Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pemltQieRo7erboJFLuxf7yXRbE.roa
File: pemltQieRo7erboJFLuxf7yXRbE.roa (raw, json)
Hash identifier: 43DNZa3o0AIMzX60NeMGghtruhTNQV25XJc85tOn2Io=
Subject key identifier: A5:E9:A5:B5:08:9E:46:8E:DE:AD:BA:09:14:BB:B1:7F:BC:97:45:B1
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018572B425403DD21DC87B048506966C89D7
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pemltQieRo7erboJFLuxf7yXRbE.roa
Signing time: Mon 02 Jan 2023 13:38:06 +0000
ROA not before: Mon 02 Jan 2023 13:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205421
IP address blocks: 89.46.96.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:25:40:3d:d2:1d:c8:7b:04:85:06:96:6c:89:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 2 13:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5e9a5b5089e468edeadba0914bbb17fbc9745b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:d2:7f:96:ca:7f:b2:5d:f9:22:da:6d:ce:
7c:84:6b:f7:01:e3:4c:15:f6:bb:04:ff:2c:6d:bd:
67:29:31:9f:52:bf:33:5d:c8:bd:f3:ee:ed:e6:10:
4e:81:5c:4e:f7:36:3d:48:eb:17:17:4d:40:64:44:
3f:6f:bb:50:8d:3c:20:f1:04:5c:4c:d5:a5:00:39:
62:ed:02:9d:32:0d:e3:f6:d4:f1:5a:0e:e5:2b:46:
e4:bb:e0:36:70:fd:91:b9:a6:52:7b:ac:e1:86:61:
fa:09:c2:77:c9:70:4c:9e:e1:39:48:d1:84:1f:c0:
2f:b0:ff:3b:05:31:84:0c:54:f3:86:59:6e:5e:51:
45:51:b0:b5:07:4a:f1:0a:46:35:b2:f3:7f:58:08:
12:a8:99:ed:cd:d7:fa:d2:9f:68:3f:66:b4:25:e9:
a9:0f:1e:16:1b:f5:76:a1:b9:2f:44:b3:77:e6:05:
08:0d:6e:f4:98:ca:2e:e4:15:32:f3:19:be:58:91:
e2:43:1f:cb:2e:2b:54:f7:3c:38:5d:5f:19:a8:a0:
a4:d2:84:14:01:4d:f9:cb:33:55:c9:f3:5b:5d:fb:
ee:8c:50:57:f3:52:3d:f2:13:d8:a4:85:b8:3c:5c:
bf:7c:80:9e:56:25:90:3b:46:fe:67:cf:1c:d7:aa:
97:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E9:A5:B5:08:9E:46:8E:DE:AD:BA:09:14:BB:B1:7F:BC:97:45:B1
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/pemltQieRo7erboJFLuxf7yXRbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.96.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0e:12:80:01:9f:0b:5d:a3:52:5a:8c:66:71:77:a2:ad:44:
1a:e0:51:f5:26:46:07:31:15:f1:7e:14:3a:33:74:02:75:40:
a9:a2:52:33:c0:02:80:81:b7:00:ea:62:81:60:39:ad:24:77:
55:cf:e4:b1:02:de:70:03:9d:5c:b4:63:c6:99:24:dd:24:90:
b2:94:46:3b:0d:64:cb:3c:4a:1a:f6:b2:d1:52:1c:56:d1:55:
a9:a2:1b:aa:43:8b:4e:58:3d:1c:42:31:43:00:19:59:fe:a6:
39:85:96:c5:ec:92:0a:e3:39:05:f1:cc:f6:8b:77:bf:e9:b7:
86:ed:60:c6:5f:69:00:75:dc:1e:86:d2:82:c1:4a:8c:dd:34:
04:22:57:e4:97:de:9a:96:20:40:1b:1f:72:19:96:4e:ac:94:
cc:32:a9:30:66:41:81:69:da:95:cb:de:2a:84:1c:0d:c4:16:
b9:18:54:30:5d:d6:3b:b9:bf:34:1e:a8:d3:2f:c3:68:b4:4a:
6a:b7:e9:bd:fe:9d:41:63:c9:e2:31:91:12:f9:f1:7d:a0:66:
0c:4f:04:90:8b:22:82:1e:c2:9e:4b:14:8f:4f:e7:42:39:88:
92:0b:20:b6:ec:a6:3b:a3:bb:29:e2:c8:3f:6b:4d:32:d6:cf:
81:5d:fa:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCVAPdIdyHsEhQaWbInXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTAyMTMzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU5YTViNTA4OWU0NjhlZGVhZGJhMDkxNGJiYjE3ZmJjOTc0NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2HSf5bKf7Jd+SLabc58hGv3AeNM
Ffa7BP8sbb1nKTGfUr8zXci98+7t5hBOgVxO9zY9SOsXF01AZEQ/b7tQjTwg8QRc
TNWlADli7QKdMg3j9tTxWg7lK0bku+A2cP2RuaZSe6zhhmH6CcJ3yXBMnuE5SNGE
H8AvsP87BTGEDFTzhlluXlFFUbC1B0rxCkY1svN/WAgSqJntzdf60p9oP2a0Jemp
Dx4WG/V2obkvRLN35gUIDW70mMou5BUy8xm+WJHiQx/LLitU9zw4XV8ZqKCk0oQU
AU35yzNVyfNbXfvujFBX81I98hPYpIW4PFy/fICeViWQO0b+Z88c16qX8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXppbUInkaO3q26CRS7sX+8l0WxMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvcGVtbHRRaWVSbzdlcmJvSkZMdXhmN3lYUmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBtDhKAAZ8LXaNSWoxmcXeirUQa4FH1JkYHMRXxfhQ6
M3QCdUCpolIzwAKAgbcA6mKBYDmtJHdVz+SxAt5wA51ctGPGmSTdJJCylEY7DWTL
PEoa9rLRUhxW0VWpohuqQ4tOWD0cQjFDABlZ/qY5hZbF7JIK4zkF8cz2i3e/6beG
7WDGX2kAddwehtKCwUqM3TQEIlfkl96aliBAGx9yGZZOrJTMMqkwZkGBadqVy94q
hBwNxBa5GFQwXdY7ub80HqjTL8NotEpqt+m9/p1BY8niMZES+fF9oGYMTwSQiyKC
HsKeSxSPT+dCOYiSCyC27KY7o7sp4sg/a00y1s+BXfr8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org