Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vju5DfkvQTe20igyB2oKBM8A4g.roa
File: 6vju5DfkvQTe20igyB2oKBM8A4g.roa (raw, json)
Hash identifier: etM7JGqzpHiLHgJY9aXjbAgSDu6WhqFdD1ROCZ+lwRc=
Subject key identifier: EA:F8:EE:E4:37:E4:BD:04:DE:DB:48:A0:C8:1D:A8:28:13:3C:03:88
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 434789A7
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vju5DfkvQTe20igyB2oKBM8A4g.roa
Signing time: Tue 31 May 2022 08:39:14 +0000
ROA not before: Tue 31 May 2022 08:39:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61954
IP address blocks: 89.35.118.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128761767 (0x434789a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 31 08:39:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eaf8eee437e4bd04dedb48a0c81da828133c0388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8f:c9:59:d5:fe:38:69:73:fd:21:3d:b6:15:
82:91:20:f0:e8:ac:17:c4:e5:2f:56:ca:7c:29:a9:
3f:5c:11:21:fa:2c:b4:91:9c:f8:07:4b:64:2f:a9:
ab:82:a5:4f:10:4d:cd:56:72:0a:cd:4a:22:4d:8d:
42:f3:d9:fc:7b:d9:cd:89:94:ac:83:f1:49:ab:4c:
44:a3:72:d9:ee:e7:fa:aa:07:4f:90:8e:30:81:af:
8a:5f:70:4e:e9:80:be:68:f4:15:07:07:bb:5e:8b:
7f:a7:b9:d7:9a:2a:ac:67:a4:13:42:d6:6d:11:27:
a8:4f:68:28:2d:38:53:6c:43:2c:23:eb:77:a8:0b:
60:33:1a:19:75:f3:3b:99:75:a7:68:80:02:4b:bd:
23:5c:04:45:6f:c0:ae:26:71:17:59:31:e7:7b:31:
c1:65:cb:1b:81:b0:dd:f9:6c:fe:2b:d0:b6:fb:94:
76:b6:8d:9a:ce:b0:b2:d8:96:67:7f:9b:40:ca:2f:
dc:6b:e8:55:1d:f2:0f:60:a1:c7:e6:5c:3d:7c:d7:
1a:e8:4b:c9:0d:88:d8:eb:bb:a2:26:99:51:06:17:
fa:2e:fd:64:0b:75:73:bb:af:2f:33:77:80:b0:b2:
f0:27:3a:d5:9e:25:a5:b6:a0:34:5c:e6:19:d0:50:
14:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F8:EE:E4:37:E4:BD:04:DE:DB:48:A0:C8:1D:A8:28:13:3C:03:88
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vju5DfkvQTe20igyB2oKBM8A4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.118.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:a7:c2:29:bc:5a:93:2c:d4:e7:25:8f:d5:7e:06:57:cf:82:
f1:5b:41:8a:53:55:b4:c6:d7:2d:2b:aa:51:e7:62:a0:2d:a0:
42:e3:ed:d2:19:03:59:79:d7:39:4a:5d:1d:72:c9:9c:df:4e:
50:3b:86:8b:f6:af:d3:e9:a2:dc:94:53:f4:82:93:87:42:0e:
8d:b2:e5:16:4d:29:26:0d:fd:49:f4:0c:42:85:b0:79:a2:ae:
36:e1:9e:5a:81:d2:22:e7:55:b2:05:71:82:19:bf:34:31:e1:
82:81:95:50:bf:04:04:c1:eb:8f:8b:8a:9c:09:e0:77:8d:87:
69:6c:c8:65:8e:6f:78:b8:94:02:f3:52:1f:56:52:fd:64:a0:
4a:19:0f:10:bc:53:f6:d1:25:9d:e1:dc:a1:24:07:3a:d6:4e:
b7:23:44:cc:de:99:ba:ef:7d:6d:60:f2:07:de:fd:d0:92:8d:
2c:c0:21:64:5d:ef:ed:58:41:5d:e1:85:5b:7c:a5:8d:59:0f:
30:61:1e:51:11:62:3c:3a:6a:3d:1f:0e:75:35:88:5b:5d:ee:
2b:e7:2c:91:1d:10:0a:35:6d:d2:67:7f:47:9b:f8:91:45:f9:
de:1a:61:18:f6:55:34:1c:5b:4a:c3:70:ea:fb:29:0b:c8:9c:
83:cf:58:66
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQ0eJpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUz
MTA4MzkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFmOGVlZTQzN2U0
YmQwNGRlZGI0OGEwYzgxZGE4MjgxMzNjMDM4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCPyVnV/jhpc/0hPbYVgpEg8OisF8TlL1bKfCmpP1wRIfos
tJGc+AdLZC+pq4KlTxBNzVZyCs1KIk2NQvPZ/HvZzYmUrIPxSatMRKNy2e7n+qoH
T5COMIGvil9wTumAvmj0FQcHu16Lf6e515oqrGekE0LWbREnqE9oKC04U2xDLCPr
d6gLYDMaGXXzO5l1p2iAAku9I1wERW/AriZxF1kx53sxwWXLG4Gw3fls/ivQtvuU
draNms6wstiWZ3+bQMov3GvoVR3yD2Chx+ZcPXzXGuhLyQ2I2Ou7oiaZUQYX+i79
ZAt1c7uvLzN3gLCy8Cc61Z4lpbagNFzmGdBQFOECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTq+O7kN+S9BN7bSKDIHagoEzwDiDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS82dmp1NURma3ZRVGUyMGlneUIyb0tCTThBNGcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSN2MA0GCSqGSIb3DQEBCwUA
A4IBAQCip8IpvFqTLNTnJY/VfgZXz4LxW0GKU1W0xtctK6pR52KgLaBC4+3SGQNZ
edc5Sl0dcsmc305QO4aL9q/T6aLclFP0gpOHQg6NsuUWTSkmDf1J9AxChbB5oq42
4Z5agdIi51WyBXGCGb80MeGCgZVQvwQEweuPi4qcCeB3jYdpbMhljm94uJQC81If
VlL9ZKBKGQ8QvFP20SWd4dyhJAc61k63I0TM3pm6731tYPIH3v3Qko0swCFkXe/t
WEFd4YVbfKWNWQ8wYR5REWI8Omo9Hw51NYhbXe4r5yyRHRAKNW3SZ39Hm/iRRfne
GmEY9lU0HFtKw3Dq+ykLyJyDz1hm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org