Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/EmNNliLUCiE4GS6i9jdngjU66gI.roa
File: EmNNliLUCiE4GS6i9jdngjU66gI.roa (raw, json)
Hash identifier: Rn6ZUVOeXX74g+VLGy1JNG9oeB4oHbjABtmlAFg+dnY=
Subject key identifier: 12:63:4D:96:22:D4:0A:21:38:19:2E:A2:F6:37:67:82:35:3A:EA:02
Certificate issuer: /CN=96b8121d556df453456553dcb45c4143f4cdd213
Certificate serial: 01882425948111777B48F8F84B88890FF8C3
Authority key identifier: 96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/EmNNliLUCiE4GS6i9jdngjU66gI.roa
Signing time: Tue 16 May 2023 10:40:22 +0000
ROA not before: Tue 16 May 2023 10:40:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 89.19.213.0/24 maxlen: 24
89.19.208.0/24 maxlen: 24
89.19.210.0/24 maxlen: 24
89.19.209.0/24 maxlen: 24
89.19.212.0/24 maxlen: 24
89.19.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:25:94:81:11:77:7b:48:f8:f8:4b:88:89:0f:f8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8121d556df453456553dcb45c4143f4cdd213
Validity
Not Before: May 16 10:40:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12634d9622d40a2138192ea2f6376782353aea02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:3e:2a:31:c4:c4:fd:c5:69:2e:24:16:36:
16:5b:71:bc:88:76:ac:3f:4f:94:62:ab:11:2b:d1:
8b:c3:ce:3a:97:e3:47:ac:df:e0:f6:0d:39:dc:b7:
20:47:80:f8:cd:6a:80:f1:2c:47:10:c0:8d:85:27:
ee:24:87:b3:a9:61:0d:cd:7c:27:65:df:b3:74:c5:
54:78:d8:ac:f1:0c:ee:c3:89:84:18:de:aa:3d:d8:
3e:3a:6a:70:1c:a6:c1:0d:88:aa:fb:cf:ea:41:73:
cf:25:ae:90:96:40:54:ab:06:7a:cd:41:d8:aa:3e:
bb:ac:ff:ea:be:13:a7:a1:bb:b1:a7:6c:0f:e0:ad:
6c:1a:85:b5:4d:4f:5e:92:b5:35:3f:f1:bc:39:46:
a2:83:07:3c:52:69:14:c3:b1:ab:ce:4a:33:54:57:
8d:67:eb:28:f4:bf:5c:06:11:97:57:f4:d1:29:50:
39:f3:c4:1b:2a:64:20:3c:5a:c8:bb:b0:fb:8f:ba:
f3:d4:58:da:c7:6a:13:58:74:07:be:62:0c:d4:75:
30:27:d6:06:a8:33:90:df:95:84:aa:49:ad:8e:43:
cf:41:e6:5e:1b:ca:55:e2:d7:69:1c:fc:6e:c5:b1:
98:e2:8e:39:37:ab:26:cb:9d:ad:9a:f4:2a:6b:09:
5a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:63:4D:96:22:D4:0A:21:38:19:2E:A2:F6:37:67:82:35:3A:EA:02
X509v3 Authority Key Identifier:
keyid:96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/EmNNliLUCiE4GS6i9jdngjU66gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.208.0-89.19.213.255
Signature Algorithm: sha256WithRSAEncryption
60:46:c5:b9:90:f4:26:e2:ed:de:fc:57:92:98:52:b8:a2:95:
37:3d:0c:d5:aa:36:66:e7:e0:97:2d:6c:72:5b:56:2e:54:46:
33:00:59:b9:da:d8:45:c5:ef:28:07:ec:e3:c4:b9:84:94:d0:
18:04:00:d6:8b:a5:f2:32:65:24:4e:90:5a:32:7f:11:f4:65:
a8:4b:8a:8d:ff:b8:24:ea:d7:50:cf:7b:31:2e:61:26:11:96:
75:1a:c0:f1:d5:d6:a2:7d:68:2a:2e:0c:84:e8:b2:dc:58:1d:
73:55:02:3f:a7:2a:75:bd:af:10:9d:e1:04:53:16:a4:93:62:
81:4a:81:25:7f:42:f1:0d:65:9f:a2:bd:60:5d:21:6b:f0:7b:
33:f6:0d:9c:d3:ba:e8:18:81:43:fd:7e:4c:26:61:31:8b:3f:
dc:d2:13:86:01:cd:b8:fe:5e:b1:09:90:03:54:12:c8:2a:e8:
b9:9c:fd:cd:97:d8:bf:30:a5:04:0b:a9:dc:ec:12:19:29:9c:
f3:87:65:65:6d:3d:37:f9:9b:c2:57:83:06:bd:76:11:b2:eb:
98:63:98:e6:6e:2d:06:fc:0a:ee:ab:a8:0e:7e:2f:81:24:81:
22:7b:01:0d:99:90:c6:d7:be:0c:de:4a:ca:6e:d3:8a:f1:ef:
ac:96:6c:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYgkJZSBEXd7SPj4S4iJD/jDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjgxMjFkNTU2ZGY0NTM0NTY1NTNkY2I0NWM0MTQzZjRj
ZGQyMTMwHhcNMjMwNTE2MTA0MDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjYzNGQ5NjIyZDQwYTIxMzgxOTJlYTJmNjM3Njc4MjM1M2FlYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumc+KjHExP3FaS4kFjYWW3G8iHas
P0+UYqsRK9GLw846l+NHrN/g9g053LcgR4D4zWqA8SxHEMCNhSfuJIezqWENzXwn
Zd+zdMVUeNis8Qzuw4mEGN6qPdg+OmpwHKbBDYiq+8/qQXPPJa6QlkBUqwZ6zUHY
qj67rP/qvhOnobuxp2wP4K1sGoW1TU9ekrU1P/G8OUaigwc8UmkUw7GrzkozVFeN
Z+so9L9cBhGXV/TRKVA588QbKmQgPFrIu7D7j7rz1Fjax2oTWHQHvmIM1HUwJ9YG
qDOQ35WEqkmtjkPPQeZeG8pV4tdpHPxuxbGY4o45N6smy52tmvQqawlaYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBJjTZYi1AohOBkuovY3Z4I1OuoCMB8GA1UdIwQY
MBaAFJa4Eh1VbfRTRWVT3LRcQUP0zdITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUt
ZDRmNTMxN2M1ODMwLzEvRW1OTmxpTFVDaUU0R1M2aTlqZG5nalU2NmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUtZDRmNTMxN2M1ODMw
LzEvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARZE9AD
BAFZE9QwDQYJKoZIhvcNAQELBQADggEBAGBGxbmQ9Cbi7d78V5KYUriilTc9DNWq
Nmbn4JctbHJbVi5URjMAWbna2EXF7ygH7OPEuYSU0BgEANaLpfIyZSROkFoyfxH0
ZahLio3/uCTq11DPezEuYSYRlnUawPHV1qJ9aCouDITostxYHXNVAj+nKnW9rxCd
4QRTFqSTYoFKgSV/QvENZZ+ivWBdIWvwezP2DZzTuugYgUP9fkwmYTGLP9zSE4YB
zbj+XrEJkANUEsgq6Lmc/c2X2L8wpQQLqdzsEhkpnPOHZWVtPTf5m8JXgwa9dhGy
65hjmOZuLQb8Cu6rqA5+L4EkgSJ7AQ2ZkMbXvgzeSspu04rx76yWbA4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org