Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/1-J-3BKoCajDG7rp3dKvRwUWFKos.roa
File: 1-J-3BKoCajDG7rp3dKvRwUWFKos.roa (raw, json)
Hash identifier: +lVTNyvEvai21bKDyY/Jdd/+T4WQHzxJlu0330GMhkU=
Subject key identifier: F8:9F:B7:04:AA:02:6A:30:C6:EE:BA:77:74:AB:D1:C1:45:85:2A:8B
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0186FF67CBCB053DE3FACCADEC8E5318E12C
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/1-J-3BKoCajDG7rp3dKvRwUWFKos.roa
Signing time: Mon 20 Mar 2023 14:23:57 +0000
ROA not before: Mon 20 Mar 2023 14:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15516
IP address blocks: 89.19.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:67:cb:cb:05:3d:e3:fa:cc:ad:ec:8e:53:18:e1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Mar 20 14:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f89fb704aa026a30c6eeba7774abd1c145852a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:d0:34:3d:f8:ff:df:84:b7:b9:45:4d:63:
8a:a7:1f:c3:8c:eb:d6:11:63:94:12:2c:dd:8e:3d:
d9:60:65:27:2c:4e:65:df:c1:6f:f9:db:f5:16:4f:
70:96:b7:fc:09:45:39:7e:6e:67:54:40:1e:0e:14:
d4:26:36:46:6d:e1:61:a2:7c:ae:1c:4b:c5:a8:3d:
99:4a:d6:04:61:04:2c:86:ee:76:8f:f8:25:b8:07:
3d:98:c9:2b:9a:74:1c:13:a0:43:6b:1b:0b:a5:15:
bb:98:ca:e1:c8:3f:0c:57:86:1a:0a:87:0e:31:d4:
56:28:0b:83:5c:28:d7:1d:c1:a0:2f:c9:e7:21:3b:
b7:d5:36:3b:b1:bc:fa:6f:9a:06:ee:57:20:60:af:
49:a1:35:9f:06:70:4f:18:c6:45:65:2d:f2:af:c8:
3c:55:e7:9b:80:a3:e2:c9:5a:e7:1b:33:d1:08:0c:
a4:2c:47:f6:d6:67:95:74:37:c0:3c:f8:87:de:b4:
26:ab:5c:c7:d3:a0:d9:87:09:cb:ce:75:e2:ea:0e:
b4:c0:33:df:3a:42:c8:59:4b:33:33:e1:3e:4a:10:
b3:4f:1f:cb:66:9c:b8:15:1d:37:6e:d9:11:82:60:
e9:86:7b:a2:d9:0d:fe:fd:8d:46:67:7a:36:14:93:
ab:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9F:B7:04:AA:02:6A:30:C6:EE:BA:77:74:AB:D1:C1:45:85:2A:8B
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/1-J-3BKoCajDG7rp3dKvRwUWFKos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.128.0/19
Signature Algorithm: sha256WithRSAEncryption
0e:bd:7b:e2:49:9c:13:06:dd:d1:50:e4:16:3e:10:d8:15:00:
ce:20:3b:4d:7a:86:16:a9:4b:c2:29:a5:3a:6c:dc:9c:fe:bd:
50:b0:d3:b1:5a:20:14:77:d4:55:58:3d:2c:32:00:aa:cd:e3:
2d:dd:fd:31:22:8f:5a:d9:fa:48:5d:14:99:b3:3c:4d:e1:19:
34:ca:9b:ea:f7:3e:1d:76:6b:3a:8c:91:a2:a4:34:2f:47:fa:
88:a1:3a:fc:9c:12:fc:4c:79:42:42:f0:57:65:be:b1:90:4a:
ce:36:e9:11:68:e0:fa:67:9f:32:e5:73:bb:8c:71:ae:89:98:
1e:54:29:22:bf:be:e7:cc:70:71:7b:3c:34:4c:c2:78:68:b0:
df:06:92:b7:07:02:bb:8a:d6:4f:d7:21:11:a7:4f:10:2e:4d:
31:61:da:5a:48:e4:b8:bf:2b:9d:7a:12:29:92:6b:c3:a1:e0:
35:4b:50:8d:96:e3:9f:c1:41:0c:19:c5:35:66:f6:c0:ff:3d:
42:e1:f9:03:1a:3b:5a:8c:4f:28:0c:29:0a:ed:c5:5d:62:43:
34:a3:c9:3b:92:73:98:22:e2:55:2f:1a:f9:55:23:bf:82:21:
13:5b:12:e5:6b:7b:79:82:69:1e:bf:11:87:df:ac:d3:5f:af:
32:0b:a9:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYb/Z8vLBT3j+syt7I5TGOEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjMwMzIwMTQyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODlmYjcwNGFhMDI2YTMwYzZlZWJhNzc3NGFiZDFjMTQ1ODUyYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukPQND34/9+Et7lFTWOKpx/DjOvW
EWOUEizdjj3ZYGUnLE5l38Fv+dv1Fk9wlrf8CUU5fm5nVEAeDhTUJjZGbeFhonyu
HEvFqD2ZStYEYQQshu52j/gluAc9mMkrmnQcE6BDaxsLpRW7mMrhyD8MV4YaCocO
MdRWKAuDXCjXHcGgL8nnITu31TY7sbz6b5oG7lcgYK9JoTWfBnBPGMZFZS3yr8g8
VeebgKPiyVrnGzPRCAykLEf21meVdDfAPPiH3rQmq1zH06DZhwnLznXi6g60wDPf
OkLIWUszM+E+ShCzTx/LZpy4FR03btkRgmDphnui2Q3+/Y1GZ3o2FJOrIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPiftwSqAmowxu66d3Sr0cFFhSqLMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvMS1KLTNCS29DYWpERzdycDNkS3ZSd1VXRktvcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvMDRkMzQ4LTc1YjktNDhkMi1iZTEwLTkxMTkwYTAyZGI3
MC8xL0xvc2t4MnJZZW13ZjdmLXZDTm14ZTBVa21aRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVkTgDAN
BgkqhkiG9w0BAQsFAAOCAQEADr174kmcEwbd0VDkFj4Q2BUAziA7TXqGFqlLwiml
OmzcnP69ULDTsVogFHfUVVg9LDIAqs3jLd39MSKPWtn6SF0UmbM8TeEZNMqb6vc+
HXZrOoyRoqQ0L0f6iKE6/JwS/Ex5QkLwV2W+sZBKzjbpEWjg+mefMuVzu4xxromY
HlQpIr++58xwcXs8NEzCeGiw3waStwcCu4rWT9chEadPEC5NMWHaWkjkuL8rnXoS
KZJrw6HgNUtQjZbjn8FBDBnFNWb2wP89QuH5Axo7WoxPKAwpCu3FXWJDNKPJO5Jz
mCLiVS8a+VUjv4IhE1sS5Wt7eYJpHr8Rh9+s01+vMguplA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:52 2024 by rpki-client on console-ams.rpki-client.org