Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/01VU3_p9-0BO4HE5GYI5uNvoojY.roa
File: 01VU3_p9-0BO4HE5GYI5uNvoojY.roa (raw, json)
Hash identifier: JLWJ9Y6KhYArrPvu3TsTzawtC14OCk4Ehi6LeR+8U9E=
Subject key identifier: D3:55:54:DF:FA:7D:FB:40:4E:E0:71:39:19:82:39:B8:DB:E8:A2:36
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A3A1F5D
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/01VU3_p9-0BO4HE5GYI5uNvoojY.roa
Signing time: Wed 23 Feb 2022 20:04:47 +0000
ROA not before: Wed 23 Feb 2022 20:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 89.46.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171581277 (0xa3a1f5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 23 20:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d35554dffa7dfb404ee07139198239b8dbe8a236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5a:ad:59:c3:24:b5:74:3f:3d:68:21:6b:f9:
1c:94:61:92:c6:23:fe:76:a0:56:bd:31:3e:e1:a3:
f7:d5:ea:00:30:5b:2f:0a:e0:39:a4:25:cb:1f:43:
69:7c:85:4c:b7:b8:f4:73:b2:e8:e8:9d:18:38:30:
1d:10:20:b1:52:7c:2f:53:de:53:fc:bf:31:a0:5e:
16:57:cd:48:f9:85:a4:73:88:75:b7:6d:65:2a:7e:
4c:0c:4e:9f:12:65:ec:b4:96:6d:aa:4d:36:4a:c6:
0c:21:b7:40:76:1a:3d:9c:f2:87:01:9f:bc:8f:22:
f4:a4:03:48:5c:39:e7:e0:da:80:97:e6:d1:cc:dd:
af:9e:b7:2a:02:37:01:3f:4a:ad:46:87:c1:45:e2:
b3:7f:5e:84:94:6b:6e:45:7f:a8:f3:5e:1e:16:c6:
5f:7d:06:ed:51:68:85:8a:a0:8d:9a:52:a1:6f:f2:
94:b6:0e:8e:0e:88:e2:75:52:a1:10:97:75:5c:35:
56:93:f1:b3:7f:d4:4c:30:1b:76:f2:24:d2:15:28:
b8:4c:47:f0:f9:78:e4:1a:ee:2c:b6:a4:a1:c9:5c:
cc:dc:98:95:1f:04:6a:12:22:28:9f:4e:6b:7e:ce:
2e:bb:b2:5c:8e:57:43:56:91:88:1e:ed:85:fb:7f:
5f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:55:54:DF:FA:7D:FB:40:4E:E0:71:39:19:82:39:B8:DB:E8:A2:36
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/01VU3_p9-0BO4HE5GYI5uNvoojY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/24
Signature Algorithm: sha256WithRSAEncryption
70:20:1d:b7:67:27:fd:dc:f3:e8:58:5a:79:99:4a:21:a9:94:
0e:79:41:48:5a:f9:53:e2:d7:03:7a:a6:f0:e5:20:09:d0:e8:
12:26:bd:66:5b:6f:53:03:81:ff:e8:f2:36:f9:6d:1b:d5:dc:
78:ed:bd:e0:48:a3:14:cf:38:8b:93:37:f2:ec:8d:30:8f:f4:
23:d5:83:39:e2:a7:d3:db:93:a4:a9:96:5f:92:9e:f5:d7:0a:
77:96:59:df:c2:e2:6c:fb:13:81:5b:bc:eb:d3:41:e1:d4:1f:
9b:32:8f:71:92:3d:29:e7:f9:cf:e4:98:f5:ca:12:3d:26:07:
e1:c6:4d:29:64:c4:5a:0e:6e:a8:74:dc:97:f8:b3:98:0f:41:
22:60:12:a6:09:4a:2e:c5:29:41:4e:e6:6a:b8:64:3d:10:ab:
63:f4:f6:98:83:fc:13:02:21:c3:d3:ea:5c:f7:eb:14:41:11:
4f:dc:e4:e8:f0:ad:5a:23:33:47:af:59:be:80:16:7f:9f:79:
ed:fe:0d:3d:5f:5a:c9:75:5a:d3:95:98:1b:d3:15:78:40:76:
11:4c:9b:84:28:85:f9:de:a8:e4:19:96:e4:9c:22:5a:6f:5e:
31:08:9c:17:ee:52:db:02:89:d7:7b:1f:02:44:f5:4b:24:63:
cc:36:08:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjofXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIy
MzIwMDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM1NTU0ZGZmYTdk
ZmI0MDRlZTA3MTM5MTk4MjM5YjhkYmU4YTIzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBarVnDJLV0Pz1oIWv5HJRhksYj/nagVr0xPuGj99XqADBb
LwrgOaQlyx9DaXyFTLe49HOy6OidGDgwHRAgsVJ8L1PeU/y/MaBeFlfNSPmFpHOI
dbdtZSp+TAxOnxJl7LSWbapNNkrGDCG3QHYaPZzyhwGfvI8i9KQDSFw55+DagJfm
0czdr563KgI3AT9KrUaHwUXis39ehJRrbkV/qPNeHhbGX30G7VFohYqgjZpSoW/y
lLYOjg6I4nVSoRCXdVw1VpPxs3/UTDAbdvIk0hUouExH8Pl45BruLLakoclczNyY
lR8EahIiKJ9Oa37OLruyXI5XQ1aRiB7thft/X1sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTVVTf+n37QE7gcTkZgjm42+iiNjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzAxVlUzX3A5LTBCTzRIRTVHWUk1dU52b29qWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYDANBgkqhkiG9w0BAQsFAAOC
AQEAcCAdt2cn/dzz6FhaeZlKIamUDnlBSFr5U+LXA3qm8OUgCdDoEia9ZltvUwOB
/+jyNvltG9XceO294EijFM84i5M38uyNMI/0I9WDOeKn09uTpKmWX5Ke9dcKd5ZZ
38LibPsTgVu869NB4dQfmzKPcZI9Kef5z+SY9coSPSYH4cZNKWTEWg5uqHTcl/iz
mA9BImASpglKLsUpQU7marhkPRCrY/T2mIP8EwIhw9PqXPfrFEERT9zk6PCtWiMz
R69ZvoAWf5957f4NPV9ayXVa05WYG9MVeEB2EUybhCiF+d6o5BmW5JwiWm9eMQic
F+5S2wKJ13sfAkT1SyRjzDYIiw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org