Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1MDimMZhETzhUmimM_ScVw1COXs.roa
File: 1MDimMZhETzhUmimM_ScVw1COXs.roa (raw, json)
Hash identifier: 1dt17ZzA9t8u8mEeq1FGRxE6ncUx2gunB2HRBBu7GuM=
Subject key identifier: D4:C0:E2:98:C6:61:11:3C:E1:52:68:A6:33:F4:9C:57:0D:42:39:7B
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD50E99B57A06CD3E56CD9785B74F8C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1MDimMZhETzhUmimM_ScVw1COXs.roa
Signing time: Mon 02 Jan 2023 00:15:11 +0000
ROA not before: Mon 02 Jan 2023 00:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 89.40.70.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0e:99:b5:7a:06:cd:3e:56:cd:97:85:b7:4f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4c0e298c661113ce15268a633f49c570d42397b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:fc:8a:96:65:28:e8:e5:79:42:c1:49:96:
81:be:69:f6:d4:bd:7f:20:1f:5b:34:6b:da:7a:52:
a0:51:e0:72:8a:26:b2:af:cd:59:41:aa:bc:b7:fe:
8e:f6:65:b3:83:07:31:89:59:3b:7a:06:b2:0a:93:
44:88:5c:25:3a:20:a1:9a:bd:18:3c:03:49:db:75:
b9:18:87:af:25:63:e8:5c:77:1a:6f:05:69:b4:22:
1d:12:59:03:1f:9c:ec:c8:48:b1:51:13:47:70:49:
2b:7e:fe:7c:e6:02:e4:a3:cd:9c:6f:f8:c5:ee:ff:
4c:a9:15:0c:41:fe:6e:56:14:c3:20:d5:f5:58:54:
9c:3a:9c:0e:3b:f2:fa:11:b7:69:ec:c4:94:d1:77:
47:51:30:92:08:96:97:2a:28:9f:ed:56:46:57:7d:
d9:d3:d8:d8:0d:fb:b5:52:c2:c2:3d:f8:f4:ca:80:
40:60:e0:ae:b3:aa:48:13:86:35:e6:49:ec:73:e6:
cf:fb:ac:5c:ee:29:03:05:18:ad:ca:29:63:8f:3f:
56:47:b3:0a:44:91:48:12:d5:65:ff:e7:d8:45:a8:
09:a9:fa:31:4a:11:7c:2e:db:7d:56:43:06:57:d1:
aa:59:bb:f9:23:0b:a2:64:7f:89:1b:c1:15:c0:68:
b5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C0:E2:98:C6:61:11:3C:E1:52:68:A6:33:F4:9C:57:0D:42:39:7B
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1MDimMZhETzhUmimM_ScVw1COXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
89.45.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:63:48:11:ee:75:e0:21:ed:aa:7b:e9:f5:52:99:bb:ce:54:
3c:f1:1d:78:4d:f0:8c:e8:f1:6c:12:a9:71:1c:85:9b:a4:b9:
ce:5f:ba:5b:b6:87:7c:1a:25:35:60:c9:a0:a1:21:53:a9:db:
d4:d3:c7:8e:ad:44:28:19:b8:3d:c7:48:33:8b:c0:f2:97:2e:
df:2a:b1:dd:47:75:40:1f:fb:b1:29:b9:54:0d:37:fe:12:9b:
0f:2d:54:67:1b:d4:b2:cb:e8:d7:3c:18:ae:08:55:a9:86:33:
e0:fb:27:35:0a:fd:5a:f6:e4:8c:c7:ed:78:ec:15:80:ff:64:
e4:37:d3:9b:0b:9e:b1:23:da:26:de:f3:7a:07:6f:22:18:c9:
5e:d3:cd:06:6f:83:86:20:82:89:c8:35:ab:22:21:07:c9:8d:
86:95:2f:37:7b:bb:58:26:5a:75:6c:74:e5:76:fa:5a:49:ac:
39:96:6c:fa:58:17:41:69:67:83:9b:84:43:87:65:8e:bd:82:
9a:ed:7e:72:69:c0:2f:75:8b:b4:4f:3d:b5:d3:30:06:99:ee:
93:1d:b9:54:a5:56:2c:35:73:4f:da:cb:a0:b4:c7:cb:0e:96:
af:82:ac:6a:fc:2d:e4:2a:d4:07:e9:ca:4b:e0:29:6b:78:36:
4f:d8:6b:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVv1Q6ZtXoGzT5WzZeFt0+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMwZTI5OGM2NjExMTNjZTE1MjY4YTYzM2Y0OWM1NzBkNDIzOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3L8ipZlKOjleULBSZaBvmn21L1/
IB9bNGvaelKgUeByiiayr81ZQaq8t/6O9mWzgwcxiVk7egayCpNEiFwlOiChmr0Y
PANJ23W5GIevJWPoXHcabwVptCIdElkDH5zsyEixURNHcEkrfv585gLko82cb/jF
7v9MqRUMQf5uVhTDINX1WFScOpwOO/L6Ebdp7MSU0XdHUTCSCJaXKiif7VZGV33Z
09jYDfu1UsLCPfj0yoBAYOCus6pIE4Y15knsc+bP+6xc7ikDBRityiljjz9WR7MK
RJFIEtVl/+fYRagJqfoxShF8Ltt9VkMGV9GqWbv5IwuiZH+JG8EVwGi18wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNTA4pjGYRE84VJopjP0nFcNQjl7MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzFNRGltTVpoRVR6aFVtaW1NX1NjVncxQ09Ycy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABZKEYD
BABZLSMwDQYJKoZIhvcNAQELBQADggEBAH5jSBHudeAh7ap76fVSmbvOVDzxHXhN
8Izo8WwSqXEchZukuc5fulu2h3waJTVgyaChIVOp29TTx46tRCgZuD3HSDOLwPKX
Lt8qsd1HdUAf+7EpuVQNN/4Smw8tVGcb1LLL6Nc8GK4IVamGM+D7JzUK/Vr25IzH
7XjsFYD/ZOQ305sLnrEj2ibe83oHbyIYyV7TzQZvg4YggonINasiIQfJjYaVLzd7
u1gmWnVsdOV2+lpJrDmWbPpYF0FpZ4ObhEOHZY69gprtfnJpwC91i7RPPbXTMAaZ
7pMduVSlViw1c0/ay6C0x8sOlq+CrGr8LeQq1AfpykvgKWt4Nk/Ya4Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:24 2025 by rpki-client