Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-cZUrP-iPBTLxCoUawKTBFBZZDQ.roa
File: 1-cZUrP-iPBTLxCoUawKTBFBZZDQ.roa (raw, json)
Hash identifier: BgI2S8K9IEeogTg0/o3+DqDZfx6QxBusC7mmUuEIWEM=
Subject key identifier: F9:C6:54:AC:FF:A2:3C:14:CB:C4:2A:14:6B:02:93:04:50:59:64:34
Certificate issuer: /CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Certificate serial: 01856D01C7A28275DC2AA3DC4BCB8F2E639A
Authority key identifier: 9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-cZUrP-iPBTLxCoUawKTBFBZZDQ.roa
Signing time: Sun 01 Jan 2023 11:05:11 +0000
ROA not before: Sun 01 Jan 2023 11:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 82.145.96.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c7:a2:82:75:dc:2a:a3:dc:4b:cb:8f:2e:63:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Validity
Not Before: Jan 1 11:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9c654acffa23c14cbc42a146b02930450596434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:2b:6b:36:a3:5f:26:ed:6a:a8:61:22:bf:
f0:1d:fd:ad:b2:9e:19:76:42:07:f4:02:a5:8e:6e:
3a:b8:c3:ff:88:cb:49:e6:15:43:ca:a1:03:db:c2:
79:32:93:9f:a0:38:f4:87:2f:c8:af:ed:1a:b5:8c:
d1:31:50:71:e0:91:32:a5:76:d1:2b:8e:f6:10:47:
39:14:6e:ac:d7:26:6b:ed:5d:72:65:9d:10:7b:a5:
22:39:28:41:40:bb:d5:c5:50:35:ed:4b:32:6c:47:
c7:91:27:bc:ec:e0:67:2f:8f:fd:e9:6e:94:0b:2c:
d6:37:77:db:18:75:ff:e6:ad:87:06:c0:51:3c:04:
6d:62:c3:ec:e8:88:6c:bb:eb:83:55:a2:9a:41:72:
49:a3:25:c3:ad:b2:e7:42:25:23:69:ed:33:c3:fa:
98:90:a8:97:95:28:16:19:6a:11:40:ff:41:50:70:
d8:19:a6:b1:cb:4e:3c:09:70:a7:75:c4:0a:34:57:
77:62:0a:fa:09:91:09:46:c1:47:f3:f2:1c:6b:41:
79:e4:3a:1f:a1:e2:d3:81:a3:a4:28:f3:d8:59:a5:
6c:d7:c7:df:a4:59:2c:d4:b5:4c:fb:47:86:21:47:
49:e5:16:88:e9:5d:80:6e:51:d7:54:27:2d:2b:b7:
8d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C6:54:AC:FF:A2:3C:14:CB:C4:2A:14:6B:02:93:04:50:59:64:34
X509v3 Authority Key Identifier:
keyid:9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/1-cZUrP-iPBTLxCoUawKTBFBZZDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.96.0/19
Signature Algorithm: sha256WithRSAEncryption
87:88:32:78:f4:6f:e7:60:d8:46:4c:93:35:d4:a7:75:cd:ae:
4a:e3:53:c0:8d:e7:a8:57:7b:89:36:87:4c:c8:40:e6:4b:66:
f3:5b:33:d5:88:06:0f:e4:e5:4c:42:6e:46:81:8e:d4:ff:63:
e3:52:25:74:d1:e7:65:1a:ce:7b:87:9f:ed:17:d3:30:e4:09:
81:6a:7e:6f:13:f6:2e:43:ff:d4:28:8e:7c:aa:1e:6c:81:45:
3b:25:e5:a1:19:0e:4d:17:22:4f:9c:a5:26:96:66:49:ed:0a:
30:3b:58:55:8d:89:a8:de:f2:c0:05:a6:8e:e3:ba:10:9b:9f:
44:89:8f:25:76:41:03:32:07:6c:4a:4c:21:f2:5a:00:e4:fa:
b6:26:ad:0a:e5:f1:1e:15:5c:80:e8:6b:a1:e1:e6:47:c0:80:
2e:7a:f1:be:cd:fc:a8:e5:87:de:2d:0c:89:25:20:c6:62:ac:
70:a8:fd:16:6d:be:90:2f:8f:29:17:48:57:4b:ff:38:81:37:
06:fc:10:83:2e:90:e5:96:b8:51:bf:0a:39:4f:f3:ac:41:80:
ca:85:1e:42:78:cd:c9:82:8f:0d:6b:8d:42:33:3c:2b:6b:f0:
17:07:a7:8a:64:7e:68:0a:d9:da:b6:a5:b7:6b:5d:53:a4:52:
8e:eb:e4:cf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtAceignXcKqPcS8uPLmOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMmNiN2Y5Y2EwZWZkNzJiZTI1OGE0YTA5MzU4ODA2Mzc0
YjQ2NjIwHhcNMjMwMTAxMTEwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM2NTRhY2ZmYTIzYzE0Y2JjNDJhMTQ2YjAyOTMwNDUwNTk2NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAIrazajXybtaqhhIr/wHf2tsp4Z
dkIH9AKljm46uMP/iMtJ5hVDyqED28J5MpOfoDj0hy/Ir+0atYzRMVBx4JEypXbR
K472EEc5FG6s1yZr7V1yZZ0Qe6UiOShBQLvVxVA17UsybEfHkSe87OBnL4/96W6U
CyzWN3fbGHX/5q2HBsBRPARtYsPs6Ihsu+uDVaKaQXJJoyXDrbLnQiUjae0zw/qY
kKiXlSgWGWoRQP9BUHDYGaaxy048CXCndcQKNFd3Ygr6CZEJRsFH8/Ica0F55Dof
oeLTgaOkKPPYWaVs18ffpFks1LVM+0eGIUdJ5RaI6V2AblHXVCctK7eNiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnGVKz/ojwUy8QqFGsCkwRQWWQ0MB8GA1UdIwQY
MBaAFJwst/nKDv1yviWKSgk1iAY3S0ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUt
N2Y5MmMzNGViMDdjLzEvMS1jWlVyUC1pUEJUTHhDb1Vhd0tUQkZCWlpEUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODgvODZhNDI2LTU2ZWUtNDZkZC05NDI1LTdmOTJjMzRlYjA3
Yy8xL25DeTMtY29PX1hLLUpZcEtDVFdJQmpkTFJtSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVKRYDAN
BgkqhkiG9w0BAQsFAAOCAQEAh4gyePRv52DYRkyTNdSndc2uSuNTwI3nqFd7iTaH
TMhA5ktm81sz1YgGD+TlTEJuRoGO1P9j41IldNHnZRrOe4ef7RfTMOQJgWp+bxP2
LkP/1CiOfKoebIFFOyXloRkOTRciT5ylJpZmSe0KMDtYVY2JqN7ywAWmjuO6EJuf
RImPJXZBAzIHbEpMIfJaAOT6tiatCuXxHhVcgOhroeHmR8CALnrxvs38qOWH3i0M
iSUgxmKscKj9Fm2+kC+PKRdIV0v/OIE3BvwQgy6Q5Za4Ub8KOU/zrEGAyoUeQnjN
yYKPDWuNQjM8K2vwFwenimR+aArZ2ralt2tdU6RSjuvkzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:54 2024 by rpki-client on console-ams.rpki-client.org