7:dd:b8:4b:28:7b:ca:61:8e:af:ec:39:72:47:27:3f:4b:ea:
dc:48:31:30:01:3f:e5:4d:e6:23:d9:dd:5f:42:45:8b:e6:13:
fc:9a:a5:9e:2b:4f:4c:73:12:fe:e0:b4:dc:e4:39:01:98:c4:
76:7e:a5:77:fc:fd:07:e9:d6:b4:aa:29:b5:bd:7a:59:6f:68:
52:f1:c7:7a:cf:cc:ee:d2:b8:66:82:e1:8e:80:e8:01:f2:49:
c7:0c:9a:92:54:64:c1:4d:80:c1:c5:25:b2:28:ce:55:55:dc:
2a:5e:4f:9a:2d:cc:99:96:6c:b5:d9:69:6b:23:2e:81:96:cd:
24:cd:2c:cc:ad:72:52:71:67:16:fb:65:dc:92:03:67:10:f9:
8e:19:63:3c:18:e3:cc:dc:d0:2c:14:d3:cc:26:44:0d:11:3d:
be:85:5f:ec:98:8b:10:28:a5:09:ce:87:cf:c8:ea:fb:fe:1f:
c8:7c:80:02
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYHsuiq0UdaEfaRmMyZa70PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIwNzExMTAwNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQxNzgwZDQzNzcwMjljODI5NTI5YzlhZDRiYmY0ODQ4MWU1MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYVbbHX2S3iHOYysyOoFW8c0Fnk8
oxQSb30vp1eigF2iIIhaxBP59BKuZ6zqmPHDB4jOL7AotEWkOpxGa4i3KFFp2Qea
MKC9OTpj1XTwvDkrGEuarwlqHdC6WdVOFeSuzFWv6Ax1gwjn6ygRp7MrsK9e8VkZ
0RYnb93+C1kQb/on0tkssf/lOgDxv02TanWbKoFaBqVbYxXtw90ckynzOHS9ChLi
fTPg50jemuGJzQLXfOY1DJ/lgadyhX1V2GJXo+AkJ3/ufXabbCurzjpPzgOk//Dk
J5oebSQ7t+owL2fR48O++BapO16S50Odq+njZahDyGdeq+Ep143BpJ2oEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP7ReA1DdwKcgpUpya1Lv0hIHlLZMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL190RjREVU4zQXB5Q2xTbkpyVXVfU0VnZVV0ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZIyMw
DQYJKoZIhvcNAQELBQADggEBAOvVtwV27aghpW+nYoKAkVKz2q9Ir4mG6YXNx2O0
prq8nrU8e8ui8hc1mtr9AR2HOIva9TsEjhAvG/QMWU96/pbFR6+KM6K/kNfduEso
e8phjq/sOXJHJz9L6txIMTABP+VN5iPZ3V9CRYvmE/yapZ4rT0xzEv7gtNzkOQGY
xHZ+pXf8/Qfp1rSqKbW9ellvaFLxx3rPzO7SuGaC4Y6A6AHySccMmpJUZMFNgMHF
JbIozlVV3CpeT5otzJmWbLXZaWsjLoGWzSTNLMytclJxZxb7ZdySA2cQ+Y4ZYzwY
48zc0CwU08wmRA0RPb6FX+yYixAopQnOh8/I6vv+H8h8gAI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:52 2024 by rpki-client on console-ams.rpki-client.org