Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/77yETL_XDrO0jBI_2sCb53aic90.roa
File: 77yETL_XDrO0jBI_2sCb53aic90.roa (raw, json)
Hash identifier: kiZDAEkKTZV0MS0ZDqmDadLvKt48BdOjxCEZuorVeSQ=
Subject key identifier: EF:BC:84:4C:BF:D7:0E:B3:B4:8C:12:3F:DA:C0:9B:E7:76:A2:73:DD
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A54DF4C
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/77yETL_XDrO0jBI_2sCb53aic90.roa
Signing time: Sat 05 Mar 2022 17:06:55 +0000
ROA not before: Sat 05 Mar 2022 17:06:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210619
IP address blocks: 89.46.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173334348 (0xa54df4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 5 17:06:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efbc844cbfd70eb3b48c123fdac09be776a273dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7e:5f:82:c9:db:2f:8e:25:5e:b8:ae:84:2d:
82:c2:74:4b:26:eb:01:73:24:3a:94:dc:ab:db:8a:
f6:f9:55:2e:b2:c5:b6:76:ce:9d:f4:0c:0c:1c:fb:
d3:59:ac:69:e0:36:0d:11:d9:62:54:3d:d5:4b:7d:
ab:08:09:33:d3:bc:b6:6f:ed:16:4a:5f:fb:f0:f4:
bb:0b:7b:f6:7b:51:0a:6c:b0:9a:f6:f2:78:6c:11:
20:cc:04:e9:92:56:9f:ef:1b:3c:35:4c:19:09:89:
4b:1c:11:18:09:de:76:ae:13:d2:11:15:e9:c7:87:
07:77:eb:eb:4c:a7:44:82:0d:83:6b:77:49:be:92:
f9:13:9b:c6:c3:d8:58:5c:52:e7:00:86:41:b1:4b:
9f:bb:62:ec:f4:97:94:42:19:b8:3b:24:fc:a5:81:
8b:22:52:5f:67:57:1c:b9:e3:1e:04:22:82:99:c3:
20:79:e8:36:4a:e1:71:6e:a1:55:d2:89:fe:59:f4:
28:29:24:46:31:0b:ee:a3:5c:1a:0f:e5:24:83:0c:
09:87:c2:59:72:24:f6:ca:fc:dd:69:5e:54:01:72:
44:82:39:02:71:f9:aa:3e:57:32:75:02:36:8c:29:
fb:4b:6e:e6:a5:13:a1:3c:9a:66:8c:fa:70:21:fc:
f8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:BC:84:4C:BF:D7:0E:B3:B4:8C:12:3F:DA:C0:9B:E7:76:A2:73:DD
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/77yETL_XDrO0jBI_2sCb53aic90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.99.0/24
Signature Algorithm: sha256WithRSAEncryption
64:05:a6:db:c5:69:4c:dd:af:d3:47:09:8b:b7:de:84:b3:11:
3e:1f:1f:4a:a2:13:5f:d2:63:8b:33:96:a2:9e:4f:ee:67:fe:
01:21:45:ea:24:80:b6:d6:77:c8:4b:8d:78:60:48:ae:cb:02:
4a:01:7a:50:46:06:20:c4:df:7c:6c:b3:56:43:fd:1c:15:bc:
4e:43:5f:77:f9:a3:f9:ea:fc:13:f7:08:25:08:f2:61:5f:4b:
2d:b5:84:20:d5:52:87:86:f8:04:ac:b2:cf:d1:93:74:eb:a9:
72:9f:22:9b:24:65:4f:ee:e0:41:c8:4a:4b:1a:fa:66:f9:94:
10:58:c4:43:1c:0c:18:7d:58:ad:95:4e:d9:9c:6b:84:e6:fb:
91:2e:4e:e3:39:ae:d1:b2:51:52:07:da:58:a7:d5:46:e3:21:
df:6d:9b:93:14:7b:01:d6:d8:50:99:91:f1:be:60:23:99:cd:
41:ba:5f:90:26:11:94:16:b0:0f:34:e5:fa:f9:08:21:d6:05:
7f:3c:42:55:f9:e5:b3:53:ee:c5:a9:a1:6c:b9:be:c4:90:e0:
3f:48:74:07:2c:c3:8d:3c:8b:46:96:a6:bd:01:c8:1e:9f:11:
e4:62:f4:99:a9:64:cf:64:8c:6b:a4:54:55:6a:af:c2:80:5d:
ee:99:c2:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClTfTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMw
NTE3MDY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWZiYzg0NGNiZmQ3
MGViM2I0OGMxMjNmZGFjMDliZTc3NmEyNzNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJB+X4LJ2y+OJV64roQtgsJ0SybrAXMkOpTcq9uK9vlVLrLF
tnbOnfQMDBz701msaeA2DRHZYlQ91Ut9qwgJM9O8tm/tFkpf+/D0uwt79ntRCmyw
mvbyeGwRIMwE6ZJWn+8bPDVMGQmJSxwRGAnedq4T0hEV6ceHB3fr60ynRIINg2t3
Sb6S+RObxsPYWFxS5wCGQbFLn7ti7PSXlEIZuDsk/KWBiyJSX2dXHLnjHgQigpnD
IHnoNkrhcW6hVdKJ/ln0KCkkRjEL7qNcGg/lJIMMCYfCWXIk9sr83WleVAFyRII5
AnH5qj5XMnUCNowp+0tu5qUToTyaZoz6cCH8+FUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTvvIRMv9cOs7SMEj/awJvndqJz3TAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
Lzc3eUVUTF9YRHJPMGpCSV8yc0NiNTNhaWM5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYzANBgkqhkiG9w0BAQsFAAOC
AQEAZAWm28VpTN2v00cJi7fehLMRPh8fSqITX9JjizOWop5P7mf+ASFF6iSAttZ3
yEuNeGBIrssCSgF6UEYGIMTffGyzVkP9HBW8TkNfd/mj+er8E/cIJQjyYV9LLbWE
INVSh4b4BKyyz9GTdOupcp8imyRlT+7gQchKSxr6ZvmUEFjEQxwMGH1YrZVO2Zxr
hOb7kS5O4zmu0bJRUgfaWKfVRuMh322bkxR7AdbYUJmR8b5gI5nNQbpfkCYRlBaw
DzTl+vkIIdYFfzxCVfnls1PuxamhbLm+xJDgP0h0ByzDjTyLRpamvQHIHp8R5GL0
malkz2SMa6RUVWqvwoBd7pnCGw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org