Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/kdwcEu3YuariSrHicjlJqJJYIxk.roa
File: kdwcEu3YuariSrHicjlJqJJYIxk.roa (raw, json)
Hash identifier: r7qOjNq7b7HeMQXyCCO9CQxRJOAoc+xtm63yO34B6Zw=
Subject key identifier: 91:DC:1C:12:ED:D8:B9:AA:E2:4A:B1:E2:72:39:49:A8:92:58:23:19
Certificate issuer: /CN=96b8121d556df453456553dcb45c4143f4cdd213
Certificate serial: 01882EDCFACD3D15A2F02A73449ECBE236BE
Authority key identifier: 96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/kdwcEu3YuariSrHicjlJqJJYIxk.roa
Signing time: Thu 18 May 2023 12:36:54 +0000
ROA not before: Thu 18 May 2023 12:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 89.19.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:dc:fa:cd:3d:15:a2:f0:2a:73:44:9e:cb:e2:36:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8121d556df453456553dcb45c4143f4cdd213
Validity
Not Before: May 18 12:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91dc1c12edd8b9aae24ab1e2723949a892582319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:e0:50:4f:26:07:b7:65:d2:85:70:ab:ff:
ba:db:52:5c:4e:e6:ba:15:41:73:75:90:12:d6:90:
35:f8:06:1c:5b:f8:02:2a:f9:3f:34:0d:46:31:7e:
0f:e2:56:f0:ff:c2:14:69:ba:75:11:dd:3b:37:df:
01:f1:23:a6:4a:40:c2:7a:af:b0:f1:1b:b8:95:a1:
75:9d:e0:e1:d7:0e:7a:26:5f:43:2b:44:0f:41:f3:
a6:69:90:4e:f9:c9:51:a3:44:d5:13:d4:18:ee:bd:
57:ec:85:0e:b6:5b:63:6a:99:1c:83:ea:01:98:96:
c7:e3:73:78:86:18:50:eb:5b:67:9d:d1:a3:ee:e6:
bb:b9:a3:3b:ca:6a:fe:aa:0c:7e:26:a1:e7:ae:2d:
27:21:be:84:09:eb:98:d3:15:0f:a9:af:d1:42:2d:
ab:2e:51:a1:18:18:53:10:ad:a4:5b:ed:df:74:53:
85:1d:29:b6:9d:70:95:5c:5f:7e:32:4d:fd:69:c1:
31:8b:ca:80:13:f3:f8:5f:ad:fd:16:0d:90:df:9a:
c3:91:20:06:a0:3a:bc:40:69:06:49:41:1b:5b:a7:
24:42:a4:b8:a2:95:9f:38:f2:d5:ed:07:7e:c8:32:
48:1b:29:2d:e4:a5:88:69:c5:79:f3:27:73:e0:c6:
3b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DC:1C:12:ED:D8:B9:AA:E2:4A:B1:E2:72:39:49:A8:92:58:23:19
X509v3 Authority Key Identifier:
keyid:96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/kdwcEu3YuariSrHicjlJqJJYIxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.220.0/24
Signature Algorithm: sha256WithRSAEncryption
61:c4:95:ea:59:6d:bf:8f:f2:8f:a3:01:c0:d7:99:d8:3e:96:
9c:8c:11:71:59:52:c7:9e:12:ee:89:c4:15:e6:83:55:fe:ce:
6d:8b:8f:30:e6:0e:ae:f8:13:55:ad:4a:cb:26:52:d4:6c:3d:
a5:40:3b:4a:e2:f6:a2:5e:6c:e3:5e:d6:43:e7:d9:8f:25:b6:
0e:b7:50:fe:af:69:de:70:50:3f:28:a3:ce:4a:ab:9b:1e:34:
f5:dc:3f:d5:f7:de:a2:a1:f1:bf:5d:cd:f1:09:fe:e1:0e:56:
92:d3:8f:65:f0:6c:95:df:43:db:9e:a9:cc:8b:94:8b:54:c9:
03:84:3d:65:c2:9c:57:e4:88:08:c1:bf:5c:43:a7:11:31:c1:
b8:6c:47:79:05:6b:d8:d3:9c:0a:d7:9a:32:3e:34:9e:04:4e:
d8:d8:e7:e5:65:8f:be:7f:eb:a6:a6:e5:fb:da:cb:99:35:d3:
d0:03:ae:df:3d:b5:bb:8d:90:b8:67:a2:f6:fa:08:f3:45:66:
ef:f3:58:34:b0:9f:b3:76:7b:7c:e3:f9:88:3c:27:02:6c:14:
d9:00:75:30:ef:bf:49:92:73:60:3a:fa:66:2e:06:01:d2:ad:
9e:38:eb:3c:ec:85:70:5e:46:a6:f4:f4:96:de:41:6a:a9:cb:
78:eb:93:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgu3PrNPRWi8CpzRJ7L4ja+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjgxMjFkNTU2ZGY0NTM0NTY1NTNkY2I0NWM0MTQzZjRj
ZGQyMTMwHhcNMjMwNTE4MTIzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRjMWMxMmVkZDhiOWFhZTI0YWIxZTI3MjM5NDlhODkyNTgyMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqfgUE8mB7dl0oVwq/+621JcTua6
FUFzdZAS1pA1+AYcW/gCKvk/NA1GMX4P4lbw/8IUabp1Ed07N98B8SOmSkDCeq+w
8Ru4laF1neDh1w56Jl9DK0QPQfOmaZBO+clRo0TVE9QY7r1X7IUOtltjapkcg+oB
mJbH43N4hhhQ61tnndGj7ua7uaM7ymr+qgx+JqHnri0nIb6ECeuY0xUPqa/RQi2r
LlGhGBhTEK2kW+3fdFOFHSm2nXCVXF9+Mk39acExi8qAE/P4X639Fg2Q35rDkSAG
oDq8QGkGSUEbW6ckQqS4opWfOPLV7Qd+yDJIGykt5KWIacV58ydz4MY7tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHcHBLt2Lmq4kqx4nI5SaiSWCMZMB8GA1UdIwQY
MBaAFJa4Eh1VbfRTRWVT3LRcQUP0zdITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUt
ZDRmNTMxN2M1ODMwLzEva2R3Y0V1M1l1YXJpU3JIaWNqbEpxSkpZSXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUtZDRmNTMxN2M1ODMw
LzEvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBhxJXqWW2/j/KPowHA15nYPpacjBFxWVLHnhLuicQV
5oNV/s5ti48w5g6u+BNVrUrLJlLUbD2lQDtK4vaiXmzjXtZD59mPJbYOt1D+r2ne
cFA/KKPOSqubHjT13D/V996iofG/Xc3xCf7hDlaS049l8GyV30PbnqnMi5SLVMkD
hD1lwpxX5IgIwb9cQ6cRMcG4bEd5BWvY05wK15oyPjSeBE7Y2OflZY++f+umpuX7
2suZNdPQA67fPbW7jZC4Z6L2+gjzRWbv81g0sJ+zdnt84/mIPCcCbBTZAHUw779J
knNgOvpmLgYB0q2eOOs87IVwXkam9PSW3kFqqct465No
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:54 2024 by rpki-client on console-ams.rpki-client.org