Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Di6fxFMWg14j4Ku-jdUJF4Q40Xs.roa
File: Di6fxFMWg14j4Ku-jdUJF4Q40Xs.roa (raw, json)
Hash identifier: ZDs+1o7rIO5eG2aKJuYeZ7Lg6AvWXcZRCHmWto37nDg=
Subject key identifier: 0E:2E:9F:C4:53:16:83:5E:23:E0:AB:BE:8D:D5:09:17:84:38:D1:7B
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD52366FAC13DA5E74BC8FBECD5AAD1
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Di6fxFMWg14j4Ku-jdUJF4Q40Xs.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48063
IP address blocks: 86.106.188.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:23:66:fa:c1:3d:a5:e7:4b:c8:fb:ec:d5:aa:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e2e9fc45316835e23e0abbe8dd509178438d17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:02:58:ce:66:b1:4c:48:97:1b:f1:78:f3:d8:
c9:ab:68:28:d8:20:9d:e3:dd:61:61:e6:6f:09:e7:
40:62:c2:48:db:fd:cc:9d:0e:8a:2b:3f:4a:49:98:
99:dc:46:3a:a5:96:43:d2:d3:c7:7c:b3:be:66:5e:
ec:79:fa:f1:86:fb:87:9c:71:6b:66:f5:6c:1c:65:
07:e3:8a:8a:2a:5c:ee:86:8e:a8:c2:8c:e9:c3:0c:
ba:38:a1:08:3a:6a:fb:c6:67:36:28:cb:4f:70:9c:
a3:9c:c1:6b:23:ce:4c:42:13:24:91:d9:08:57:65:
81:52:d7:74:9c:f8:ff:89:c1:ed:ed:cc:f4:4b:47:
45:7d:84:8c:7b:b8:93:d5:ac:e3:a6:8f:9d:c9:bb:
82:2f:8e:cb:04:9a:1c:71:b9:88:6f:c6:5d:af:0a:
7e:62:1e:18:a0:38:c0:2d:ee:5f:3b:cc:25:9d:07:
80:a5:c0:d3:35:a7:95:a3:93:5e:75:52:91:99:d0:
18:6c:26:0a:7a:4b:98:df:7b:d7:7e:ed:4c:4e:4a:
74:d9:92:8f:31:72:a4:fb:5e:57:78:dc:32:d5:27:
7b:fb:0b:8d:c1:8b:2d:83:49:c6:21:e8:c2:31:d1:
75:3b:7e:42:c9:e4:94:2f:e0:05:77:fa:b3:a0:72:
13:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2E:9F:C4:53:16:83:5E:23:E0:AB:BE:8D:D5:09:17:84:38:D1:7B
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Di6fxFMWg14j4Ku-jdUJF4Q40Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.188.0/22
Signature Algorithm: sha256WithRSAEncryption
24:83:3f:6c:b0:eb:e9:e1:a2:cc:b6:f5:54:a2:1d:c5:ab:73:
30:71:a1:05:cf:cd:73:01:ab:4f:24:c1:39:c2:26:0d:86:08:
ec:cb:a4:4c:2c:12:6d:0b:db:ab:5e:53:ae:c7:ae:e0:84:97:
86:c0:8d:3b:a9:fb:3c:f2:53:57:65:63:5d:88:4e:1b:65:3a:
e6:0e:ed:b5:86:68:f5:de:20:59:1b:85:bb:53:8d:21:c2:1a:
ff:9a:67:d2:0c:da:32:33:fb:8d:22:57:da:0a:bc:09:5b:69:
5b:33:36:21:69:23:c4:15:93:1a:ce:94:5b:4c:d0:00:a1:32:
29:14:7f:ed:b1:0e:ce:5f:84:8f:7a:f2:52:e9:b0:b9:2f:ed:
dd:74:cf:3a:5e:ca:f8:e7:7c:ac:e8:9b:7c:4e:5c:dd:87:53:
ae:42:dc:55:30:2e:bb:a2:8a:7e:df:57:c2:0c:3e:1e:4b:76:
2d:e0:42:00:94:82:39:16:75:ed:b3:eb:ea:a1:34:06:c9:97:
68:2c:be:3f:85:d8:79:73:81:4c:90:44:6c:5f:5f:49:1e:ad:
60:36:fe:06:09:6e:3a:39:40:e3:9a:df:be:6a:f2:f2:b4:b1:
32:72:63:88:a3:d1:e6:c9:1c:1d:55:4d:7f:a1:6b:32:4b:bc:
e1:10:d8:3b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1SNm+sE9pedLyPvs1arRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJlOWZjNDUzMTY4MzVlMjNlMGFiYmU4ZGQ1MDkxNzg0MzhkMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwJYzmaxTEiXG/F489jJq2go2CCd
491hYeZvCedAYsJI2/3MnQ6KKz9KSZiZ3EY6pZZD0tPHfLO+Zl7sefrxhvuHnHFr
ZvVsHGUH44qKKlzuho6owozpwwy6OKEIOmr7xmc2KMtPcJyjnMFrI85MQhMkkdkI
V2WBUtd0nPj/icHt7cz0S0dFfYSMe7iT1azjpo+dybuCL47LBJoccbmIb8Zdrwp+
Yh4YoDjALe5fO8wlnQeApcDTNaeVo5NedVKRmdAYbCYKekuY33vXfu1MTkp02ZKP
MXKk+15XeNwy1Sd7+wuNwYstg0nGIejCMdF1O35CyeSUL+AFd/qzoHITzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA4un8RTFoNeI+Crvo3VCReEONF7MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0RpNmZ4Rk1XZzE0ajRLdS1qZFVKRjRRNDBYcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJWarww
DQYJKoZIhvcNAQELBQADggEBACSDP2yw6+nhosy29VSiHcWrczBxoQXPzXMBq08k
wTnCJg2GCOzLpEwsEm0L26teU67HruCEl4bAjTup+zzyU1dlY12IThtlOuYO7bWG
aPXeIFkbhbtTjSHCGv+aZ9IM2jIz+40iV9oKvAlbaVszNiFpI8QVkxrOlFtM0ACh
MikUf+2xDs5fhI968lLpsLkv7d10zzpeyvjnfKzom3xOXN2HU65C3FUwLruiin7f
V8IMPh5Ldi3gQgCUgjkWde2z6+qhNAbJl2gsvj+F2HlzgUyQRGxfX0kerWA2/gYJ
bjo5QOOa375q8vK0sTJyY4ij0ebJHB1VTX+hazJLvOEQ2Ds=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org