Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKiDu6r8XzQJGvVqRJK-3B3x6Y0.roa
File: CKiDu6r8XzQJGvVqRJK-3B3x6Y0.roa (raw, json)
Hash identifier: uZoNU99vCsJwgLjPc/ZwpFbRsyxd7WIQ8QT/6fahK8E=
Subject key identifier: 08:A8:83:BB:AA:FC:5F:34:09:1A:F5:6A:44:92:BE:DC:1D:F1:E9:8D
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 01837F85A54F2139428E43F587215053CB89
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKiDu6r8XzQJGvVqRJK-3B3x6Y0.roa
Signing time: Tue 27 Sep 2022 15:16:48 +0000
ROA not before: Tue 27 Sep 2022 15:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 89.46.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:85:a5:4f:21:39:42:8e:43:f5:87:21:50:53:cb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Sep 27 15:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08a883bbaafc5f34091af56a4492bedc1df1e98d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:40:bb:0f:d7:03:a6:7b:29:7e:fd:1f:bd:
78:03:fe:70:66:03:f9:18:6c:71:8f:8b:ed:74:6e:
a7:48:7b:25:d6:90:8c:81:37:16:1d:47:1e:46:b1:
57:30:ca:4c:fd:1d:53:d6:c9:48:ae:07:52:53:b7:
bf:10:91:e0:17:a2:88:93:45:3a:f8:a8:9e:4c:8e:
f6:09:9c:4b:f4:0f:07:f0:aa:56:58:48:e2:d1:6b:
c1:6c:c6:3c:8a:f5:1b:74:5b:c2:43:81:7f:7d:06:
9d:5b:10:d6:02:4c:df:43:ed:21:5c:68:06:c0:d5:
0e:96:5e:54:04:5a:aa:00:be:50:70:af:4d:8e:87:
86:ea:a8:ac:cd:d0:97:91:d8:fc:ef:8b:ae:f4:48:
d8:59:87:fa:87:91:54:30:b5:cf:5a:38:eb:e9:1a:
a0:13:bd:79:f2:79:ae:ea:03:89:18:f4:9f:82:55:
ba:2b:60:d1:cf:97:4e:de:99:49:42:1e:2b:50:31:
65:22:ab:ac:74:ea:f0:e3:15:70:ed:74:30:2e:17:
c7:14:8f:cd:d5:0c:35:09:44:fc:7d:fb:94:a8:5b:
fa:42:05:59:42:d0:f6:ce:d7:9f:bf:78:33:de:4d:
9e:82:88:1d:a9:c5:dd:f6:0e:c8:6e:05:ac:32:2c:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A8:83:BB:AA:FC:5F:34:09:1A:F5:6A:44:92:BE:DC:1D:F1:E9:8D
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKiDu6r8XzQJGvVqRJK-3B3x6Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.97.0/24
Signature Algorithm: sha256WithRSAEncryption
95:64:1e:cc:d2:b4:6b:b3:da:42:3f:dd:60:8d:63:e9:ef:57:
9f:bd:88:55:6a:fb:d2:e9:96:f1:62:c2:6f:a7:29:8b:98:03:
34:7a:1c:5b:07:43:90:64:05:f9:36:69:d9:30:52:c5:83:fd:
a4:ac:c5:d4:b1:93:05:22:c7:43:23:7f:61:81:0b:d0:36:fd:
2b:f2:d8:38:b7:b1:7e:fe:16:21:65:49:58:85:15:07:a5:7e:
0a:73:95:3d:24:0f:47:1f:1b:59:bb:b1:b0:d9:94:47:84:b6:
39:f4:5a:a3:1a:ea:1c:89:a1:89:d0:cb:2b:e7:f0:47:fd:42:
3a:98:f3:dc:ca:de:8b:89:fc:a7:9c:05:98:7d:bd:2c:11:89:
cf:e9:5b:4f:13:de:c1:0c:0e:a2:fa:d0:2b:d8:94:ee:8c:8d:
59:67:2d:01:7d:82:68:2c:ec:e6:02:9e:a1:09:42:c4:17:00:
60:0b:0d:f4:eb:5e:da:d2:cd:89:08:41:23:f8:cb:86:15:d3:
23:ab:79:18:37:bd:d7:cd:6e:a5:dd:4e:a3:25:64:7e:61:c6:
9b:b9:dc:51:25:4a:7c:d1:ac:6c:f3:3c:7a:fb:77:9b:8c:84:
37:8a:ab:d5:53:d2:f4:d0:60:ea:6c:b4:d6:40:6c:72:15:95:
04:41:a2:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN/haVPITlCjkP1hyFQU8uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIwOTI3MTUxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE4ODNiYmFhZmM1ZjM0MDkxYWY1NmE0NDkyYmVkYzFkZjFlOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplZAuw/XA6Z7KX79H714A/5wZgP5
GGxxj4vtdG6nSHsl1pCMgTcWHUceRrFXMMpM/R1T1slIrgdSU7e/EJHgF6KIk0U6
+KieTI72CZxL9A8H8KpWWEji0WvBbMY8ivUbdFvCQ4F/fQadWxDWAkzfQ+0hXGgG
wNUOll5UBFqqAL5QcK9NjoeG6qiszdCXkdj874uu9EjYWYf6h5FUMLXPWjjr6Rqg
E7158nmu6gOJGPSfglW6K2DRz5dO3plJQh4rUDFlIqusdOrw4xVw7XQwLhfHFI/N
1Qw1CUT8ffuUqFv6QgVZQtD2ztefv3gz3k2egogdqcXd9g7IbgWsMiwzKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiog7uq/F80CRr1akSSvtwd8emNMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvQ0tpRHU2cjhYelFKR3ZWcVJKSy0zQjN4NlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS5hMA0G
CSqGSIb3DQEBCwUAA4IBAQCVZB7M0rRrs9pCP91gjWPp71efvYhVavvS6ZbxYsJv
pymLmAM0ehxbB0OQZAX5NmnZMFLFg/2krMXUsZMFIsdDI39hgQvQNv0r8tg4t7F+
/hYhZUlYhRUHpX4Kc5U9JA9HHxtZu7Gw2ZRHhLY59FqjGuociaGJ0Msr5/BH/UI6
mPPcyt6LifynnAWYfb0sEYnP6VtPE97BDA6i+tAr2JTujI1ZZy0BfYJoLOzmAp6h
CULEFwBgCw30617a0s2JCEEj+MuGFdMjq3kYN73XzW6l3U6jJWR+YcabudxRJUp8
0axs8zx6+3ebjIQ3iqvVU9L00GDqbLTWQGxyFZUEQaJ4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org