Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/WVaFCvgAcNfhfDg6x6Ix1vPuDfE.roa
File: WVaFCvgAcNfhfDg6x6Ix1vPuDfE.roa (raw, json)
Hash identifier: QbGU0kQTcV+tf++kvQINLPeXb7QC6oprwoGzZ4s/0ek=
Subject key identifier: 59:56:85:0A:F8:00:70:D7:E1:7C:38:3A:C7:A2:31:D6:F3:EE:0D:F1
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018291D3F92F444E0FE21599D560FF7BB55B
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/WVaFCvgAcNfhfDg6x6Ix1vPuDfE.roa
Signing time: Fri 12 Aug 2022 11:32:44 +0000
ROA not before: Fri 12 Aug 2022 11:32:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 93.114.62.0/24 maxlen: 24
89.46.11.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:91:d3:f9:2f:44:4e:0f:e2:15:99:d5:60:ff:7b:b5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Aug 12 11:32:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5956850af80070d7e17c383ac7a231d6f3ee0df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:40:bb:10:0e:5e:bf:35:75:30:fd:7f:69:4a:
6a:9c:4d:13:c7:37:70:6a:11:1b:35:6a:1b:9e:c6:
c5:fe:7c:13:ed:16:51:1a:81:00:bd:b1:16:f5:d8:
8c:a1:67:0c:f4:ff:01:e5:a0:07:54:30:ac:d9:60:
6c:1a:97:09:95:39:96:dc:34:e6:ae:75:4c:42:3e:
9d:4a:18:02:a9:c2:b1:83:86:2a:2a:22:af:37:d3:
cb:d7:b4:ab:2a:30:fc:40:75:97:cb:08:d6:f7:99:
26:ed:29:ca:7d:54:9a:ff:78:15:38:3b:a5:34:d6:
16:42:5e:a6:1f:46:b0:cf:aa:7d:f0:cb:38:1a:d4:
3a:64:13:dc:d1:77:1d:75:c0:70:e6:a4:54:b1:e5:
d3:fc:64:7e:67:c1:01:a0:39:8f:20:00:91:62:61:
d4:1d:e1:84:fa:e1:4e:55:fd:38:9b:d0:81:46:df:
17:b8:dd:1a:16:f9:f2:0b:a6:bc:f3:00:9f:30:f8:
56:e3:c2:88:54:35:dc:d8:ab:24:31:69:2a:89:e6:
78:3c:72:5d:ef:cb:ab:42:41:24:22:4e:02:02:c5:
5e:ff:ae:63:71:97:b8:9a:2f:08:37:d5:92:3f:43:
b5:e3:30:b7:ff:30:c8:b0:f4:e4:2e:f3:3e:60:75:
b4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:56:85:0A:F8:00:70:D7:E1:7C:38:3A:C7:A2:31:D6:F3:EE:0D:F1
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/WVaFCvgAcNfhfDg6x6Ix1vPuDfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.11.0/24
93.114.62.0/24
Signature Algorithm: sha256WithRSAEncryption
23:50:5c:a4:ef:bc:1d:fe:50:d0:79:8e:71:77:e3:51:c2:1f:
81:75:3b:75:0c:fc:f6:b6:74:09:b8:de:1b:8d:39:70:e4:74:
03:60:cc:dd:02:29:15:10:29:6f:ef:38:d6:55:ef:7f:2b:f8:
da:59:db:e9:00:ad:33:6d:3f:cc:90:e3:0c:6c:2f:8a:0d:a8:
9b:a5:e7:e9:50:d8:0f:0b:b9:fd:89:db:ea:c4:28:7d:89:34:
90:f3:13:0a:e6:82:d1:72:37:c6:ff:4b:20:66:72:c9:39:52:
e5:69:df:84:ba:47:0a:2d:26:9b:c5:09:c9:f0:c2:de:3c:b6:
86:43:8e:81:da:1c:7b:e8:e2:4c:db:56:76:0e:b9:41:df:d5:
36:b1:44:fb:3f:bb:88:5f:1e:60:fe:c5:c0:65:4f:71:47:f2:
7b:2b:74:74:7d:e0:57:9f:e7:ce:4e:0b:37:4c:87:8b:d7:74:
15:d0:c5:b1:c2:ff:71:be:cb:8e:33:87:1a:a5:57:3e:77:fa:
46:32:3a:d9:17:b5:ef:a0:48:87:ca:ba:36:0f:99:88:5f:42:
15:e7:4a:fe:a3:14:da:01:e9:9e:01:dc:e4:93:b3:0e:29:13:
f2:cf:82:ce:e5:01:d4:bb:cc:86:41:53:ff:bd:61:21:16:f2:
73:bd:df:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKR0/kvRE4P4hWZ1WD/e7VbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIwODEyMTEzMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTU2ODUwYWY4MDA3MGQ3ZTE3YzM4M2FjN2EyMzFkNmYzZWUwZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUC7EA5evzV1MP1/aUpqnE0Txzdw
ahEbNWobnsbF/nwT7RZRGoEAvbEW9diMoWcM9P8B5aAHVDCs2WBsGpcJlTmW3DTm
rnVMQj6dShgCqcKxg4YqKiKvN9PL17SrKjD8QHWXywjW95km7SnKfVSa/3gVODul
NNYWQl6mH0awz6p98Ms4GtQ6ZBPc0XcddcBw5qRUseXT/GR+Z8EBoDmPIACRYmHU
HeGE+uFOVf04m9CBRt8XuN0aFvnyC6a88wCfMPhW48KIVDXc2KskMWkqieZ4PHJd
78urQkEkIk4CAsVe/65jcZe4mi8IN9WSP0O14zC3/zDIsPTkLvM+YHW09QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFlWhQr4AHDX4Xw4OseiMdbz7g3xMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvV1ZhRkN2Z0FjTmZoZkRnNng2SXgxdlB1RGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS4LAwQA
XXI+MA0GCSqGSIb3DQEBCwUAA4IBAQAjUFyk77wd/lDQeY5xd+NRwh+BdTt1DPz2
tnQJuN4bjTlw5HQDYMzdAikVEClv7zjWVe9/K/jaWdvpAK0zbT/MkOMMbC+KDaib
pefpUNgPC7n9idvqxCh9iTSQ8xMK5oLRcjfG/0sgZnLJOVLlad+EukcKLSabxQnJ
8MLePLaGQ46B2hx76OJM21Z2DrlB39U2sUT7P7uIXx5g/sXAZU9xR/J7K3R0feBX
n+fOTgs3TIeL13QV0MWxwv9xvsuOM4capVc+d/pGMjrZF7XvoEiHyro2D5mIX0IV
50r+oxTaAemeAdzkk7MOKRPyz4LO5QHUu8yGQVP/vWEhFvJzvd+u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:56 2025 by rpki-client