Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1-9Ym4mbTa_6ZtBOl6g0-ig8STXk.roa
File: 1-9Ym4mbTa_6ZtBOl6g0-ig8STXk.roa (raw, json)
Hash identifier: 09AVR8hX8KiKKGdUAt31tvkkzES62SmjEwLIfuxrqZI=
Subject key identifier: FB:D6:26:E2:66:D3:6B:FE:99:B4:13:A5:EA:0D:3E:8A:0F:12:4D:79
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B76162A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1-9Ym4mbTa_6ZtBOl6g0-ig8STXk.roa
Signing time: Tue 14 Jun 2022 19:40:44 +0000
ROA not before: Tue 14 Jun 2022 19:40:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 24
95.111.144.0/20 maxlen: 24
185.149.12.0/22 maxlen: 24
89.46.96.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192288298 (0xb76162a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 14 19:40:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbd626e266d36bfe99b413a5ea0d3e8a0f124d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:4f:98:ed:1c:ef:02:f9:c8:5a:e7:2b:16:
0e:6c:d2:1c:fa:d1:9f:8d:4e:cf:14:ef:79:d6:a8:
d4:82:a9:d8:da:15:75:71:d6:a3:aa:16:05:19:54:
7c:13:8b:d5:5e:1b:45:21:c8:0e:37:a6:64:91:a8:
0b:4f:38:5c:a0:40:b4:3b:c1:71:50:39:e3:e0:8b:
ce:6f:78:32:8a:52:52:42:6f:d6:98:f3:29:a2:27:
49:dd:15:2f:94:43:20:2f:57:68:e0:2a:c1:82:ff:
ef:c1:c1:e0:cd:79:b7:28:74:a6:c2:bd:d8:50:d1:
cb:99:2b:b6:9c:54:dc:0a:9c:7b:9c:76:1d:ed:31:
a2:9f:1c:e1:ba:52:f3:3d:25:0b:c7:d8:43:2e:91:
8d:e5:88:1a:ff:84:36:0b:25:ad:d4:b6:aa:20:de:
c8:1b:cf:88:95:00:ec:9a:6e:ad:c1:ef:8e:11:3f:
16:be:ba:c9:19:87:f4:59:1d:6f:9d:4a:8c:02:6e:
3b:71:b1:03:13:12:8a:3d:ac:9b:53:91:96:9b:cc:
9e:d1:9e:64:8e:03:1e:71:e0:45:8c:9c:50:2e:6d:
8c:da:b8:f0:26:b9:bb:b2:59:6c:df:8a:4c:a8:95:
b0:44:61:b0:4d:5d:af:e7:42:ec:e8:d7:7e:0d:7b:
29:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D6:26:E2:66:D3:6B:FE:99:B4:13:A5:EA:0D:3E:8A:0F:12:4D:79
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/1-9Ym4mbTa_6ZtBOl6g0-ig8STXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/22
91.103.120.0/21
95.111.128.0/19
185.149.12.0/22
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b7:80:57:37:c0:ed:9e:03:47:41:f3:2a:38:32:15:a2:23:
f6:88:21:15:96:05:72:8c:ef:11:62:13:83:f6:2f:f9:96:a6:
a0:2f:be:6d:7e:2b:bc:31:a2:5b:38:4d:d5:21:97:71:35:5b:
e5:99:6c:c7:d5:02:64:ae:97:86:4d:15:7b:bc:f6:81:a8:b6:
45:9f:7f:4d:7a:b6:5f:c7:8a:96:8e:a0:a9:df:21:ac:48:94:
9e:e0:7b:18:da:c8:4d:e9:99:63:fc:8d:19:7d:d0:b9:3a:ce:
30:53:3c:1c:19:83:4d:8f:27:8a:41:57:2d:33:4b:fb:42:d2:
9d:28:f8:7e:0e:87:64:cc:d0:1b:06:8c:ef:60:ec:4e:42:95:
4c:35:aa:03:61:4e:db:dc:65:59:52:ee:07:b7:4d:3d:50:02:
fd:4c:3c:9d:33:2c:33:29:82:ac:07:89:69:28:02:2d:04:d7:
91:a7:48:57:bc:46:13:ee:be:23:95:9f:53:f2:50:fb:fd:49:
44:d5:ef:26:2f:f4:5d:77:23:75:01:38:09:9f:03:78:28:99:
92:8b:cf:d5:be:fd:4e:78:b5:cd:37:06:26:21:24:5f:49:e7:
94:da:0c:a6:d4:33:41:cb:62:0d:45:35:1e:ac:a8:ee:bd:9c:
ca:96:ca:b9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEC3YWKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYx
NDE5NDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJkNjI2ZTI2NmQz
NmJmZTk5YjQxM2E1ZWEwZDNlOGEwZjEyNGQ3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMe2T5jtHO8C+cha5ysWDmzSHPrRn41OzxTvedao1IKp2NoV
dXHWo6oWBRlUfBOL1V4bRSHIDjemZJGoC084XKBAtDvBcVA54+CLzm94MopSUkJv
1pjzKaInSd0VL5RDIC9XaOAqwYL/78HB4M15tyh0psK92FDRy5krtpxU3Aqce5x2
He0xop8c4bpS8z0lC8fYQy6RjeWIGv+ENgslrdS2qiDeyBvPiJUA7JpurcHvjhE/
Fr66yRmH9Fkdb51KjAJuO3GxAxMSij2sm1ORlpvMntGeZI4DHnHgRYycUC5tjNq4
8Ca5u7JZbN+KTKiVsERhsE1dr+dC7OjXfg17KbUCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT71ibiZtNr/pm0E6XqDT6KDxJNeTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzEtOVltNG1iVGFfNlp0Qk9sNmcwLWlnOFNUWGsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYy
LzQzZmY4Zi1jZDU0LTRjZjEtOGFhZi00YmUxOGVmMTI4YjQvMS9sQlpyY0VoRDA5
bDFRSlhJT3BHMGs0S0NBS0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAJZLmADBANbZ3gDBAVfb4ADBAK5
lQwDBAC560cwDQYJKoZIhvcNAQELBQADggEBADa3gFc3wO2eA0dB8yo4MhWiI/aI
IRWWBXKM7xFiE4P2L/mWpqAvvm1+K7wxols4TdUhl3E1W+WZbMfVAmSul4ZNFXu8
9oGotkWff016tl/HipaOoKnfIaxIlJ7gexjayE3pmWP8jRl90Lk6zjBTPBwZg02P
J4pBVy0zS/tC0p0o+H4Oh2TM0BsGjO9g7E5ClUw1qgNhTtvcZVlS7ge3TT1QAv1M
PJ0zLDMpgqwHiWkoAi0E15GnSFe8RhPuviOVn1PyUPv9SUTV7yYv9F13I3UBOAmf
A3gomZKLz9W+/U54tc03BiYhJF9J55TaDKbUM0HLYg1FNR6sqO69nMqWyrk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org