Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CR1ORcmBUwPcMIuQHg5OD4IqhZk.roa
File: CR1ORcmBUwPcMIuQHg5OD4IqhZk.roa (raw, json)
Hash identifier: 6jzABrsNOnvlEJrcTF80rVMsYGS9F4dd9UNTJfXii/I=
Subject key identifier: 09:1D:4E:45:C9:81:53:03:DC:30:8B:90:1E:0E:4E:0F:82:2A:85:99
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AAD2DA
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CR1ORcmBUwPcMIuQHg5OD4IqhZk.roa
Signing time: Sat 01 Jan 2022 09:56:53 +0000
ROA not before: Sat 01 Jan 2022 09:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46573
IP address blocks: 89.46.98.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162190042 (0x9aad2da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=091d4e45c9815303dc308b901e0e4e0f822a8599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0f:34:0b:15:10:79:c5:90:21:cc:ff:83:19:
cb:85:a3:52:d4:f0:6d:2c:48:33:5b:15:06:39:76:
51:4f:c0:38:e9:2b:ff:b0:12:fd:5e:86:60:b8:93:
95:ee:4e:96:a8:0d:df:b7:c3:84:8b:91:04:b7:28:
e8:9b:17:ed:37:4e:9b:71:56:71:b5:2e:b4:8f:2d:
2e:12:52:f8:ea:52:7a:64:68:4a:4d:58:4b:2c:df:
56:11:3a:e4:3a:3c:6c:2c:f0:8d:84:72:53:ab:62:
8a:bc:bf:28:38:20:ac:72:1a:22:da:e1:07:a8:44:
66:34:64:24:71:4a:24:6f:7d:13:7a:ae:cc:50:e7:
5a:26:e4:d2:a3:b6:b4:d9:3d:b0:d6:65:37:d7:68:
69:b9:6b:e4:5f:b2:fc:23:cd:db:42:d5:b1:e3:ea:
d3:8e:66:72:c0:b4:67:3f:bf:1f:97:ba:1d:3c:46:
da:63:77:2c:53:be:80:38:24:93:3d:27:be:aa:9f:
b8:f4:c2:d6:a2:e8:53:48:ac:2f:ca:08:e3:6d:6e:
a6:60:ca:44:e2:1d:34:39:ee:25:a0:0f:6f:e1:24:
d5:02:1c:4b:d2:68:c3:10:cf:4b:d8:e0:2c:00:16:
2e:e2:bf:72:8d:70:a4:68:c9:01:c6:92:6e:98:c7:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1D:4E:45:C9:81:53:03:DC:30:8B:90:1E:0E:4E:0F:82:2A:85:99
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CR1ORcmBUwPcMIuQHg5OD4IqhZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.98.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:45:cf:ba:b6:61:d6:58:da:f2:cc:f1:6d:97:25:16:1a:86:
b8:fc:45:29:5e:a8:19:19:6e:6a:df:ef:20:fa:43:c7:d2:0e:
3c:78:83:be:fc:0a:44:28:75:78:29:0c:c1:1d:71:b0:1f:3a:
c0:d6:0f:66:00:c7:05:56:60:58:68:cf:f3:02:fb:43:e7:97:
9a:76:ac:f5:83:f2:df:b7:ef:ad:87:db:fe:2f:8b:8d:b1:ca:
b3:db:fe:bf:34:fc:ee:a5:81:d5:59:f7:8c:78:14:0b:dc:df:
e4:3e:59:52:e3:b8:47:6f:f7:23:4a:96:36:48:c8:c7:f0:71:
44:2c:2a:ea:03:09:1e:81:ed:1c:69:19:8f:df:e0:ab:cf:28:
08:94:70:c7:8b:11:48:25:75:68:59:99:a4:4c:12:1b:63:97:
9a:2e:6b:0d:09:38:e4:51:24:fc:ca:6f:89:4b:4f:bc:f2:fe:
c7:a2:dd:cf:6b:fb:e9:1d:6b:6a:c9:67:9a:10:0f:e9:63:66:
00:97:95:97:8f:d1:10:dc:19:cf:52:9c:38:a5:9a:21:b7:d7:
6e:bd:f0:72:00:c9:59:f2:09:f0:34:cc:ec:06:fd:b8:94:c6:
17:7f:e2:cb:22:b8:d7:d3:f4:1f:a1:ae:a1:46:1d:fa:f7:b6:
ad:bf:0c:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECarS2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkxZDRlNDVjOTgx
NTMwM2RjMzA4YjkwMWUwZTRlMGY4MjJhODU5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkPNAsVEHnFkCHM/4MZy4WjUtTwbSxIM1sVBjl2UU/AOOkr
/7AS/V6GYLiTle5OlqgN37fDhIuRBLco6JsX7TdOm3FWcbUutI8tLhJS+OpSemRo
Sk1YSyzfVhE65Do8bCzwjYRyU6tiiry/KDggrHIaItrhB6hEZjRkJHFKJG99E3qu
zFDnWibk0qO2tNk9sNZlN9doablr5F+y/CPN20LVsePq045mcsC0Zz+/H5e6HTxG
2mN3LFO+gDgkkz0nvqqfuPTC1qLoU0isL8oI421upmDKROIdNDnuJaAPb+Ek1QIc
S9JowxDPS9jgLAAWLuK/co1wpGjJAcaSbpjHbRsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJHU5FyYFTA9wwi5AeDk4PgiqFmTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0NSMU9SY21CVXdQY01JdVFIZzVPRDRJcWhaay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVkuYjANBgkqhkiG9w0BAQsFAAOC
AQEAi0XPurZh1lja8szxbZclFhqGuPxFKV6oGRluat/vIPpDx9IOPHiDvvwKRCh1
eCkMwR1xsB86wNYPZgDHBVZgWGjP8wL7Q+eXmnas9YPy37fvrYfb/i+LjbHKs9v+
vzT87qWB1Vn3jHgUC9zf5D5ZUuO4R2/3I0qWNkjIx/BxRCwq6gMJHoHtHGkZj9/g
q88oCJRwx4sRSCV1aFmZpEwSG2OXmi5rDQk45FEk/MpviUtPvPL+x6Ldz2v76R1r
aslnmhAP6WNmAJeVl4/RENwZz1KcOKWaIbfXbr3wcgDJWfIJ8DTM7Ab9uJTGF3/i
yyK419P0H6GuoUYd+ve2rb8MFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org