Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/HgknDGEthps2fKpl8gJSJnijkfk.roa
File: HgknDGEthps2fKpl8gJSJnijkfk.roa (raw, json)
Hash identifier: eNA1K1eE6oV3Ar84tUb7jwlcruSFcMTbmSJ6BpC5bOw=
Subject key identifier: 1E:09:27:0C:61:2D:86:9B:36:7C:AA:65:F2:02:52:26:78:A3:91:F9
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0189539FDE22FB5E7C20A6003E85DD1A9552
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/HgknDGEthps2fKpl8gJSJnijkfk.roa
Signing time: Fri 14 Jul 2023 08:58:53 +0000
ROA not before: Fri 14 Jul 2023 08:58:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 89.46.96.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:9f:de:22:fb:5e:7c:20:a6:00:3e:85:dd:1a:95:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 14 08:58:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e09270c612d869b367caa65f202522678a391f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6d:89:c3:98:d1:61:34:bc:27:1a:bd:a4:ba:
7a:ea:60:54:54:4b:0b:dc:5a:86:9e:8e:de:65:fe:
2a:45:3e:ee:9c:01:f8:46:b7:36:0c:01:9d:90:64:
39:c9:74:34:3a:2c:12:23:03:9e:4d:a7:38:d5:58:
5d:9c:d7:45:ce:9e:79:34:85:7a:01:da:dc:77:3d:
cc:28:de:03:6f:72:04:ea:d8:bc:a6:8d:3e:f5:a2:
d5:84:4e:5a:96:2a:05:0d:a7:b0:5d:66:0c:75:01:
04:48:fe:58:fb:1c:bc:4b:db:d4:29:43:9d:b3:8e:
a0:de:00:d1:9f:c4:ee:f3:4d:fd:12:41:86:1b:f5:
cd:02:23:07:cb:54:c7:03:c0:bb:60:73:8d:63:b5:
e7:0d:e3:ad:57:f6:71:60:f4:ed:78:7a:d0:4c:b4:
9f:ea:ed:7d:33:29:b1:29:04:e0:ae:1d:69:12:a9:
aa:51:6e:53:d2:02:e1:0e:0e:48:53:04:53:4a:13:
c8:4a:fb:fb:2e:54:a4:96:87:f6:da:2b:c5:04:74:
f7:83:af:e8:4f:a8:20:1d:ce:88:12:f2:6d:60:9c:
84:29:71:3a:4e:9c:9c:54:3b:0f:64:e7:f7:9c:f1:
f0:7e:5c:29:c6:69:bf:22:32:46:c7:72:de:74:a0:
9e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:09:27:0C:61:2D:86:9B:36:7C:AA:65:F2:02:52:26:78:A3:91:F9
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/HgknDGEthps2fKpl8gJSJnijkfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/22
Signature Algorithm: sha256WithRSAEncryption
78:f6:36:3c:70:10:88:5a:fd:27:f7:3c:90:3d:da:86:15:18:
a8:8f:55:70:60:60:c2:a6:6b:ea:d2:bc:7a:9b:db:c6:35:f5:
87:8a:82:d5:75:dd:49:c9:e7:cd:16:f4:e2:03:fa:9f:c0:83:
b0:9d:34:5a:ff:f0:46:2e:8c:f4:a2:d3:68:de:32:62:9b:40:
b4:8c:3a:35:9b:1b:3b:4d:7b:02:26:4d:34:82:69:fe:50:ec:
1f:ea:63:eb:0c:14:fa:0c:21:90:f2:42:95:91:a7:42:98:7d:
0a:aa:56:96:16:75:ad:99:8c:f3:0c:fd:8d:a7:4d:f9:2e:26:
da:eb:2f:42:e3:f2:71:c1:9e:c1:e9:90:6b:35:8b:91:10:77:
c1:d7:de:0f:36:d3:d0:f7:dc:07:03:ac:44:8f:7d:42:d4:d0:
d0:26:55:db:86:76:ee:31:04:cf:8d:44:75:fc:2e:f3:4d:31:
92:0a:5a:8e:9e:c0:08:fa:93:a5:61:07:86:e0:4e:2e:da:f4:
4b:74:07:33:54:3a:c7:4d:2a:c9:ea:82:ef:4c:34:00:71:e6:
ac:16:ec:4e:f3:e2:6e:8e:06:c6:b2:9d:03:1d:48:cb:ef:b2:
bb:11:bc:15:8a:71:0a:9c:ad:65:74:c7:b3:23:d4:70:d9:d8:
31:ca:9c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlTn94i+158IKYAPoXdGpVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzE0MDg1ODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA5MjcwYzYxMmQ4NjliMzY3Y2FhNjVmMjAyNTIyNjc4YTM5MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm2Jw5jRYTS8Jxq9pLp66mBUVEsL
3FqGno7eZf4qRT7unAH4Rrc2DAGdkGQ5yXQ0OiwSIwOeTac41VhdnNdFzp55NIV6
Adrcdz3MKN4Db3IE6ti8po0+9aLVhE5alioFDaewXWYMdQEESP5Y+xy8S9vUKUOd
s46g3gDRn8Tu8039EkGGG/XNAiMHy1THA8C7YHONY7XnDeOtV/ZxYPTteHrQTLSf
6u19MymxKQTgrh1pEqmqUW5T0gLhDg5IUwRTShPISvv7LlSklof22ivFBHT3g6/o
T6ggHc6IEvJtYJyEKXE6TpycVDsPZOf3nPHwflwpxmm/IjJGx3LedKCe7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4JJwxhLYabNnyqZfICUiZ4o5H5MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvSGdrbkRHRXRocHMyZktwbDhnSlNKbmlqa2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWS5gMA0G
CSqGSIb3DQEBCwUAA4IBAQB49jY8cBCIWv0n9zyQPdqGFRioj1VwYGDCpmvq0rx6
m9vGNfWHioLVdd1JyefNFvTiA/qfwIOwnTRa//BGLoz0otNo3jJim0C0jDo1mxs7
TXsCJk00gmn+UOwf6mPrDBT6DCGQ8kKVkadCmH0KqlaWFnWtmYzzDP2Np035Liba
6y9C4/JxwZ7B6ZBrNYuREHfB194PNtPQ99wHA6xEj31C1NDQJlXbhnbuMQTPjUR1
/C7zTTGSClqOnsAI+pOlYQeG4E4u2vRLdAczVDrHTSrJ6oLvTDQAceasFuxO8+Ju
jgbGsp0DHUjL77K7EbwVinEKnK1ldMezI9Rw2dgxypws
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org