Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Fez7HsqmfAn1fWkAwzAconxaaFo.roa
File: Fez7HsqmfAn1fWkAwzAconxaaFo.roa (raw, json)
Hash identifier: 5xNUc4GcpFyI3rn1hVcmIJjfUDYfBN85eCE99ghQD0A=
Subject key identifier: 15:EC:FB:1E:CA:A6:7C:09:F5:7D:69:00:C3:30:1C:A2:7C:5A:68:5A
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 418FDCC8
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Fez7HsqmfAn1fWkAwzAconxaaFo.roa
Signing time: Sat 01 Jan 2022 10:06:02 +0000
ROA not before: Sat 01 Jan 2022 10:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50886
IP address blocks: 188.214.32.0/21 maxlen: 24
89.39.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099947208 (0x418fdcc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 10:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15ecfb1ecaa67c09f57d6900c3301ca27c5a685a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3d:2d:ec:ed:e9:39:15:27:47:e8:b9:f0:93:
b1:9f:a7:e9:f6:ee:76:d1:f4:88:e4:72:39:c0:10:
55:a5:4b:9c:13:87:99:2b:d0:fe:4f:1c:4e:88:2c:
f0:03:64:72:93:d1:96:06:34:62:61:41:64:c2:7e:
36:88:08:b3:8d:53:af:f4:bf:1f:4b:de:b2:45:d4:
fb:26:81:02:03:a7:74:43:c0:9b:7f:79:a5:77:3c:
71:12:de:ff:2d:9d:25:ea:1e:60:9d:7a:6f:24:31:
5c:f8:a3:c3:d9:69:8e:e2:d8:ab:b5:b3:f4:15:0c:
08:86:34:38:0c:db:c4:2a:8f:88:9a:12:a3:8a:76:
48:8e:b1:50:fc:ee:f8:60:89:26:cc:4a:a6:55:26:
b1:53:e1:81:45:95:e1:c4:e9:de:d3:5d:ab:c6:14:
46:28:ab:26:14:57:bf:50:97:b5:9c:eb:3a:eb:a3:
0a:f3:4c:4b:2d:2a:88:c8:c3:02:d7:2e:03:26:dc:
e5:10:35:27:1b:4e:3e:54:d3:6f:ae:a3:59:3e:c2:
d4:1f:cf:37:d3:d1:b7:62:25:89:7b:44:48:1b:dd:
71:9c:84:72:32:9b:4d:97:9d:7a:4a:68:2c:a9:81:
a0:47:10:c6:03:df:69:14:2a:e8:85:76:42:6d:01:
09:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EC:FB:1E:CA:A6:7C:09:F5:7D:69:00:C3:30:1C:A2:7C:5A:68:5A
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Fez7HsqmfAn1fWkAwzAconxaaFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.125.0/24
188.214.32.0/21
Signature Algorithm: sha256WithRSAEncryption
05:70:35:77:79:ed:4a:32:8d:a0:03:0c:d4:35:af:ef:8d:e6:
31:52:2f:25:54:00:a9:5a:85:2a:21:c4:e9:51:2b:21:c4:59:
a6:cd:33:a2:f8:a5:7c:00:5e:e4:69:7b:4f:c5:ab:23:8f:03:
75:03:94:c4:38:b7:2e:75:99:1c:51:25:6a:03:ce:24:45:c2:
4b:79:6b:32:93:04:ab:19:8a:8a:88:3b:e1:49:06:c9:65:2e:
ff:c9:90:58:77:54:6d:4e:18:bb:19:1d:61:fe:2e:29:b9:97:
72:64:38:3e:f7:6c:8c:b3:08:54:de:15:42:59:16:4b:76:28:
6b:4c:77:1d:58:3f:58:aa:bc:65:76:a1:87:93:d2:3d:fe:74:
a3:72:3a:d2:78:01:19:4c:8f:a6:47:db:94:9f:f2:e8:15:6d:
45:45:fe:ce:8e:91:ae:30:fc:6f:fd:52:06:46:19:d0:c2:bb:
d7:52:99:11:88:34:b1:e3:76:80:bf:6b:c7:88:65:ee:3d:1e:
6e:e1:90:7b:68:02:5a:8a:89:b9:14:5d:58:7b:db:43:6a:14:
b1:9d:90:b7:28:f9:a3:48:0e:46:d4:37:d1:02:86:4d:7e:d1:
ab:56:8a:e1:ff:56:66:c4:23:21:cf:8c:ea:ce:c9:b9:81:c5:
87:57:43:4e
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEQY/cyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDEw
MTEwMDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTVlY2ZiMWVjYWE2
N2MwOWY1N2Q2OTAwYzMzMDFjYTI3YzVhNjg1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQ9Lezt6TkVJ0foufCTsZ+n6fbudtH0iORyOcAQVaVLnBOH
mSvQ/k8cTogs8ANkcpPRlgY0YmFBZMJ+NogIs41Tr/S/H0veskXU+yaBAgOndEPA
m395pXc8cRLe/y2dJeoeYJ16byQxXPijw9lpjuLYq7Wz9BUMCIY0OAzbxCqPiJoS
o4p2SI6xUPzu+GCJJsxKplUmsVPhgUWV4cTp3tNdq8YURiirJhRXv1CXtZzrOuuj
CvNMSy0qiMjDAtcuAybc5RA1JxtOPlTTb66jWT7C1B/PN9PRt2IliXtESBvdcZyE
cjKbTZedekpoLKmBoEcQxgPfaRQq6IV2Qm0BCecCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQV7PseyqZ8CfV9aQDDMByifFpoWjAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9GZXo3SHNxbWZBbjFmV2tBd3pBY29ueGFhRm8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSd9AwQDvNYgMA0GCSqGSIb3
DQEBCwUAA4IBAQAFcDV3ee1KMo2gAwzUNa/vjeYxUi8lVACpWoUqIcTpUSshxFmm
zTOi+KV8AF7kaXtPxasjjwN1A5TEOLcudZkcUSVqA84kRcJLeWsykwSrGYqKiDvh
SQbJZS7/yZBYd1RtThi7GR1h/i4puZdyZDg+92yMswhU3hVCWRZLdihrTHcdWD9Y
qrxldqGHk9I9/nSjcjrSeAEZTI+mR9uUn/LoFW1FRf7OjpGuMPxv/VIGRhnQwrvX
UpkRiDSx43aAv2vHiGXuPR5u4ZB7aAJaiom5FF1Ye9tDahSxnZC3KPmjSA5G1DfR
AoZNftGrVorh/1ZmxCMhz4zqzsm5gcWHV0NO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:49 2023 by rpki-client on console-ams.rpki-client.org