Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/ak3G_QnKcU_Bj5TrXAmb1emrV3o.roa
File: ak3G_QnKcU_Bj5TrXAmb1emrV3o.roa (raw, json)
Hash identifier: 47Jee0p/IoQb1Xvrd9XCS8T+h2PtQs51ZvkdvcLxLjw=
Subject key identifier: 6A:4D:C6:FD:09:CA:71:4F:C1:8F:94:EB:5C:09:9B:D5:E9:AB:57:7A
Certificate issuer: /CN=96b8121d556df453456553dcb45c4143f4cdd213
Certificate serial: 0188242593944469B3CD2C0926AFB476DB2F
Authority key identifier: 96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/ak3G_QnKcU_Bj5TrXAmb1emrV3o.roa
Signing time: Tue 16 May 2023 10:40:22 +0000
ROA not before: Tue 16 May 2023 10:40:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 89.19.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:25:93:94:44:69:b3:cd:2c:09:26:af:b4:76:db:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8121d556df453456553dcb45c4143f4cdd213
Validity
Not Before: May 16 10:40:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a4dc6fd09ca714fc18f94eb5c099bd5e9ab577a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:14:12:f1:a7:b7:14:75:48:63:2f:46:ed:40:
80:f3:74:a3:21:89:b1:e1:58:e9:6a:1e:43:a5:f5:
ee:34:31:fc:ed:f7:29:82:c5:ed:d6:46:9f:e8:2c:
05:79:51:11:91:11:32:27:4f:1e:e5:eb:0c:81:95:
ad:df:ef:d6:c3:45:9e:da:72:04:86:42:6a:ef:e2:
49:f7:5f:7b:cd:cf:4f:3b:72:d1:a0:74:05:84:63:
71:6f:0a:f0:4f:95:c8:48:6f:82:c9:ca:01:19:d4:
f6:d3:cd:e6:61:3e:66:c0:92:55:77:0e:c1:aa:6f:
80:b2:d5:3e:ef:9d:02:26:4f:22:db:9c:4f:b7:ff:
df:ac:5a:ab:a3:ba:71:be:db:81:72:62:e1:17:36:
71:af:3d:06:39:ff:a4:01:a1:5b:0c:a7:45:f7:a6:
79:24:b5:a1:11:7b:f1:30:d5:c6:2e:8d:e1:cc:8b:
8d:e1:6b:74:8a:52:70:2a:61:02:fe:47:f9:26:24:
24:c6:ba:88:3b:eb:6a:bd:0e:83:a5:4c:d8:92:ea:
ba:60:56:c4:19:0e:c7:3e:8a:ef:b5:ea:91:58:35:
24:5a:cc:a1:3e:8a:83:cf:0d:d4:b7:c4:b0:6d:b7:
cc:ec:77:1d:6e:1b:d1:02:a0:04:5b:57:7c:b0:37:
d5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4D:C6:FD:09:CA:71:4F:C1:8F:94:EB:5C:09:9B:D5:E9:AB:57:7A
X509v3 Authority Key Identifier:
keyid:96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/ak3G_QnKcU_Bj5TrXAmb1emrV3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.219.0/24
Signature Algorithm: sha256WithRSAEncryption
20:42:ba:71:1e:cc:34:96:9d:1f:b9:54:ae:5b:e3:84:bc:c7:
c6:94:48:d6:13:5d:38:35:b6:67:07:0c:54:f2:ae:66:dd:1c:
61:83:4e:2b:f1:01:47:8d:70:37:6f:92:e6:86:aa:bc:65:25:
9f:ec:0e:3f:16:7a:ce:f5:47:70:66:76:34:5f:8b:36:e1:a8:
98:ff:20:7d:95:e5:9e:c2:10:35:2d:e1:fb:80:95:20:8d:46:
35:2b:59:30:50:75:89:c9:a0:5f:c7:4d:28:c0:b9:d2:6c:93:
cc:aa:85:a4:b9:bf:29:b7:22:a5:9a:b1:e0:ed:6d:29:79:c6:
74:e5:df:b6:c6:cc:1a:a0:c7:94:7b:57:dc:11:4c:3f:a5:b3:
9c:4c:73:1d:43:fb:8a:bd:4e:6b:60:d3:64:02:fc:a0:59:d6:
b3:05:e6:42:1e:a2:88:c8:0f:7a:c4:ae:e7:b4:1f:16:16:28:
d3:2a:53:96:f7:ad:da:b7:22:96:2a:bd:d3:c1:b1:73:89:47:
f6:28:bd:a7:11:79:bb:2d:e0:c1:eb:fa:82:2d:9b:bf:46:73:
74:e0:a5:59:b6:de:49:53:68:42:20:10:2e:98:47:25:81:70:
b7:2f:09:b9:8f:28:2d:dd:73:3c:c0:f4:1f:46:d0:60:63:ba:
ac:f8:3c:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgkJZOURGmzzSwJJq+0dtsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjgxMjFkNTU2ZGY0NTM0NTY1NTNkY2I0NWM0MTQzZjRj
ZGQyMTMwHhcNMjMwNTE2MTA0MDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRkYzZmZDA5Y2E3MTRmYzE4Zjk0ZWI1YzA5OWJkNWU5YWI1NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RQS8ae3FHVIYy9G7UCA83SjIYmx
4Vjpah5DpfXuNDH87fcpgsXt1kaf6CwFeVERkREyJ08e5esMgZWt3+/Ww0We2nIE
hkJq7+JJ9197zc9PO3LRoHQFhGNxbwrwT5XISG+CycoBGdT2083mYT5mwJJVdw7B
qm+AstU+750CJk8i25xPt//frFqro7pxvtuBcmLhFzZxrz0GOf+kAaFbDKdF96Z5
JLWhEXvxMNXGLo3hzIuN4Wt0ilJwKmEC/kf5JiQkxrqIO+tqvQ6DpUzYkuq6YFbE
GQ7HPorvteqRWDUkWsyhPoqDzw3Ut8SwbbfM7HcdbhvRAqAEW1d8sDfV3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpNxv0JynFPwY+U61wJm9Xpq1d6MB8GA1UdIwQY
MBaAFJa4Eh1VbfRTRWVT3LRcQUP0zdITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUt
ZDRmNTMxN2M1ODMwLzEvYWszR19RbktjVV9CajVUclhBbWIxZW1yVjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUtZDRmNTMxN2M1ODMw
LzEvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRPbMA0G
CSqGSIb3DQEBCwUAA4IBAQAgQrpxHsw0lp0fuVSuW+OEvMfGlEjWE104NbZnBwxU
8q5m3Rxhg04r8QFHjXA3b5Lmhqq8ZSWf7A4/FnrO9UdwZnY0X4s24aiY/yB9leWe
whA1LeH7gJUgjUY1K1kwUHWJyaBfx00owLnSbJPMqoWkub8ptyKlmrHg7W0pecZ0
5d+2xswaoMeUe1fcEUw/pbOcTHMdQ/uKvU5rYNNkAvygWdazBeZCHqKIyA96xK7n
tB8WFijTKlOW963atyKWKr3TwbFziUf2KL2nEXm7LeDB6/qCLZu/RnN04KVZtt5J
U2hCIBAumEclgXC3Lwm5jygt3XM8wPQfRtBgY7qs+DzL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org