Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1801b6-cf49-4405-970d-cf9e8c6a412e/1/67nkUGm0f18R-AlOB1PJ5p-8u5s.roa
File: 67nkUGm0f18R-AlOB1PJ5p-8u5s.roa (raw, json)
Hash identifier: PvGFzlwg4Nr2GuuKCmm36LS9R9yGQNkvZXkbGeRf6b4=
Subject key identifier: EB:B9:E4:50:69:B4:7F:5F:11:F8:09:4E:07:53:C9:E6:9F:BC:BB:9B
Certificate issuer: /CN=0af378cf73de8f0e272a55f75db0098036ec5680
Certificate serial: 0503C8DE
Authority key identifier: 0A:F3:78:CF:73:DE:8F:0E:27:2A:55:F7:5D:B0:09:80:36:EC:56:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvN4z3Pejw4nKlX3XbAJgDbsVoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1801b6-cf49-4405-970d-cf9e8c6a412e/1/67nkUGm0f18R-AlOB1PJ5p-8u5s.roa
Signing time: Sat 01 Jan 2022 09:01:59 +0000
ROA not before: Sat 01 Jan 2022 09:01:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209810
IP address blocks: 176.118.170.0/23 maxlen: 23
89.190.128.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84134110 (0x503c8de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af378cf73de8f0e272a55f75db0098036ec5680
Validity
Not Before: Jan 1 09:01:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebb9e45069b47f5f11f8094e0753c9e69fbcbb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:78:32:5f:b7:fa:35:01:69:33:03:41:4e:10:
d2:1b:67:d5:34:7c:c4:37:f7:f3:6c:d0:2a:f3:80:
84:13:5c:24:8a:87:f7:12:0b:55:06:fc:57:b5:a0:
fc:5e:e0:bc:43:5d:cc:a1:97:15:cf:ea:6f:0b:5e:
21:4e:73:6c:b3:ae:81:29:6a:c9:ee:a1:8d:05:bc:
54:8e:b7:f6:42:21:d1:72:0d:c3:97:88:14:e0:6d:
08:ae:8b:dd:43:80:b2:2d:9f:c0:32:26:15:e6:6f:
39:5c:ea:d6:31:e4:ef:b1:1d:a7:ab:18:46:3f:f4:
45:2b:8d:02:69:94:c4:70:f8:a2:d0:79:9a:09:5b:
21:32:f8:ac:65:9c:66:f7:86:9f:45:af:72:d1:42:
6b:78:15:68:14:3b:a1:a2:f9:a4:ed:ee:91:f9:53:
d8:ec:ae:bf:cc:4e:47:2b:5c:ba:ae:5c:a0:1c:52:
46:da:fb:7e:c0:d3:a1:ca:58:26:85:ab:df:14:d8:
d7:87:be:7f:92:d3:d0:5d:ed:4b:10:8e:9c:3c:61:
58:50:6f:cd:fd:07:5a:33:d1:6c:85:e0:ca:78:3d:
42:69:9b:4b:48:84:94:1d:a5:02:2d:cc:38:95:2e:
47:20:5b:6b:32:5c:44:8d:58:28:00:6d:ad:48:c0:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B9:E4:50:69:B4:7F:5F:11:F8:09:4E:07:53:C9:E6:9F:BC:BB:9B
X509v3 Authority Key Identifier:
keyid:0A:F3:78:CF:73:DE:8F:0E:27:2A:55:F7:5D:B0:09:80:36:EC:56:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvN4z3Pejw4nKlX3XbAJgDbsVoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1801b6-cf49-4405-970d-cf9e8c6a412e/1/67nkUGm0f18R-AlOB1PJ5p-8u5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1801b6-cf49-4405-970d-cf9e8c6a412e/1/CvN4z3Pejw4nKlX3XbAJgDbsVoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.128.0/22
