Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ezm5ueAehpTd4t5ljewYthFOC9o.roa
File: Ezm5ueAehpTd4t5ljewYthFOC9o.roa (raw, json)
Hash identifier: gxSukd0zoBUoOjqw4VV32qIF+7G0iWREaToiEimaeg8=
Subject key identifier: 13:39:B9:B9:E0:1E:86:94:DD:E2:DE:65:8D:EC:18:B6:11:4E:0B:DA
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B1C1BAB
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ezm5ueAehpTd4t5ljewYthFOC9o.roa
Signing time: Thu 12 May 2022 20:27:23 +0000
ROA not before: Thu 12 May 2022 20:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210122
IP address blocks: 89.46.98.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186391467 (0xb1c1bab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: May 12 20:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1339b9b9e01e8694dde2de658dec18b6114e0bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8a:d5:ae:6b:dd:50:96:b0:21:8d:d6:86:c2:
c6:27:2e:67:b8:68:ce:e3:6a:2b:eb:2f:cd:5e:93:
5b:ff:39:cb:7c:5a:35:35:e9:f9:ac:d0:89:24:3d:
a9:e4:91:fa:1e:e9:5e:cc:cb:c6:13:ee:fc:6f:f3:
c0:3a:61:ea:42:97:02:3d:a2:45:28:b8:5d:e9:2e:
c1:02:33:76:87:c1:82:14:26:6b:94:c1:7c:7f:ef:
bf:72:d8:68:f6:51:28:c2:1a:24:73:6c:a1:dd:c9:
73:73:91:be:48:86:09:66:2c:c6:21:bb:15:20:f2:
e4:3d:4c:3b:b5:5a:2c:5d:99:9f:85:c4:4a:99:62:
8e:30:45:93:cd:c9:59:7e:18:02:6c:8c:b5:19:ca:
b3:d4:e3:4a:fb:c1:17:2c:a2:1d:2e:d2:06:15:d9:
b4:f9:70:66:c5:48:21:7b:f6:ac:43:f6:63:5b:42:
68:4a:7c:90:de:78:5a:d8:8f:c1:6e:1a:85:82:77:
5f:b5:31:eb:79:6e:b0:7a:32:51:87:ee:cb:cc:e1:
38:a9:3f:62:a7:fb:32:9c:1b:4a:74:a1:d4:b4:8a:
17:50:c3:bf:c3:d7:3b:4f:62:2b:e1:61:06:8e:71:
98:8c:dd:fc:e8:45:0c:4b:d6:04:2b:69:19:d1:1f:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:39:B9:B9:E0:1E:86:94:DD:E2:DE:65:8D:EC:18:B6:11:4E:0B:DA
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ezm5ueAehpTd4t5ljewYthFOC9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.98.0/24
Signature Algorithm: sha256WithRSAEncryption
77:92:41:bd:85:99:f4:32:fb:2b:3b:1a:39:0a:8a:59:c3:ee:
76:7a:01:d7:49:dc:1a:61:f6:a1:97:4d:9c:c0:af:95:24:53:
37:53:27:0b:ac:77:01:13:bc:72:00:8c:c3:46:a2:9a:da:82:
ba:6d:5e:22:e5:b0:06:a2:a4:66:d7:3f:a9:3a:d6:b9:25:30:
b1:cf:71:4d:c1:b6:14:50:a0:1b:0f:15:43:88:6e:70:99:39:
df:59:6c:4e:3d:d2:cd:72:00:fb:88:0b:b0:5c:aa:c7:5e:b7:
c3:33:15:fc:16:10:47:bc:0d:ec:48:e2:50:00:58:fc:c9:1b:
fd:ab:e8:4c:7d:2f:be:08:dc:01:cb:d4:dd:cd:7d:50:c9:79:
40:2b:22:fd:50:c8:2e:70:58:45:2a:0e:12:14:80:9a:17:42:
9d:13:38:3b:3b:f2:4b:ee:69:54:8f:3b:33:6e:d7:9a:74:19:
2e:a4:3f:8a:9c:76:ba:8c:12:bf:8b:21:aa:63:86:e7:70:a7:
58:9a:4a:91:71:01:cd:31:ea:56:60:66:a3:0c:92:8a:aa:d1:
d6:75:ca:19:bf:78:c8:f4:0b:29:69:af:d8:47:bd:00:f2:af:
39:30:75:46:c1:b8:b1:2a:20:2b:bf:5a:16:f9:f8:7f:f6:de:
9b:ae:9f:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECxwbqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDUx
MjIwMjcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMzOWI5YjllMDFl
ODY5NGRkZTJkZTY1OGRlYzE4YjYxMTRlMGJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSK1a5r3VCWsCGN1obCxicuZ7hozuNqK+svzV6TW/85y3xa
NTXp+azQiSQ9qeSR+h7pXszLxhPu/G/zwDph6kKXAj2iRSi4XekuwQIzdofBghQm
a5TBfH/vv3LYaPZRKMIaJHNsod3Jc3ORvkiGCWYsxiG7FSDy5D1MO7VaLF2Zn4XE
SplijjBFk83JWX4YAmyMtRnKs9TjSvvBFyyiHS7SBhXZtPlwZsVIIXv2rEP2Y1tC
aEp8kN54WtiPwW4ahYJ3X7Ux63lusHoyUYfuy8zhOKk/Yqf7MpwbSnSh1LSKF1DD
v8PXO09iK+FhBo5xmIzd/OhFDEvWBCtpGdEfevMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQTObm54B6GlN3i3mWN7Bi2EU4L2jAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0V6bTV1ZUFlaHBUZDR0NWxqZXdZdGhGT0M5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYjANBgkqhkiG9w0BAQsFAAOC
AQEAd5JBvYWZ9DL7KzsaOQqKWcPudnoB10ncGmH2oZdNnMCvlSRTN1MnC6x3ARO8
cgCMw0aimtqCum1eIuWwBqKkZtc/qTrWuSUwsc9xTcG2FFCgGw8VQ4hucJk531ls
Tj3SzXIA+4gLsFyqx163wzMV/BYQR7wN7EjiUABY/Mkb/avoTH0vvgjcAcvU3c19
UMl5QCsi/VDILnBYRSoOEhSAmhdCnRM4OzvyS+5pVI87M27XmnQZLqQ/ipx2uowS
v4shqmOG53CnWJpKkXEBzTHqVmBmowySiqrR1nXKGb94yPQLKWmv2Ee9APKvOTB1
RsG4sSogK79aFvn4f/bem66fOw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org