Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lJ6S8F-5cjxEcvZSBSvwJTd5pXI.roa
File: lJ6S8F-5cjxEcvZSBSvwJTd5pXI.roa (raw, json)
Hash identifier: XKw4T4tDnoPBOnmpTuzeN4ebEH9KwodAX7FyGM/P/xQ=
Subject key identifier: 94:9E:92:F0:5F:B9:72:3C:44:72:F6:52:05:2B:F0:25:37:79:A5:72
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09A7A2F5
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lJ6S8F-5cjxEcvZSBSvwJTd5pXI.roa
Signing time: Sat 01 Jan 2022 09:56:51 +0000
ROA not before: Sat 01 Jan 2022 09:56:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.46.96.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161981173 (0x9a7a2f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=949e92f05fb9723c4472f652052bf0253779a572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:31:87:79:09:49:58:80:4d:ab:4d:b3:12:
5b:da:af:dc:73:1a:7b:0d:95:1d:c6:1b:57:fe:ba:
b2:d3:67:57:03:82:a4:22:3f:63:85:ad:72:31:ae:
a0:32:d2:a6:32:c0:5f:d6:54:8a:86:1d:a6:dc:4c:
9a:a2:07:07:62:17:ef:f2:28:6e:22:c3:88:39:17:
16:e7:30:8d:bd:13:ce:6f:75:42:4f:bf:09:6b:10:
02:a5:0d:a1:76:f8:f7:25:c9:3f:44:a2:65:b3:65:
8e:22:aa:cc:7c:84:96:59:b5:2d:b6:ff:35:44:43:
e5:9b:73:9a:b7:1c:2c:48:9a:b6:1d:95:64:f2:fe:
e7:78:07:e1:64:16:17:b1:42:93:72:d2:bd:30:93:
3f:a6:d5:d6:eb:16:40:6d:bf:36:58:fd:4a:45:ee:
a3:fb:8f:06:d3:8f:f1:33:9c:a2:0e:9b:9f:cb:d4:
d8:f1:ad:1b:8d:9f:a6:c4:7c:49:d3:47:72:46:ba:
84:9b:47:31:b1:26:02:f5:7c:51:6a:a9:d1:d8:5c:
5c:0d:88:79:8f:5e:6f:5e:90:8d:45:4a:b7:7c:b7:
d3:34:42:02:02:ed:d3:68:c2:c9:6e:65:e5:82:fd:
83:9a:3d:4a:44:0f:81:20:c8:4e:de:54:66:78:8c:
1c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9E:92:F0:5F:B9:72:3C:44:72:F6:52:05:2B:F0:25:37:79:A5:72
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lJ6S8F-5cjxEcvZSBSvwJTd5pXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:0f:a3:a0:d2:45:f7:95:17:07:02:a9:22:38:de:02:4f:c7:
ea:92:d5:6e:68:e6:61:a2:28:47:bf:d6:2e:38:6b:6f:bf:ea:
1a:ec:01:61:4a:04:c5:f3:dc:24:56:ef:93:dd:24:fa:e4:14:
94:e3:c1:3e:5e:19:d8:0b:42:50:c4:09:6f:30:d1:e1:fa:29:
04:50:67:87:cd:68:a4:42:d0:5c:e7:6d:7e:63:4b:c0:c9:da:
ec:11:94:b7:cc:c2:f0:82:4e:d0:82:3f:f8:6f:bb:e9:19:8d:
8c:bc:81:6d:48:b0:b0:45:a9:a9:97:ab:4d:bd:05:43:5b:63:
2c:1f:d0:bb:53:e2:90:fc:37:b8:ed:cb:a2:81:29:67:99:9a:
73:c0:65:df:b7:86:a1:6e:af:7f:b0:be:31:14:e6:79:76:93:
49:7c:1a:b1:ea:8c:9f:a2:2e:f0:4c:60:f0:11:0b:85:00:7f:
c3:d8:b0:a0:8e:bf:0e:c6:c1:cf:d2:94:da:0f:c6:91:ee:38:
59:2a:8b:38:3e:4c:e2:49:7f:be:62:45:36:a6:86:7b:82:6a:
8a:0d:88:61:94:ee:e5:4e:3e:b9:00:67:e9:c5:7c:a0:e6:8a:
a6:4d:21:62:b4:1d:e5:95:3b:ce:56:ea:90:28:d0:93:99:c0:
85:db:05:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaei9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ5ZTkyZjA1ZmI5
NzIzYzQ0NzJmNjUyMDUyYmYwMjUzNzc5YTU3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0JMYd5CUlYgE2rTbMSW9qv3HMaew2VHcYbV/66stNnVwOC
pCI/Y4WtcjGuoDLSpjLAX9ZUioYdptxMmqIHB2IX7/IobiLDiDkXFucwjb0Tzm91
Qk+/CWsQAqUNoXb49yXJP0SiZbNljiKqzHyEllm1Lbb/NURD5ZtzmrccLEiath2V
ZPL+53gH4WQWF7FCk3LSvTCTP6bV1usWQG2/Nlj9SkXuo/uPBtOP8TOcog6bn8vU
2PGtG42fpsR8SdNHcka6hJtHMbEmAvV8UWqp0dhcXA2IeY9eb16QjUVKt3y30zRC
AgLt02jCyW5l5YL9g5o9SkQPgSDITt5UZniMHPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUnpLwX7lyPERy9lIFK/AlN3mlcjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L2xKNlM4Ri01Y2p4RWN2WlNCU3Z3SlRkNXBYSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlkuYDANBgkqhkiG9w0BAQsFAAOC
AQEAHg+joNJF95UXBwKpIjjeAk/H6pLVbmjmYaIoR7/WLjhrb7/qGuwBYUoExfPc
JFbvk90k+uQUlOPBPl4Z2AtCUMQJbzDR4fopBFBnh81opELQXOdtfmNLwMna7BGU
t8zC8IJO0II/+G+76RmNjLyBbUiwsEWpqZerTb0FQ1tjLB/Qu1PikPw3uO3LooEp
Z5mac8Bl37eGoW6vf7C+MRTmeXaTSXwaseqMn6Iu8Exg8BELhQB/w9iwoI6/DsbB
z9KU2g/Gke44WSqLOD5M4kl/vmJFNqaGe4Jqig2IYZTu5U4+uQBn6cV8oOaKpk0h
YrQd5ZU7zlbqkCjQk5nAhdsFwg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org