Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fFGc8QOX3xKOEjJFeasUJSLzubQ.roa
File: fFGc8QOX3xKOEjJFeasUJSLzubQ.roa (raw, json)
Hash identifier: txCObrhHTnfVyDrZreeIZB45AewOKPE3BTTGT5l7JVo=
Subject key identifier: 7C:51:9C:F1:03:97:DF:12:8E:12:32:45:79:AB:14:25:22:F3:B9:B4
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A40AA43
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fFGc8QOX3xKOEjJFeasUJSLzubQ.roa
Signing time: Thu 24 Feb 2022 23:44:55 +0000
ROA not before: Thu 24 Feb 2022 23:44:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 89.46.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172010051 (0xa40aa43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 24 23:44:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c519cf10397df128e12324579ab142522f3b9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:27:19:8f:00:c0:6d:22:9d:0e:4b:c7:22:d9:
6a:ac:44:c2:bf:c3:4d:ed:24:88:0c:62:66:d4:b4:
2c:1b:33:de:f9:ce:70:af:4a:ce:aa:8a:9a:ec:a0:
0d:fe:92:67:94:b5:a9:69:ed:7a:9c:41:6b:12:5d:
27:71:5a:e9:4b:93:bb:d7:ce:2e:e8:fd:4b:85:d9:
cb:79:35:17:78:0f:94:c3:cd:a4:75:1d:7c:11:c3:
ef:c9:ea:ca:13:8a:7a:8a:54:01:e3:0d:1d:50:98:
bc:24:67:8e:ab:ac:3a:c0:cf:90:3a:e2:63:15:39:
01:1c:3a:7a:a1:34:b4:a7:b7:01:1b:1d:c0:39:12:
ba:d3:8b:b5:fc:8c:10:63:0d:fd:f7:20:4d:83:41:
fe:bc:e3:91:e3:6b:b8:84:d3:66:ac:36:9a:6a:9b:
12:12:ab:5d:11:63:b5:1b:d4:99:2f:dd:1d:16:aa:
70:84:f2:e6:b4:f5:fc:9a:72:92:0a:38:87:f2:a6:
14:dc:67:6d:58:69:53:6b:dd:c0:19:f4:50:f3:52:
02:42:bc:4a:dc:6d:3f:8d:df:51:be:37:f0:e8:85:
2d:a8:78:00:8b:9b:fe:76:07:e5:27:fe:db:9d:46:
32:9c:33:a3:93:f1:5c:fe:0a:76:64:a9:41:5d:6d:
bb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:51:9C:F1:03:97:DF:12:8E:12:32:45:79:AB:14:25:22:F3:B9:B4
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fFGc8QOX3xKOEjJFeasUJSLzubQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7d:d9:d1:80:1d:9d:c0:f4:b9:3b:e6:c8:11:f5:8d:3b:d7:
6b:98:b1:95:fd:af:65:8c:0b:19:3b:11:1c:e5:14:59:ed:aa:
63:65:65:73:e5:e4:44:30:7a:7e:2e:08:af:28:07:8c:2f:52:
a2:6f:38:37:02:6a:f3:8e:50:7f:0f:63:7f:e9:04:e3:fb:5e:
6e:a0:5c:17:57:ab:5f:36:1a:6c:0d:31:3e:81:90:74:22:9c:
26:b8:05:9e:d3:ea:36:73:3f:a4:9e:c3:71:ed:11:09:94:b5:
af:70:2a:17:18:12:99:b9:e1:88:a9:28:a6:2e:4d:c9:c5:9d:
43:6c:4a:71:af:96:fb:93:de:eb:1f:c5:ae:93:23:f6:92:5d:
18:20:94:17:c6:76:13:21:9d:01:06:15:e6:4b:b8:2a:33:94:
db:f8:b8:ca:8f:0f:dd:8f:cf:4a:53:df:73:2d:aa:94:86:de:
0a:f6:4d:9e:ed:25:b6:50:6e:25:f0:f3:50:c0:f8:cc:08:dd:
03:7b:39:81:01:a4:22:eb:6d:22:fe:95:8a:7c:d8:90:67:63:
73:ac:60:9c:37:f5:c8:3d:b4:b6:f7:f9:fc:d4:17:33:45:e7:
b8:ec:87:5e:20:e3:1b:fe:59:c7:42:83:84:ea:1e:d4:11:47:
e2:65:13:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECkCqQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIy
NDIzNDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M1MTljZjEwMzk3
ZGYxMjhlMTIzMjQ1NzlhYjE0MjUyMmYzYjliNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEnGY8AwG0inQ5LxyLZaqxEwr/DTe0kiAxiZtS0LBsz3vnO
cK9KzqqKmuygDf6SZ5S1qWntepxBaxJdJ3Fa6UuTu9fOLuj9S4XZy3k1F3gPlMPN
pHUdfBHD78nqyhOKeopUAeMNHVCYvCRnjqusOsDPkDriYxU5ARw6eqE0tKe3ARsd
wDkSutOLtfyMEGMN/fcgTYNB/rzjkeNruITTZqw2mmqbEhKrXRFjtRvUmS/dHRaq
cITy5rT1/Jpykgo4h/KmFNxnbVhpU2vdwBn0UPNSAkK8StxtP43fUb438OiFLah4
AIub/nYH5Sf+251GMpwzo5PxXP4KdmSpQV1tu98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8UZzxA5ffEo4SMkV5qxQlIvO5tDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L2ZGR2M4UU9YM3hLT0VqSkZlYXNVSlNMenViUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuYDANBgkqhkiG9w0BAQsFAAOC
AQEAF33Z0YAdncD0uTvmyBH1jTvXa5ixlf2vZYwLGTsRHOUUWe2qY2Vlc+XkRDB6
fi4IrygHjC9Som84NwJq845Qfw9jf+kE4/tebqBcF1erXzYabA0xPoGQdCKcJrgF
ntPqNnM/pJ7Dce0RCZS1r3AqFxgSmbnhiKkopi5NycWdQ2xKca+W+5Pe6x/FrpMj
9pJdGCCUF8Z2EyGdAQYV5ku4KjOU2/i4yo8P3Y/PSlPfcy2qlIbeCvZNnu0ltlBu
JfDzUMD4zAjdA3s5gQGkIuttIv6VinzYkGdjc6xgnDf1yD20tvf5/NQXM0XnuOyH
XiDjG/5Zx0KDhOoe1BFH4mUTIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org