176.118.170.0/23
Signature Algorithm: sha256WithRSAEncryption
73:7e:f4:cd:8c:67:fe:b3:5e:e7:84:29:48:67:ec:c6:e5:d1:
1d:6e:d2:22:1c:0e:55:a0:d6:c0:88:4b:60:47:28:64:1a:25:
e2:32:6b:8a:86:5b:6c:e8:41:21:57:e7:64:3c:31:54:74:6d:
7c:0b:19:f0:7d:7c:62:1d:5c:fa:48:df:e7:87:e8:33:75:d3:
7b:9a:f3:d0:6f:31:f7:51:77:04:9a:de:40:1a:d8:3a:6c:bd:
aa:38:7b:53:f3:a9:06:18:84:56:13:f8:56:50:00:b2:5f:fb:
ac:06:b3:76:5e:47:9d:56:26:46:d4:20:11:eb:50:75:a3:08:
5b:f5:f7:53:79:45:81:90:30:9b:2b:b0:93:04:29:2a:76:3a:
42:21:17:ac:ca:f2:92:27:7b:76:5d:2a:88:7e:45:b2:91:b6:
2d:df:3b:a0:aa:f0:c1:22:c5:da:19:6b:b0:0b:21:2d:68:94:
9d:34:80:7a:cb:4f:3c:a1:bd:68:f7:0b:8e:b9:b6:6b:94:0d:
18:0d:b2:76:85:1c:d6:ee:13:51:f6:3b:8e:4a:15:2b:fa:00:
d3:d7:87:91:52:66:71:e4:23:08:af:a5:79:37:b4:84:bb:9d:
64:b9:5c:29:e2:70:85:ce:69:00:df:4c:ab:de:25:6a:cb:6c:
0f:1e:75:74
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBQPI3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWYzNzhjZjczZGU4ZjBlMjcyYTU1Zjc1ZGIwMDk4MDM2ZWM1NjgwMB4XDTIyMDEw
MTA5MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJiOWU0NTA2OWI0
N2Y1ZjExZjgwOTRlMDc1M2M5ZTY5ZmJjYmI5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANF4Ml+3+jUBaTMDQU4Q0htn1TR8xDf382zQKvOAhBNcJIqH
9xILVQb8V7Wg/F7gvENdzKGXFc/qbwteIU5zbLOugSlqye6hjQW8VI639kIh0XIN
w5eIFOBtCK6L3UOAsi2fwDImFeZvOVzq1jHk77Edp6sYRj/0RSuNAmmUxHD4otB5
mglbITL4rGWcZveGn0WvctFCa3gVaBQ7oaL5pO3ukflT2Oyuv8xORytcuq5coBxS
Rtr7fsDTocpYJoWr3xTY14e+f5LT0F3tSxCOnDxhWFBvzf0HWjPRbIXgyng9Qmmb
S0iElB2lAi3MOJUuRyBbazJcRI1YKABtrUjAU10CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTrueRQabR/XxH4CU4HU8nmn7y7mzAfBgNVHSMEGDAWgBQK83jPc96PDicq
VfddsAmANuxWgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N2TjR6M1Blanc0bktsWDNYYkFKZ0Ric1ZvQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMTgwMWI2LWNmNDktNDQwNS05NzBkLWNmOWU4YzZhNDEyZS8x
LzY3bmtVR20wZjE4Ui1BbE9CMVBKNXAtOHU1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MTgwMWI2LWNmNDktNDQwNS05NzBkLWNmOWU4YzZhNDEyZS8xL0N2TjR6M1Blanc0
bktsWDNYYkFKZ0Ric1ZvQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlm+gAMEAbB2qjANBgkqhkiG9w0B
AQsFAAOCAQEAc370zYxn/rNe54QpSGfsxuXRHW7SIhwOVaDWwIhLYEcoZBol4jJr
ioZbbOhBIVfnZDwxVHRtfAsZ8H18Yh1c+kjf54foM3XTe5rz0G8x91F3BJreQBrY
Omy9qjh7U/OpBhiEVhP4VlAAsl/7rAazdl5HnVYmRtQgEetQdaMIW/X3U3lFgZAw
myuwkwQpKnY6QiEXrMrykid7dl0qiH5FspG2Ld87oKrwwSLF2hlrsAshLWiUnTSA
estPPKG9aPcLjrm2a5QNGA2ydoUc1u4TUfY7jkoVK/oA09eHkVJmceQjCK+leTe0
hLudZLlcKeJwhc5pAN9Mq94lastsDx51dA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:28 2023 by rpki-client on console-ams.rpki-client.org