Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7AIkMun-LsDBHs_7tmZKWGJiwrQ.roa
File: 7AIkMun-LsDBHs_7tmZKWGJiwrQ.roa (raw, json)
Hash identifier: YqNZcKxTmpIvw85Ivl+Dkc7ZXMZtzMDg1TkzBeWxkVk=
Subject key identifier: EC:02:24:32:E9:FE:2E:C0:C1:1E:CF:FB:B6:66:4A:58:62:62:C2:B4
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A3B8BF7
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7AIkMun-LsDBHs_7tmZKWGJiwrQ.roa
Signing time: Wed 23 Feb 2022 20:04:47 +0000
ROA not before: Wed 23 Feb 2022 20:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211696
IP address blocks: 89.46.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171674615 (0xa3b8bf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 23 20:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec022432e9fe2ec0c11ecffbb6664a586262c2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:41:b9:70:37:20:ad:b3:3f:54:c3:f8:c5:ca:
67:84:e0:c9:b6:03:a8:01:91:25:d6:f5:b8:13:86:
9d:ef:4a:21:e6:00:c7:89:93:8d:d1:84:46:3e:f8:
d3:50:c6:8d:6e:d1:d0:04:05:fc:b6:87:9c:71:f9:
ff:28:2f:3e:7f:95:48:03:6d:e9:65:c3:a0:7c:de:
4b:1e:3e:de:37:b3:64:19:22:20:04:ad:d7:9b:a3:
5a:a9:10:88:b5:85:70:19:d2:72:2f:3d:c1:28:12:
55:91:d9:6e:10:e2:82:24:31:b4:da:3d:10:70:97:
98:c4:8f:4a:f9:f7:f5:56:dd:e1:7e:22:92:0c:67:
a0:b8:b9:6f:f6:87:ed:d7:e7:ee:c9:63:09:4a:c2:
cb:b9:e0:e6:a9:72:14:f7:fe:ce:22:41:71:55:b8:
20:4e:50:4d:9d:e8:f0:57:11:5b:e2:ad:6a:6e:1f:
18:90:8a:d2:db:44:d6:43:80:e3:f2:42:2b:5b:4a:
15:da:a2:24:87:ec:44:31:fc:62:33:0c:7f:ee:26:
66:2e:72:bc:4c:25:39:34:9c:9e:5e:00:ae:f5:2a:
8b:89:cc:27:7d:5e:84:c1:b0:0e:16:11:8c:fe:c8:
11:5f:9f:18:a7:2f:ed:d3:36:ab:52:c3:77:db:97:
a1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:02:24:32:E9:FE:2E:C0:C1:1E:CF:FB:B6:66:4A:58:62:62:C2:B4
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7AIkMun-LsDBHs_7tmZKWGJiwrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.97.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5a:e4:d4:04:51:3f:cd:74:4a:6b:b5:67:6a:db:78:ec:cf:
c7:85:d3:23:10:3b:46:ab:fd:99:76:7e:ff:8b:47:b7:7e:1d:
f1:58:23:19:2f:ed:86:2a:79:16:bf:6f:bf:3c:bf:0d:4f:23:
a7:c3:a3:31:63:ad:a1:b6:92:91:64:e2:46:61:4e:8a:a0:c7:
5f:3d:f2:9c:ed:fe:ab:83:48:fd:4b:8d:f8:ad:a1:c4:f9:8c:
7c:0f:6b:0b:ae:36:69:df:6a:f8:46:18:f7:2d:31:11:a7:4c:
61:0d:a1:a3:5c:5e:7c:68:76:e5:e8:5f:dd:65:d9:d5:b5:6c:
ca:c6:15:41:6b:e7:18:ae:8c:71:f0:92:8a:1d:61:6b:27:e3:
34:ef:1b:d8:b1:7c:6d:67:d1:de:74:fc:0b:82:f2:94:9c:d2:
1b:fb:20:40:12:0c:59:04:ad:22:26:8c:e1:f9:ef:21:03:a1:
cc:c0:ab:db:1d:79:fd:04:8f:c2:1c:e5:bd:79:6f:30:b5:b1:
5a:1f:15:c0:7f:fd:29:0c:91:e0:9d:05:39:22:26:6f:80:09:
e6:38:dd:16:8a:10:f2:3b:fb:58:e6:94:2a:63:40:9f:14:e0:
b3:fc:fc:84:e6:f6:cb:b3:6c:de:6d:68:ba:1c:12:52:c9:81:
7d:43:ab:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjuL9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIy
MzIwMDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMwMjI0MzJlOWZl
MmVjMGMxMWVjZmZiYjY2NjRhNTg2MjYyYzJiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBBuXA3IK2zP1TD+MXKZ4TgybYDqAGRJdb1uBOGne9KIeYA
x4mTjdGERj7401DGjW7R0AQF/LaHnHH5/ygvPn+VSANt6WXDoHzeSx4+3jezZBki
IASt15ujWqkQiLWFcBnSci89wSgSVZHZbhDigiQxtNo9EHCXmMSPSvn39Vbd4X4i
kgxnoLi5b/aH7dfn7sljCUrCy7ng5qlyFPf+ziJBcVW4IE5QTZ3o8FcRW+Ktam4f
GJCK0ttE1kOA4/JCK1tKFdqiJIfsRDH8YjMMf+4mZi5yvEwlOTScnl4ArvUqi4nM
J31ehMGwDhYRjP7IEV+fGKcv7dM2q1LDd9uXoaMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsAiQy6f4uwMEez/u2ZkpYYmLCtDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzdBSWtNdW4tTHNEQkhzXzd0bVpLV0dKaXdyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYTANBgkqhkiG9w0BAQsFAAOC
AQEAN1rk1ARRP810Smu1Z2rbeOzPx4XTIxA7Rqv9mXZ+/4tHt34d8VgjGS/thip5
Fr9vvzy/DU8jp8OjMWOtobaSkWTiRmFOiqDHXz3ynO3+q4NI/UuN+K2hxPmMfA9r
C642ad9q+EYY9y0xEadMYQ2ho1xefGh25ehf3WXZ1bVsysYVQWvnGK6McfCSih1h
ayfjNO8b2LF8bWfR3nT8C4LylJzSG/sgQBIMWQStIiaM4fnvIQOhzMCr2x15/QSP
whzlvXlvMLWxWh8VwH/9KQyR4J0FOSImb4AJ5jjdFooQ8jv7WOaUKmNAnxTgs/z8
hOb2y7Ns3m1ouhwSUsmBfUOrVA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org