Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/IByvK286iwk3PdiwL7izXUGni2A.roa
File: IByvK286iwk3PdiwL7izXUGni2A.roa (raw, json)
Hash identifier: KdgyPEbTxcOy1WNcCh7zgr4HhqLOCuYqSf1JUmfxsT0=
Subject key identifier: 20:1C:AF:2B:6F:3A:8B:09:37:3D:D8:B0:2F:B8:B3:5D:41:A7:8B:60
Certificate issuer: /CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Certificate serial: 01856F94D845DBB2A79F3C57A2EA24FBBD11
Authority key identifier: 00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/IByvK286iwk3PdiwL7izXUGni2A.roa
Signing time: Sun 01 Jan 2023 23:05:03 +0000
ROA not before: Sun 01 Jan 2023 23:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61371
IP address blocks: 94.231.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d8:45:db:b2:a7:9f:3c:57:a2:ea:24:fb:bd:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Validity
Not Before: Jan 1 23:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=201caf2b6f3a8b09373dd8b02fb8b35d41a78b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:96:cf:9c:63:06:91:b0:ef:82:16:19:d6:
31:80:28:62:6d:e5:ac:a1:41:38:f3:e8:9f:b0:2d:
6a:8e:9c:0c:9d:95:0d:d2:72:7e:9c:a7:04:9e:0e:
95:26:59:f4:e2:c0:93:92:ba:8d:07:06:aa:30:6b:
a3:ea:f2:fe:a1:53:8b:a8:76:00:9a:90:c4:97:bb:
d1:e7:11:98:42:f5:a9:de:df:20:51:04:17:12:1a:
90:bd:1f:a5:27:45:0d:5a:94:05:85:86:69:74:7d:
95:b8:35:d3:77:92:4a:8d:6d:d4:87:b2:b8:3b:2f:
6c:7f:f2:63:e4:00:15:3b:fb:93:92:d9:0d:28:e8:
e5:ff:76:16:1e:ee:bb:39:6f:42:8e:b1:b8:b2:9f:
c5:88:66:95:b2:49:0f:39:0e:43:62:03:25:07:d7:
1b:22:83:a3:e1:90:c0:de:7b:4f:66:cd:86:54:21:
91:f9:a2:38:fa:f0:7c:a7:1f:d0:b9:a8:63:40:16:
25:ed:92:6e:57:a5:d7:95:8b:e1:4a:b8:e1:5a:23:
56:bc:86:a9:5a:35:18:97:a7:92:dc:aa:51:34:77:
bf:a4:7e:ad:a6:70:7d:2f:88:0e:6c:61:57:87:8d:
1a:88:1a:80:4f:cb:5c:ab:b1:b0:0d:22:c3:a3:df:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1C:AF:2B:6F:3A:8B:09:37:3D:D8:B0:2F:B8:B3:5D:41:A7:8B:60
X509v3 Authority Key Identifier:
keyid:00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/IByvK286iwk3PdiwL7izXUGni2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/AC-m4ZBWg4kFvDK1OrDRBH145NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.39.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:db:af:2a:50:6f:c5:93:0a:08:4c:47:7f:8c:a0:7c:12:96:
83:fc:68:d5:7f:b1:9f:c0:d3:d4:b9:32:10:36:7f:57:ae:f6:
29:bb:1b:4e:4a:c3:6e:bd:c9:cc:2e:68:c3:32:28:ca:e8:15:
7e:14:a4:57:33:41:d5:aa:c8:3b:39:98:24:c7:d4:ce:60:86:
4c:b8:f1:52:26:72:91:82:be:5f:bd:d7:4a:33:17:05:7a:f2:
50:69:37:c0:8d:0f:09:a4:14:a6:cc:92:4c:68:86:23:4c:3e:
13:b7:e2:a2:de:2a:0d:45:2a:46:b7:58:42:bb:1f:58:db:cf:
0f:ba:56:a6:1f:fa:48:20:3b:63:b5:d6:e8:65:48:26:b6:3e:
68:1f:64:08:73:66:a4:45:04:20:62:f8:3d:df:7b:44:3b:17:
21:56:bc:ec:c9:b8:4c:34:c1:06:a0:5b:92:2e:9e:bf:6a:0d:
7d:86:e1:c6:dd:62:a1:d3:b8:8b:bf:26:3d:a6:b7:8a:84:5b:
62:78:bf:20:33:5a:1a:84:ef:1a:c1:3b:5b:d5:75:6d:0c:e9:
5e:0c:44:4f:ea:3d:7d:46:28:7b:4e:12:98:2e:0d:3d:6a:5b:
8c:04:2b:69:62:c2:3b:ec:51:20:ad:2f:34:8e:85:57:65:be:
ee:34:14:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlNhF27KnnzxXouok+70RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmZhNmUxOTA1NjgzODkwNWJjMzJiNTNhYjBkMTA0N2Q3
OGU0ZDQwHhcNMjMwMTAxMjMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFjYWYyYjZmM2E4YjA5MzczZGQ4YjAyZmI4YjM1ZDQxYTc4YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUGWz5xjBpGw74IWGdYxgChibeWs
oUE48+ifsC1qjpwMnZUN0nJ+nKcEng6VJln04sCTkrqNBwaqMGuj6vL+oVOLqHYA
mpDEl7vR5xGYQvWp3t8gUQQXEhqQvR+lJ0UNWpQFhYZpdH2VuDXTd5JKjW3Uh7K4
Oy9sf/Jj5AAVO/uTktkNKOjl/3YWHu67OW9CjrG4sp/FiGaVskkPOQ5DYgMlB9cb
IoOj4ZDA3ntPZs2GVCGR+aI4+vB8px/QuahjQBYl7ZJuV6XXlYvhSrjhWiNWvIap
WjUYl6eS3KpRNHe/pH6tpnB9L4gObGFXh40aiBqAT8tcq7GwDSLDo9/U6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAcrytvOosJNz3YsC+4s11Bp4tgMB8GA1UdIwQY
MBaAFAAvpuGQVoOJBbwytTqw0QR9eOTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQt
ZmJjMzZlNDM0OGY1LzEvSUJ5dksyODZpd2szUGRpd0w3aXpYVUduaTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny84NjZiNmItZjU2Yy00YTJmLTkwMmQtZmJjMzZlNDM0OGY1
LzEvQUMtbTRaQldnNGtGdkRLMU9yRFJCSDE0NU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXucnMA0G
CSqGSIb3DQEBCwUAA4IBAQC6268qUG/FkwoITEd/jKB8EpaD/GjVf7GfwNPUuTIQ
Nn9XrvYpuxtOSsNuvcnMLmjDMijK6BV+FKRXM0HVqsg7OZgkx9TOYIZMuPFSJnKR
gr5fvddKMxcFevJQaTfAjQ8JpBSmzJJMaIYjTD4Tt+Ki3ioNRSpGt1hCux9Y288P
ulamH/pIIDtjtdboZUgmtj5oH2QIc2akRQQgYvg933tEOxchVrzsybhMNMEGoFuS
Lp6/ag19huHG3WKh07iLvyY9preKhFtieL8gM1oahO8awTtb1XVtDOleDERP6j19
Rih7ThKYLg09aluMBCtpYsI77FEgrS80joVXZb7uNBTU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:58 2023 by rpki-client on console-ams.rpki-client.org