Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ZoWGfzOBGMYUilrFk54ZEUfZFnE.roa
File: ZoWGfzOBGMYUilrFk54ZEUfZFnE.roa (raw, json)
Hash identifier: Ib2IUNO3tuWhW6j04f8YZ4u9Ch4XxsTuymCDzu0Xs+A=
Subject key identifier: 66:85:86:7F:33:81:18:C6:14:8A:5A:C5:93:9E:19:11:47:D9:16:71
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AA14A5
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ZoWGfzOBGMYUilrFk54ZEUfZFnE.roa
Signing time: Sat 01 Jan 2022 09:56:53 +0000
ROA not before: Sat 01 Jan 2022 09:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 89.46.98.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162141349 (0x9aa14a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6685867f338118c6148a5ac5939e191147d91671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:df:74:9d:6f:10:28:5c:c3:4e:7e:a3:61:fd:
0d:e7:a5:ea:1a:a8:fb:12:02:be:d4:47:18:1f:30:
a4:25:e6:97:21:4e:5f:5f:1a:7f:37:28:fe:37:42:
59:02:75:5f:f3:72:7f:ba:d5:75:6b:20:db:1d:c1:
40:77:1e:92:9d:03:e7:71:70:10:db:c9:e7:b1:58:
be:3d:ea:fa:2b:f3:32:da:35:7a:59:56:23:1d:73:
a0:59:d1:f1:e7:93:4e:f5:50:3f:44:b3:60:63:14:
a2:d1:6f:85:57:b5:8d:ac:8e:1f:b3:ac:69:91:ab:
4d:aa:59:90:82:49:eb:a9:f4:80:3b:9a:fb:a6:7d:
a4:09:47:4c:ca:bc:48:2a:60:53:d4:0f:51:d2:44:
2e:8f:ac:57:97:4e:60:49:11:d0:3a:5b:5d:c7:29:
fe:64:cb:26:75:83:70:58:fa:21:24:4f:ff:d6:93:
22:44:cd:97:a3:2d:c9:be:b8:0d:5d:fc:94:84:22:
c5:5d:61:ec:8e:4a:0a:0e:8c:a0:87:3a:f9:94:46:
68:a8:d8:f7:93:d6:5d:86:46:ea:15:68:3b:97:09:
a0:7f:d5:10:31:95:9a:52:55:4e:9f:7b:9d:39:7c:
48:c1:26:06:7d:aa:99:e5:10:8b:f9:5f:08:b5:54:
be:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:85:86:7F:33:81:18:C6:14:8A:5A:C5:93:9E:19:11:47:D9:16:71
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ZoWGfzOBGMYUilrFk54ZEUfZFnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.98.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:4f:09:ec:7b:ff:70:09:9c:90:95:a6:ce:b0:07:15:69:32:
d8:64:dd:24:29:71:2d:49:8f:eb:3b:25:cc:82:7c:8c:fa:1d:
c9:f6:d3:21:81:33:5a:08:6e:df:cd:de:df:ef:9b:ce:f9:f7:
22:cb:00:17:3c:42:dd:31:3f:87:17:78:fe:fb:a6:26:a2:67:
86:07:d3:f4:1d:7a:bf:f1:e8:16:74:82:da:94:b1:79:5e:54:
8e:0a:52:e2:be:a5:ca:de:00:fa:69:ad:b8:8a:e0:95:ae:35:
a9:d3:0a:72:b4:ab:ed:07:6b:05:37:58:6a:8b:5f:bf:5c:20:
3e:f4:75:c5:58:b4:aa:e8:e6:4a:88:6c:9c:e4:7b:7e:0b:2c:
f5:16:92:2e:8c:61:ef:d6:a8:e5:90:c7:78:e4:61:a5:91:eb:
3c:18:f2:6e:25:d4:78:70:9f:41:75:d5:2c:6f:bb:8a:a4:44:
13:a6:64:5c:e3:71:ef:c9:de:1b:f4:23:45:b1:19:5c:18:99:
14:7a:be:5c:c1:e9:38:fd:17:c2:c1:be:cc:d2:f6:0b:83:51:
2b:63:ad:36:15:cd:a7:b8:0f:45:54:e6:63:2a:46:79:83:ea:
b1:f4:cc:df:88:de:c9:b7:74:31:e6:2d:cb:70:1d:4e:03:ea:
7b:6a:62:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaoUpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4NTg2N2YzMzgx
MThjNjE0OGE1YWM1OTM5ZTE5MTE0N2Q5MTY3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLfdJ1vEChcw05+o2H9Deel6hqo+xICvtRHGB8wpCXmlyFO
X18afzco/jdCWQJ1X/Nyf7rVdWsg2x3BQHcekp0D53FwENvJ57FYvj3q+ivzMto1
ellWIx1zoFnR8eeTTvVQP0SzYGMUotFvhVe1jayOH7OsaZGrTapZkIJJ66n0gDua
+6Z9pAlHTMq8SCpgU9QPUdJELo+sV5dOYEkR0DpbXccp/mTLJnWDcFj6ISRP/9aT
IkTNl6Mtyb64DV38lIQixV1h7I5KCg6MoIc6+ZRGaKjY95PWXYZG6hVoO5cJoH/V
EDGVmlJVTp97nTl8SMEmBn2qmeUQi/lfCLVUvpkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmhYZ/M4EYxhSKWsWTnhkRR9kWcTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1pvV0dmek9CR01ZVWlsckZrNTRaRVVmWkZuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVkuYjANBgkqhkiG9w0BAQsFAAOC
AQEAjU8J7Hv/cAmckJWmzrAHFWky2GTdJClxLUmP6zslzIJ8jPodyfbTIYEzWghu
383e3++bzvn3IssAFzxC3TE/hxd4/vumJqJnhgfT9B16v/HoFnSC2pSxeV5UjgpS
4r6lyt4A+mmtuIrgla41qdMKcrSr7QdrBTdYaotfv1wgPvR1xVi0qujmSohsnOR7
fgss9RaSLoxh79ao5ZDHeORhpZHrPBjybiXUeHCfQXXVLG+7iqREE6ZkXONx78ne
G/QjRbEZXBiZFHq+XMHpOP0XwsG+zNL2C4NRK2OtNhXNp7gPRVTmYypGeYPqsfTM
34jeybd0MeYty3AdTgPqe2pinA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org