Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5vmJfHESqoA4ZVmMITWhVTFevM.roa
File: l5vmJfHESqoA4ZVmMITWhVTFevM.roa (raw, json)
Hash identifier: En/V/Sd+gHleOvXyb3hbLoMLwZ12bxqlz9C3SCorJIc=
Subject key identifier: 97:9B:E6:25:F1:C4:4A:AA:00:E1:95:66:30:84:D6:85:54:C5:7A:F3
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 066663BB
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5vmJfHESqoA4ZVmMITWhVTFevM.roa
Signing time: Wed 16 Mar 2022 15:52:27 +0000
ROA not before: Wed 16 Mar 2022 15:52:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57271
IP address blocks: 194.147.89.0/24 maxlen: 24
2a01:48a0:4001::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107373499 (0x66663bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 16 15:52:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=979be625f1c44aaa00e195663084d68554c57af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b1:e3:a8:07:1a:ee:52:19:5c:a2:6b:f3:dc:
59:2b:e7:82:1c:52:e3:fd:b9:fe:7b:bf:87:34:3f:
13:9a:06:20:fd:20:32:e6:36:69:c7:5f:16:0a:b8:
45:f1:b4:be:b5:56:10:2b:c7:32:f5:f1:2a:7c:cf:
83:ad:79:c0:0b:e6:f9:26:3c:c6:e1:d2:1c:88:10:
ad:55:f1:91:d9:d1:e8:93:1e:ba:90:bc:de:f7:bc:
c2:2b:88:92:8c:e0:46:b5:05:37:52:fa:df:15:1d:
3a:72:e4:66:60:20:b2:ed:5c:57:59:ee:a3:13:50:
62:ed:a6:ae:e9:3d:24:74:0c:d5:68:04:0e:9d:d9:
92:2d:24:35:89:3d:fc:52:85:13:48:ef:df:49:1d:
cb:f8:de:0e:3b:aa:33:9c:1c:02:3a:60:5e:96:ba:
96:e0:39:bc:5c:7c:d3:e4:13:05:02:8f:28:9e:29:
14:5a:5b:d0:7b:37:0a:44:5d:e1:eb:3a:91:46:9d:
42:16:43:b2:aa:2d:05:f0:79:50:5e:7f:8a:de:29:
14:45:de:dd:5d:0a:7c:d3:14:ab:c9:39:02:19:6f:
bc:1f:97:31:de:29:31:c9:64:77:37:df:a4:ab:a5:
56:55:be:8b:eb:90:d3:80:b5:0b:1f:c1:f8:f8:82:
7c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:9B:E6:25:F1:C4:4A:AA:00:E1:95:66:30:84:D6:85:54:C5:7A:F3
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/l5vmJfHESqoA4ZVmMITWhVTFevM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.89.0/24
IPv6:
2a01:48a0:4001::/48
Signature Algorithm: sha256WithRSAEncryption
a4:02:6e:25:63:f0:73:9d:68:6d:e0:d6:7f:8b:6e:a3:f7:a8:
cc:89:d6:66:a5:7d:01:9c:c3:88:33:e7:04:98:0b:4b:82:32:
d1:12:fd:20:f3:c1:34:6f:d8:f7:7b:50:5a:82:3f:b9:fd:f1:
5b:05:c1:e5:93:34:80:b1:f9:7e:ce:d5:af:f5:fa:54:34:2d:
d1:ab:0f:bb:0b:ec:b8:45:dc:1e:3e:36:c7:4c:9f:4a:39:27:
41:f4:5d:c5:28:b3:84:bb:b6:7f:19:35:4c:a6:e2:d1:8b:23:
b3:08:af:aa:73:73:1f:c6:3e:3d:75:d1:b9:2d:63:f5:b2:6a:
c4:d7:62:1c:a8:74:85:b5:1a:9d:df:d0:7e:f0:b6:13:a6:e8:
de:02:00:b7:c5:68:9a:c3:27:a2:ec:c0:89:ba:83:76:48:12:
bf:15:6c:c3:a6:b2:df:b3:62:e0:d7:2f:27:84:66:91:cb:30:
6b:22:0a:44:82:f1:56:ba:0b:5d:be:b0:5a:a7:e4:a4:20:ca:
ec:91:b1:ae:0a:65:b9:98:fb:11:d0:4f:fe:dc:e4:56:95:89:
46:60:2c:13:47:b3:4d:df:c3:6b:8a:7d:48:f0:64:e1:2d:70:
b1:c7:0a:62:48:d2:54:b2:be:9c:44:23:4a:b6:c6:d6:20:a9:
f0:28:41:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBmZjuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDMx
NjE1NTIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc5YmU2MjVmMWM0
NGFhYTAwZTE5NTY2MzA4NGQ2ODU1NGM1N2FmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCx46gHGu5SGVyia/PcWSvnghxS4/25/nu/hzQ/E5oGIP0g
MuY2acdfFgq4RfG0vrVWECvHMvXxKnzPg615wAvm+SY8xuHSHIgQrVXxkdnR6JMe
upC83ve8wiuIkozgRrUFN1L63xUdOnLkZmAgsu1cV1nuoxNQYu2mruk9JHQM1WgE
Dp3Zki0kNYk9/FKFE0jv30kdy/jeDjuqM5wcAjpgXpa6luA5vFx80+QTBQKPKJ4p
FFpb0Hs3CkRd4es6kUadQhZDsqotBfB5UF5/it4pFEXe3V0KfNMUq8k5AhlvvB+X
Md4pMclkdzffpKulVlW+i+uQ04C1Cx/B+PiCfMECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSXm+Yl8cRKqgDhlWYwhNaFVMV68zAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L2w1dm1KZkhFU3FvQTRaVm1NSVRXaFZURmV2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMKTWTAPBAIAAjAJAwcAKgFIoEAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCkAm4lY/BznWht4NZ/i26j96jMidZmpX0BnMOI
M+cEmAtLgjLREv0g88E0b9j3e1Bagj+5/fFbBcHlkzSAsfl+ztWv9fpUNC3Rqw+7
C+y4RdwePjbHTJ9KOSdB9F3FKLOEu7Z/GTVMpuLRiyOzCK+qc3Mfxj49ddG5LWP1
smrE12IcqHSFtRqd39B+8LYTpujeAgC3xWiawyei7MCJuoN2SBK/FWzDprLfs2Lg
1y8nhGaRyzBrIgpEgvFWugtdvrBap+SkIMrskbGuCmW5mPsR0E/+3ORWlYlGYCwT
R7NN38Nrin1I8GThLXCxxwpiSNJUsr6cRCNKtsbWIKnwKEF9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org