Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/mJ3Ba8UMR7eA_riS9Wo0k0mQh74.roa
File: mJ3Ba8UMR7eA_riS9Wo0k0mQh74.roa (raw, json)
Hash identifier: b4Eq1iaPm/ZZN/DfehsU+vNFlohWA3TXn9RN0mN8wDw=
Subject key identifier: 98:9D:C1:6B:C5:0C:47:B7:80:FE:B8:92:F5:6A:34:93:49:90:87:BE
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 0188E9C539318DA88772882A3AE1D57A489C
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/mJ3Ba8UMR7eA_riS9Wo0k0mQh74.roa
Signing time: Fri 23 Jun 2023 19:39:56 +0000
ROA not before: Fri 23 Jun 2023 19:39:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 93.89.211.0/24 maxlen: 24
193.109.160.0/22 maxlen: 24
193.162.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e9:c5:39:31:8d:a8:87:72:88:2a:3a:e1:d5:7a:48:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jun 23 19:39:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=989dc16bc50c47b780feb892f56a3493499087be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:34:64:b0:52:05:1a:1e:bd:6a:a6:f1:c3:f1:
25:6a:64:c9:b6:e3:ac:f0:bb:34:54:34:ba:f5:32:
19:24:8e:64:1a:6a:ac:ae:77:66:4f:1c:a8:a4:53:
4f:13:24:2e:0b:b6:58:79:eb:41:92:c6:f2:8a:a3:
7b:98:e3:a7:33:98:18:33:a5:bd:c7:de:1c:b4:b4:
e8:ad:b4:a0:d4:62:df:4f:67:c3:d8:1c:fb:db:4f:
2c:0a:d1:71:ad:cb:81:1e:dd:28:d7:02:be:a4:31:
9d:b6:74:30:66:80:c5:4d:8b:f0:7f:24:3f:2b:c6:
9c:48:49:82:49:5e:a1:3b:87:57:bb:aa:37:4b:c0:
8c:6e:bb:18:47:c3:df:9b:3a:97:3a:ef:e4:cc:87:
ad:e7:f6:be:4c:75:77:82:20:08:8b:04:27:70:69:
49:05:35:01:99:13:67:bc:49:2e:10:47:aa:e2:55:
67:e1:f9:64:b1:24:96:d1:25:86:6e:d7:4a:47:d7:
94:59:12:b2:2f:c0:d4:c7:72:56:68:0a:fe:8e:ff:
7c:9d:f7:f0:04:01:02:90:49:01:85:fd:b6:13:66:
49:21:e8:b0:f2:42:97:93:ae:74:e2:f5:19:76:47:
33:90:3c:91:ef:db:47:25:4c:98:79:74:ff:f0:0a:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9D:C1:6B:C5:0C:47:B7:80:FE:B8:92:F5:6A:34:93:49:90:87:BE
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/mJ3Ba8UMR7eA_riS9Wo0k0mQh74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.211.0/24
193.109.160.0/22
193.162.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f5:16:e3:20:2c:02:c2:39:12:64:5c:b2:10:f6:85:4c:d4:
e0:8b:60:09:11:77:fd:26:a3:ee:c8:1a:39:cb:ea:16:2b:98:
5b:5f:7e:3e:e1:ba:23:bb:27:06:48:8f:49:86:c8:00:b9:df:
44:0b:ae:02:48:9b:32:a8:91:97:40:ec:63:49:47:89:dc:5f:
69:80:02:28:78:14:80:56:13:77:ed:b9:ce:c3:e0:07:d2:14:
41:ce:dc:58:b0:f5:04:10:31:db:a4:4a:62:22:6d:62:e4:30:
28:d2:59:e7:1c:cb:b2:f7:c2:ca:04:93:fc:92:a0:66:52:f5:
e6:04:a8:47:71:6e:89:b4:13:85:73:a6:c2:2b:ea:43:c9:18:
b2:57:44:b7:a3:99:87:f0:6e:97:33:c9:cc:17:c3:5c:48:3c:
47:ec:58:9f:5a:7a:83:ba:66:75:09:66:5a:8e:17:d7:9c:33:
b1:2c:74:70:d9:66:ad:d1:1d:9a:0b:6a:8c:50:ee:b2:df:0f:
e3:83:de:21:3a:01:8d:fd:25:ce:49:63:54:25:87:45:a0:50:
15:6e:98:4e:a5:e8:a1:f5:c2:a5:b7:9d:a0:cb:a0:fa:5c:1d:
0c:24:e6:94:d9:e6:b1:fd:6d:21:d4:5a:63:29:75:94:42:c4:
71:68:4d:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjpxTkxjaiHcogqOuHVekicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwNjIzMTkzOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODlkYzE2YmM1MGM0N2I3ODBmZWI4OTJmNTZhMzQ5MzQ5OTA4N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzRksFIFGh69aqbxw/ElamTJtuOs
8Ls0VDS69TIZJI5kGmqsrndmTxyopFNPEyQuC7ZYeetBksbyiqN7mOOnM5gYM6W9
x94ctLTorbSg1GLfT2fD2Bz7208sCtFxrcuBHt0o1wK+pDGdtnQwZoDFTYvwfyQ/
K8acSEmCSV6hO4dXu6o3S8CMbrsYR8PfmzqXOu/kzIet5/a+THV3giAIiwQncGlJ
BTUBmRNnvEkuEEeq4lVn4flksSSW0SWGbtdKR9eUWRKyL8DUx3JWaAr+jv98nffw
BAECkEkBhf22E2ZJIeiw8kKXk6504vUZdkczkDyR79tHJUyYeXT/8ApAfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJidwWvFDEe3gP64kvVqNJNJkIe+MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvbUozQmE4VU1SN2VBX3JpUzlXbzBrMG1RaDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXVnTAwQC
wW2gAwQAwaJOMA0GCSqGSIb3DQEBCwUAA4IBAQCj9RbjICwCwjkSZFyyEPaFTNTg
i2AJEXf9JqPuyBo5y+oWK5hbX34+4bojuycGSI9JhsgAud9EC64CSJsyqJGXQOxj
SUeJ3F9pgAIoeBSAVhN37bnOw+AH0hRBztxYsPUEEDHbpEpiIm1i5DAo0lnnHMuy
98LKBJP8kqBmUvXmBKhHcW6JtBOFc6bCK+pDyRiyV0S3o5mH8G6XM8nMF8NcSDxH
7FifWnqDumZ1CWZajhfXnDOxLHRw2Wat0R2aC2qMUO6y3w/jg94hOgGN/SXOSWNU
JYdFoFAVbphOpeih9cKlt52gy6D6XB0MJOaU2eax/W0h1FpjKXWUQsRxaE0N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org