Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/0vRASM_e2PPPUyvrM4cb1bAUtG0.roa
File: 0vRASM_e2PPPUyvrM4cb1bAUtG0.roa (raw, json)
Hash identifier: hOyCqbixoRwGp4NlgMF5NqFfF+6z6A8vmrZHatfikD0=
Subject key identifier: D2:F4:40:48:CF:DE:D8:F3:CF:53:2B:EB:33:87:1B:D5:B0:14:B4:6D
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A9BC868
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/0vRASM_e2PPPUyvrM4cb1bAUtG0.roa
Signing time: Tue 22 Mar 2022 14:33:33 +0000
ROA not before: Tue 22 Mar 2022 14:33:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209181
IP address blocks: 89.46.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177981544 (0xa9bc868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 22 14:33:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2f44048cfded8f3cf532beb33871bd5b014b46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f2:0a:fd:10:a9:77:a2:71:2c:bf:c1:6e:5e:
f8:d8:d0:b0:72:e6:44:7c:78:1b:2a:c6:9f:d5:61:
07:46:2a:34:c4:6c:02:be:29:b6:94:be:28:d3:c6:
6e:b2:57:8c:9a:84:28:c4:f0:d8:87:50:3f:9a:2c:
fc:3d:31:64:ec:56:07:52:07:1e:32:7f:62:0c:ef:
3d:8b:d6:7c:14:c2:b7:7e:b3:16:7a:14:7a:cb:0f:
4b:96:7e:c3:d7:64:37:1b:cc:08:c5:3a:00:d7:02:
ad:6d:28:cc:4f:6f:f8:f2:8b:08:34:4a:cc:50:63:
22:2d:94:3b:a2:6b:b4:fd:fe:e0:b7:6f:e3:51:bf:
9c:d3:c6:d7:17:31:b4:03:68:62:c1:1b:24:05:ad:
03:11:64:2e:be:af:eb:11:68:6b:11:04:b2:6b:92:
97:23:fc:62:77:fe:80:38:a8:b2:5a:de:34:59:b0:
45:2a:0c:cf:c3:d2:db:a5:b5:95:b3:a1:e3:1a:65:
87:0a:2f:5c:b6:99:d1:1b:71:25:da:33:44:5e:c7:
97:c9:8b:b4:ba:c6:bf:1d:0f:a7:71:4f:f0:c0:55:
42:df:66:22:e0:44:7a:66:45:83:24:f2:32:c1:b4:
b1:d1:cc:d6:fd:fe:70:8a:a6:86:2d:1c:3b:0e:e9:
20:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F4:40:48:CF:DE:D8:F3:CF:53:2B:EB:33:87:1B:D5:B0:14:B4:6D
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/0vRASM_e2PPPUyvrM4cb1bAUtG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:9f:95:b8:ee:a1:c0:fe:fb:8b:57:f6:0c:f4:52:95:57:07:
b2:58:92:c7:07:75:d4:ff:16:5b:9b:ef:57:d9:69:f2:79:fd:
09:53:c5:cc:91:8f:90:f1:a8:92:33:99:42:72:f3:6e:bc:71:
54:38:12:07:9a:ba:66:09:1f:02:1b:81:f8:9d:f6:48:5d:5e:
3a:c9:84:81:32:ab:bc:18:72:a2:64:d4:cb:25:9a:4e:00:0e:
84:d0:5d:ae:07:6c:12:f2:8d:45:58:58:28:ce:7b:9b:d2:69:
e5:fc:95:3b:0f:fe:44:c3:62:87:75:46:d6:68:cb:4b:b5:9c:
4b:a8:2e:1b:98:f8:3a:8f:b9:2b:68:ca:5b:33:15:95:79:51:
84:f7:21:6e:ed:ac:63:5a:1c:3e:42:d8:13:6e:de:fb:0b:99:
b0:12:61:85:7b:23:a9:c1:b3:79:a7:cc:3a:0f:7d:20:78:8a:
d0:d5:8f:fa:e4:23:79:87:8a:39:dc:99:03:a2:0b:45:9b:a1:
d6:e1:47:05:e7:4d:68:aa:cf:dc:07:74:5f:61:dc:93:71:81:
60:96:c0:02:c5:7e:06:5d:f3:42:0b:5b:89:17:15:60:93:bd:
9f:08:f5:6c:bb:b0:7f:53:58:e9:70:d3:e7:02:da:7a:d7:7a:
25:5d:3f:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECpvIaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMy
MjE0MzMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJmNDQwNDhjZmRl
ZDhmM2NmNTMyYmViMzM4NzFiZDViMDE0YjQ2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHyCv0QqXeicSy/wW5e+NjQsHLmRHx4GyrGn9VhB0YqNMRs
Ar4ptpS+KNPGbrJXjJqEKMTw2IdQP5os/D0xZOxWB1IHHjJ/YgzvPYvWfBTCt36z
FnoUessPS5Z+w9dkNxvMCMU6ANcCrW0ozE9v+PKLCDRKzFBjIi2UO6JrtP3+4Ldv
41G/nNPG1xcxtANoYsEbJAWtAxFkLr6v6xFoaxEEsmuSlyP8Ynf+gDioslreNFmw
RSoMz8PS26W1lbOh4xplhwovXLaZ0RtxJdozRF7Hl8mLtLrGvx0Pp3FP8MBVQt9m
IuBEemZFgyTyMsG0sdHM1v3+cIqmhi0cOw7pIDUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTS9EBIz97Y889TK+szhxvVsBS0bTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzB2UkFTTV9lMlBQUFV5dnJNNGNiMWJBVXRHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYDANBgkqhkiG9w0BAQsFAAOC
AQEAip+VuO6hwP77i1f2DPRSlVcHsliSxwd11P8WW5vvV9lp8nn9CVPFzJGPkPGo
kjOZQnLzbrxxVDgSB5q6ZgkfAhuB+J32SF1eOsmEgTKrvBhyomTUyyWaTgAOhNBd
rgdsEvKNRVhYKM57m9Jp5fyVOw/+RMNih3VG1mjLS7WcS6guG5j4Oo+5K2jKWzMV
lXlRhPchbu2sY1ocPkLYE27e+wuZsBJhhXsjqcGzeafMOg99IHiK0NWP+uQjeYeK
OdyZA6ILRZuh1uFHBedNaKrP3Ad0X2Hck3GBYJbAAsV+Bl3zQgtbiRcVYJO9nwj1
bLuwf1NY6XDT5wLaetd6JV0/hg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org