Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/D-VhsuAVisZJaoRR6X9quzr09QY.roa
File: D-VhsuAVisZJaoRR6X9quzr09QY.roa (raw, json)
Hash identifier: lKgkwtpj5Anc81siEE6JzLlkEczvEbaqhhhYId6j7vc=
Subject key identifier: 0F:E5:61:B2:E0:15:8A:C6:49:6A:84:51:E9:7F:6A:BB:3A:F4:F5:06
Certificate issuer: /CN=96b8121d556df453456553dcb45c4143f4cdd213
Certificate serial: 0188242592E4D9FBE5424D5DF87ECB60A927
Authority key identifier: 96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/D-VhsuAVisZJaoRR6X9quzr09QY.roa
Signing time: Tue 16 May 2023 10:40:22 +0000
ROA not before: Tue 16 May 2023 10:40:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 89.19.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:25:92:e4:d9:fb:e5:42:4d:5d:f8:7e:cb:60:a9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8121d556df453456553dcb45c4143f4cdd213
Validity
Not Before: May 16 10:40:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fe561b2e0158ac6496a8451e97f6abb3af4f506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e1:78:78:be:46:8c:17:77:7a:af:dd:0f:ec:
22:9a:7d:11:28:68:c6:7c:4d:64:54:a2:d6:67:29:
6d:92:44:1f:6e:b0:c3:3f:3f:6d:5c:35:72:a2:3e:
3d:90:7e:8e:be:b1:e4:f3:64:2a:1f:33:80:04:14:
08:d7:ef:80:50:07:11:d8:60:ab:9e:8e:1b:6b:26:
4c:06:e9:f5:16:da:cd:d5:e4:f6:12:4f:c8:39:72:
c4:4d:22:8f:5d:42:98:9c:65:eb:0d:94:cd:5b:54:
ea:f3:9d:bd:e5:42:b1:63:c6:72:28:8d:dc:4a:f1:
d3:3d:c0:f3:a1:5e:63:18:0a:37:62:94:f2:95:d0:
5a:13:22:3d:73:39:5d:be:fa:ed:ae:44:d1:98:3a:
85:56:3b:fc:ca:4c:3e:0f:a1:51:6d:a1:42:3b:3c:
48:fe:09:ba:7d:4b:a2:94:d8:84:ac:4f:f6:70:cf:
62:83:ae:12:9e:fc:75:03:04:1b:6e:17:de:0b:a0:
14:91:98:cd:dc:60:20:c7:7a:6a:31:ac:f1:1e:14:
e8:84:42:21:a6:ca:28:bd:91:03:24:39:c3:0f:6f:
4f:3a:16:29:ad:c7:c9:7a:4b:a9:c1:45:3f:6d:79:
6d:41:97:b3:b8:b5:1c:be:3e:10:d2:97:47:cc:eb:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E5:61:B2:E0:15:8A:C6:49:6A:84:51:E9:7F:6A:BB:3A:F4:F5:06
X509v3 Authority Key Identifier:
keyid:96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/D-VhsuAVisZJaoRR6X9quzr09QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.218.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:6d:98:59:31:ed:4b:65:87:f7:13:6f:30:46:4d:8a:ba:af:
79:c3:9a:78:f1:4d:a9:b6:3a:f3:b4:b7:8e:c0:ce:61:47:7f:
3d:f9:21:30:c0:e8:f1:bc:09:28:64:2b:bf:a1:41:46:e5:23:
e1:3d:f9:8a:09:31:2a:55:af:93:2f:67:53:ef:24:77:de:f1:
53:b5:df:31:74:57:01:07:4a:b8:4f:aa:c9:3a:5a:72:f7:70:
0e:d1:94:10:f6:07:5d:7e:e8:5c:e8:e2:c6:55:85:e2:68:5a:
8b:0b:71:f4:bf:3f:aa:92:f9:0c:92:05:71:4b:e8:d4:98:8f:
75:50:4e:c1:5e:6b:d1:df:83:51:53:7a:13:c9:b3:f4:0d:19:
fa:37:ef:bc:a8:f9:55:1a:f2:ef:bf:52:9a:b0:4d:71:cf:39:
ae:67:38:0b:ef:6e:63:6a:bf:3d:01:66:8b:40:70:85:a3:f0:
de:f6:42:02:94:14:86:17:da:12:09:00:a5:12:cf:ca:16:b9:
76:26:54:c3:7c:84:9a:c2:54:5d:ee:f6:39:77:df:72:ee:5f:
48:41:4f:4a:a3:13:0e:73:bc:4d:28:73:a7:53:b9:22:c1:ef:
b0:68:91:2a:ce:3d:03:3f:83:78:a0:b8:b8:52:ea:29:74:09:
e1:92:2d:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgkJZLk2fvlQk1d+H7LYKknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjgxMjFkNTU2ZGY0NTM0NTY1NTNkY2I0NWM0MTQzZjRj
ZGQyMTMwHhcNMjMwNTE2MTA0MDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmU1NjFiMmUwMTU4YWM2NDk2YTg0NTFlOTdmNmFiYjNhZjRmNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuF4eL5GjBd3eq/dD+wimn0RKGjG
fE1kVKLWZyltkkQfbrDDPz9tXDVyoj49kH6OvrHk82QqHzOABBQI1++AUAcR2GCr
no4bayZMBun1FtrN1eT2Ek/IOXLETSKPXUKYnGXrDZTNW1Tq85295UKxY8ZyKI3c
SvHTPcDzoV5jGAo3YpTyldBaEyI9czldvvrtrkTRmDqFVjv8ykw+D6FRbaFCOzxI
/gm6fUuilNiErE/2cM9ig64Snvx1AwQbbhfeC6AUkZjN3GAgx3pqMazxHhTohEIh
psoovZEDJDnDD29POhYprcfJekupwUU/bXltQZezuLUcvj4Q0pdHzOsgEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/lYbLgFYrGSWqEUel/ars69PUGMB8GA1UdIwQY
MBaAFJa4Eh1VbfRTRWVT3LRcQUP0zdITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUt
ZDRmNTMxN2M1ODMwLzEvRC1WaHN1QVZpc1pKYW9SUjZYOXF1enIwOVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUtZDRmNTMxN2M1ODMw
LzEvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRPaMA0G
CSqGSIb3DQEBCwUAA4IBAQC6bZhZMe1LZYf3E28wRk2Kuq95w5p48U2ptjrztLeO
wM5hR389+SEwwOjxvAkoZCu/oUFG5SPhPfmKCTEqVa+TL2dT7yR33vFTtd8xdFcB
B0q4T6rJOlpy93AO0ZQQ9gddfuhc6OLGVYXiaFqLC3H0vz+qkvkMkgVxS+jUmI91
UE7BXmvR34NRU3oTybP0DRn6N++8qPlVGvLvv1KasE1xzzmuZzgL725jar89AWaL
QHCFo/De9kIClBSGF9oSCQClEs/KFrl2JlTDfISawlRd7vY5d99y7l9IQU9KoxMO
c7xNKHOnU7kiwe+waJEqzj0DP4N4oLi4UuopdAnhki27
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org