Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/cCmL43xoGdb55WNVGYsAhu3rxXA.roa
File: cCmL43xoGdb55WNVGYsAhu3rxXA.roa (raw, json)
Hash identifier: zIt/mW4SZa08ly3bucSaKdPv0LfXvrzuIYkIJKWG00k=
Subject key identifier: 70:29:8B:E3:7C:68:19:D6:F9:E5:63:55:19:8B:00:86:ED:EB:C5:70
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 01842D3C85036BA01804B5594C980C900906
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/cCmL43xoGdb55WNVGYsAhu3rxXA.roa
Signing time: Mon 31 Oct 2022 08:50:51 +0000
ROA not before: Mon 31 Oct 2022 08:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212669
IP address blocks: 89.46.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:3c:85:03:6b:a0:18:04:b5:59:4c:98:0c:90:09:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Oct 31 08:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70298be37c6819d6f9e56355198b0086edebc570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:25:1f:1d:01:2a:07:ba:d9:74:f8:61:10:51:
c9:e0:2e:3f:e3:37:a5:02:19:ca:ce:49:34:7f:ae:
3f:a8:2e:c2:c5:84:9d:79:7f:64:f2:64:65:a6:ae:
11:46:ef:65:31:c9:da:14:cd:8f:74:c5:0b:35:1f:
0c:9b:c0:f4:35:03:67:12:5e:3f:b6:d3:08:e2:d9:
bf:3e:d8:b2:c1:eb:9d:f0:25:9e:05:4e:01:87:bf:
d0:b2:18:13:95:95:6d:8c:6d:ac:3d:88:a1:3a:4f:
cd:26:8c:00:18:21:2f:29:31:b9:11:5a:25:b6:7c:
38:e0:de:af:5c:3c:cf:c3:24:35:9e:e7:5b:a2:26:
95:52:2c:d8:ba:81:aa:45:fa:52:2e:08:c9:55:00:
54:5b:5f:da:05:4e:1d:ee:f9:d9:0f:ca:33:80:22:
9b:95:b1:f6:69:2a:8e:17:14:aa:47:6d:11:01:6a:
f2:c0:ab:48:d5:14:dc:17:f6:7c:a6:91:35:a5:61:
d5:cf:42:dd:24:af:6f:45:9c:70:82:12:2c:e9:d7:
67:ed:bd:8f:12:1e:bd:cd:47:fe:dc:5d:c9:88:e6:
8d:1b:f0:ef:c8:6a:07:11:78:56:77:d6:34:80:ac:
fd:17:98:57:b9:38:4a:ea:ee:b6:00:91:de:f8:57:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:29:8B:E3:7C:68:19:D6:F9:E5:63:55:19:8B:00:86:ED:EB:C5:70
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/cCmL43xoGdb55WNVGYsAhu3rxXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.97.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ce:c7:02:42:46:5a:14:17:08:49:50:b8:3c:33:27:46:83:
88:ff:c5:55:c9:7a:1a:4a:2b:c7:c0:cd:6f:de:ec:43:8a:c0:
ac:46:8f:c2:33:6b:bf:04:aa:21:67:fe:50:4f:79:50:11:7c:
29:3b:7c:17:bd:fe:ef:3d:74:29:f0:95:bd:9b:41:76:9c:cc:
51:c1:c9:4b:98:d1:0e:25:44:4c:3f:a9:61:5b:59:ca:68:cd:
1a:ce:5e:b0:4f:8e:b7:9d:90:4b:cb:6a:6c:52:97:5d:53:bd:
ee:81:3a:6b:fb:cd:d5:06:a8:21:b8:80:c2:64:ca:3c:74:06:
5d:37:3a:59:72:89:d5:f5:b5:f8:4d:3c:9e:96:f8:71:51:a1:
a1:05:e8:40:8e:9a:7b:c1:b0:32:3c:07:93:73:cb:6b:cd:6c:
2c:6c:2a:f4:e2:a8:ab:21:55:31:4b:53:ad:c0:6e:6b:b5:ae:
fd:e0:7e:1b:d5:90:88:10:6e:c2:cd:70:89:f0:b5:2d:42:89:
58:6a:0f:e9:d3:4c:0c:e2:45:35:b7:99:01:3e:a6:71:80:32:
e0:70:33:0c:79:98:6c:bd:5b:ec:7d:aa:bf:03:fe:18:6f:b9:
8b:22:90:54:be:c6:9d:ab:5c:7b:b5:f7:c9:d2:ca:8b:01:49:
2f:c2:7e:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtPIUDa6AYBLVZTJgMkAkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMDMxMDg1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDI5OGJlMzdjNjgxOWQ2ZjllNTYzNTUxOThiMDA4NmVkZWJjNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCUfHQEqB7rZdPhhEFHJ4C4/4zel
AhnKzkk0f64/qC7CxYSdeX9k8mRlpq4RRu9lMcnaFM2PdMULNR8Mm8D0NQNnEl4/
ttMI4tm/Ptiyweud8CWeBU4Bh7/QshgTlZVtjG2sPYihOk/NJowAGCEvKTG5EVol
tnw44N6vXDzPwyQ1nudboiaVUizYuoGqRfpSLgjJVQBUW1/aBU4d7vnZD8ozgCKb
lbH2aSqOFxSqR20RAWrywKtI1RTcF/Z8ppE1pWHVz0LdJK9vRZxwghIs6ddn7b2P
Eh69zUf+3F3JiOaNG/DvyGoHEXhWd9Y0gKz9F5hXuThK6u62AJHe+FeeDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHApi+N8aBnW+eVjVRmLAIbt68VwMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvY0NtTDQzeG9HZGI1NVdOVkdZc0FodTNyeFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS5hMA0G
CSqGSIb3DQEBCwUAA4IBAQBCzscCQkZaFBcISVC4PDMnRoOI/8VVyXoaSivHwM1v
3uxDisCsRo/CM2u/BKohZ/5QT3lQEXwpO3wXvf7vPXQp8JW9m0F2nMxRwclLmNEO
JURMP6lhW1nKaM0azl6wT463nZBLy2psUpddU73ugTpr+83VBqghuIDCZMo8dAZd
NzpZconV9bX4TTyelvhxUaGhBehAjpp7wbAyPAeTc8trzWwsbCr04qirIVUxS1Ot
wG5rta794H4b1ZCIEG7CzXCJ8LUtQolYag/p00wM4kU1t5kBPqZxgDLgcDMMeZhs
vVvsfaq/A/4Yb7mLIpBUvsadq1x7tffJ0sqLAUkvwn6O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org