Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Z4RWmp-iEiS_lHXyQiF6vDvXuRg.roa
File: Z4RWmp-iEiS_lHXyQiF6vDvXuRg.roa (raw, json)
Hash identifier: XIxurDwB88rrA/FwK6xn2zMUz44MGHCnaImsP7bW4Hg=
Subject key identifier: 67:84:56:9A:9F:A2:12:24:BF:94:75:F2:42:21:7A:BC:3B:D7:B9:18
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 427A5E02
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Z4RWmp-iEiS_lHXyQiF6vDvXuRg.roa
Signing time: Wed 13 Apr 2022 07:00:42 +0000
ROA not before: Wed 13 Apr 2022 07:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48459
IP address blocks: 89.42.231.0/24 maxlen: 24
89.42.41.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115315714 (0x427a5e02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 13 07:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6784569a9fa21224bf9475f242217abc3bd7b918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a8:07:3e:3b:ab:8f:d4:13:17:e5:2c:e4:18:
3a:0f:bf:fb:39:b6:f1:77:0a:23:c8:af:dc:6f:94:
a9:22:c5:c4:be:51:20:e1:30:d5:44:36:65:58:4d:
ff:ce:52:52:51:73:8b:66:9a:09:80:eb:96:56:0b:
6a:7d:cc:b5:24:6c:14:ef:bb:57:b5:65:f4:31:ec:
ed:e3:de:79:7c:cf:26:a6:46:b5:cb:b1:36:98:e2:
2d:18:37:1c:5a:bc:f7:e7:4b:02:52:8e:e0:87:ed:
a6:1a:ba:ad:1d:d7:af:e9:35:26:9c:b6:21:6b:e8:
f8:d0:12:d0:f3:27:8a:41:f9:16:6f:20:cc:47:f2:
d1:25:ab:75:2d:a9:a2:71:10:1b:02:24:f1:ea:ca:
f1:66:97:ce:21:8e:28:71:32:22:51:30:c6:1f:fb:
d9:9e:79:74:b2:5f:cb:64:81:9c:3e:3f:0b:66:ab:
7b:90:a4:0a:eb:58:5b:3a:d7:39:7d:b4:b3:31:66:
ef:3f:59:c2:43:98:3d:30:43:2b:5a:b7:69:43:40:
e0:62:cc:dc:6a:86:d2:5e:86:31:32:91:58:83:1d:
61:28:30:bf:79:cf:2b:95:bf:0f:e0:91:cd:55:9e:
ec:a0:71:88:c0:20:12:d1:f9:be:a8:4b:7f:7f:ff:
49:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:84:56:9A:9F:A2:12:24:BF:94:75:F2:42:21:7A:BC:3B:D7:B9:18
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Z4RWmp-iEiS_lHXyQiF6vDvXuRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.41.0/24
89.42.231.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9c:d4:b6:96:3f:91:3a:fb:c7:0b:4d:17:4c:33:f1:d4:46:
0f:30:36:85:4a:1e:35:5e:3c:6e:96:68:66:1e:1c:45:8e:24:
3e:3a:13:75:c2:01:62:c1:5d:e7:79:23:c2:d6:9a:90:fe:bd:
5a:06:49:b4:0f:c1:ea:51:04:61:72:8a:e1:bc:b8:4d:49:f9:
a1:74:a2:6d:01:3e:a1:0d:e4:f3:a2:39:3c:14:48:94:a2:40:
e1:31:52:8e:3c:20:db:0e:c0:e1:49:d2:54:de:bd:cc:4b:e4:
04:2f:91:3f:1d:a0:07:a1:4d:6c:60:11:24:3e:9f:db:1a:79:
87:aa:e3:fe:bf:f6:79:ab:65:49:f8:67:c0:b9:45:64:c6:a8:
55:5f:6f:39:72:5a:ae:14:8a:5b:e3:e9:4a:53:66:4d:c9:aa:
73:70:d9:92:0c:20:f9:8c:61:d2:65:45:f4:d5:de:63:13:e1:
91:c7:46:58:38:bc:cf:b9:0d:0e:c8:8d:a8:5f:78:8f:b1:69:
21:a7:c6:8d:ac:59:3a:c3:90:8d:2a:51:66:01:f1:16:4c:69:
c7:c5:a2:c5:b0:2e:08:fa:71:d9:20:61:50:1d:7a:ec:77:37:
1f:d0:52:21:bd:42:b0:f8:2c:c1:cd:d3:33:3d:8e:21:8e:18:
37:83:1c:af
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEQnpeAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDQx
MzA3MDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc4NDU2OWE5ZmEy
MTIyNGJmOTQ3NWYyNDIyMTdhYmMzYmQ3YjkxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCoBz47q4/UExflLOQYOg+/+zm28XcKI8iv3G+UqSLFxL5R
IOEw1UQ2ZVhN/85SUlFzi2aaCYDrllYLan3MtSRsFO+7V7Vl9DHs7ePeeXzPJqZG
tcuxNpjiLRg3HFq89+dLAlKO4Iftphq6rR3Xr+k1Jpy2IWvo+NAS0PMnikH5Fm8g
zEfy0SWrdS2ponEQGwIk8erK8WaXziGOKHEyIlEwxh/72Z55dLJfy2SBnD4/C2ar
e5CkCutYWzrXOX20szFm7z9ZwkOYPTBDK1q3aUNA4GLM3GqG0l6GMTKRWIMdYSgw
v3nPK5W/D+CRzVWe7KBxiMAgEtH5vqhLf3//SQsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRnhFaan6ISJL+UdfJCIXq8O9e5GDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9aNFJXbXAtaUVpU19sSFh5UWlGNnZEdlh1Umcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSopAwQAWSrnMA0GCSqGSIb3
DQEBCwUAA4IBAQACnNS2lj+ROvvHC00XTDPx1EYPMDaFSh41XjxulmhmHhxFjiQ+
OhN1wgFiwV3neSPC1pqQ/r1aBkm0D8HqUQRhcorhvLhNSfmhdKJtAT6hDeTzojk8
FEiUokDhMVKOPCDbDsDhSdJU3r3MS+QEL5E/HaAHoU1sYBEkPp/bGnmHquP+v/Z5
q2VJ+GfAuUVkxqhVX285clquFIpb4+lKU2ZNyapzcNmSDCD5jGHSZUX01d5jE+GR
x0ZYOLzPuQ0OyI2oX3iPsWkhp8aNrFk6w5CNKlFmAfEWTGnHxaLFsC4I+nHZIGFQ
HXrsdzcf0FIhvUKw+CzBzdMzPY4hjhg3gxyv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:43 2025 by rpki-client