Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/Tq4ok-bRG491nq5gkKrOcuyi3Nc.roa
File: Tq4ok-bRG491nq5gkKrOcuyi3Nc.roa (raw, json)
Hash identifier: /z24fMueEy7Zy3uypiQTgZNkOLe/qlLlVEZO7+kLG00=
Subject key identifier: 4E:AE:28:93:E6:D1:1B:8F:75:9E:AE:60:90:AA:CE:72:EC:A2:DC:D7
Certificate issuer: /CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Certificate serial: 0279D848
Authority key identifier: E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/Tq4ok-bRG491nq5gkKrOcuyi3Nc.roa
Signing time: Sat 01 Jan 2022 10:55:43 +0000
ROA not before: Sat 01 Jan 2022 10:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208494
IP address blocks: 89.21.76.0/22 maxlen: 22
89.21.95.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41539656 (0x279d848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Validity
Not Before: Jan 1 10:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eae2893e6d11b8f759eae6090aace72eca2dcd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0c:b8:65:6d:1a:f9:d5:fb:e1:2c:8d:bf:68:
30:0f:35:db:44:eb:be:57:a1:28:ee:f1:d5:43:05:
5d:1c:21:6f:a7:53:a6:ce:15:1b:0e:4d:39:e5:0e:
45:ce:1d:28:d7:5a:7b:bc:c3:69:e4:48:66:81:08:
22:b1:33:f9:92:0c:50:de:78:59:2a:66:2b:dc:b3:
7b:7a:f0:19:1a:ce:fa:2a:cb:f7:b8:1d:04:07:00:
bd:08:ad:1c:cb:a9:57:45:bb:9c:8c:82:3d:f0:41:
65:25:9c:08:21:15:00:1f:aa:20:e3:17:ae:dc:d6:
76:9f:bc:d1:da:e9:63:3e:fc:7d:4a:44:5c:01:fc:
a1:36:97:91:fd:d0:31:39:4d:49:1d:33:b3:b1:3b:
76:c8:88:3a:d8:9c:0c:ff:48:5b:2c:87:76:e3:b6:
80:27:10:d6:1a:67:f5:8e:bf:3d:1f:03:22:ae:76:
76:15:19:8b:aa:1f:7d:5a:51:0b:68:d4:02:fc:b5:
1d:0f:c7:57:e8:4c:48:5d:ef:13:94:48:57:79:fe:
1c:26:89:f0:04:86:89:a4:a7:4f:62:69:da:6b:c1:
2e:f4:76:e4:de:42:6a:82:04:5e:ac:e5:62:16:26:
7d:8a:62:db:7c:67:9a:5b:0a:6c:39:80:ac:8c:0a:
00:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AE:28:93:E6:D1:1B:8F:75:9E:AE:60:90:AA:CE:72:EC:A2:DC:D7
X509v3 Authority Key Identifier:
keyid:E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/Tq4ok-bRG491nq5gkKrOcuyi3Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.76.0/22
89.21.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:94:0e:d1:e4:a7:c3:9a:f9:1f:7e:26:11:69:90:cf:72:70:
6b:70:4b:b0:c7:13:db:5c:96:2f:3b:ef:74:ef:08:4c:0b:0f:
68:be:08:3a:97:db:de:dd:9b:82:81:e2:e8:09:62:4f:b1:b2:
f2:33:d7:9f:26:a3:5b:5d:d3:fc:0e:9e:36:c5:7a:a9:62:03:
0b:53:93:56:bf:8b:05:a2:17:ff:6e:53:72:ee:45:0a:ba:07:
2d:52:5d:e8:d0:38:d2:dc:22:50:72:50:ee:88:10:4f:66:ff:
e7:21:17:b2:15:0c:cc:05:13:28:b6:c2:dc:8e:1a:ca:6a:e0:
41:f3:8f:39:7a:80:9c:c8:fc:fb:3d:26:43:7c:30:d7:29:0c:
ab:e3:c7:03:82:19:e7:84:c4:4e:50:bb:bf:20:7b:07:aa:76:
46:a4:af:6b:95:7e:7d:ee:42:28:0f:64:08:07:12:25:28:81:
14:e5:e1:f1:bb:62:d9:75:61:cb:ea:31:26:67:83:78:32:3b:
09:19:b1:45:8e:31:f4:46:ed:a4:fd:53:df:f1:f2:a7:f4:58:
d8:44:df:a0:e3:26:92:7f:f8:f6:45:91:75:4d:34:e1:6b:b3:
2a:45:37:73:47:43:4d:b9:df:fb:30:bd:7e:32:91:c6:5e:10:
36:9e:39:f6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAnnYSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODIwNmFhMzI1MmUzZWE4ZDY4NGVhZWM3YTI5OTM1MTNiNWQyMzA3MB4XDTIyMDEw
MTEwNTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVhZTI4OTNlNmQx
MWI4Zjc1OWVhZTYwOTBhYWNlNzJlY2EyZGNkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMMuGVtGvnV++Esjb9oMA8120TrvlehKO7x1UMFXRwhb6dT
ps4VGw5NOeUORc4dKNdae7zDaeRIZoEIIrEz+ZIMUN54WSpmK9yze3rwGRrO+irL
97gdBAcAvQitHMupV0W7nIyCPfBBZSWcCCEVAB+qIOMXrtzWdp+80drpYz78fUpE
XAH8oTaXkf3QMTlNSR0zs7E7dsiIOticDP9IWyyHduO2gCcQ1hpn9Y6/PR8DIq52
dhUZi6offVpRC2jUAvy1HQ/HV+hMSF3vE5RIV3n+HCaJ8ASGiaSnT2Jp2mvBLvR2
5N5CaoIEXqzlYhYmfYpi23xnmlsKbDmArIwKAAUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBROriiT5tEbj3WermCQqs5y7KLc1zAfBgNVHSMEGDAWgBToIGqjJS4+qNaE
6ux6KZNRO10jBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZDQnFveVV1UHFqV2hPcnNlaW1UVVR0ZEl3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNDdhY2NiLTZmM2MtNGM2Yy05ZmQwLTU4NWViODQ1NThmOS8x
L1RxNG9rLWJSRzQ5MW5xNWdrS3JPY3V5aTNOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NDdhY2NiLTZmM2MtNGM2Yy05ZmQwLTU4NWViODQ1NThmOS8xLzZDQnFveVV1UHFq
V2hPcnNlaW1UVVR0ZEl3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlkVTAMEAFkVXzANBgkqhkiG9w0B
AQsFAAOCAQEALpQO0eSnw5r5H34mEWmQz3Jwa3BLsMcT21yWLzvvdO8ITAsPaL4I
Opfb3t2bgoHi6AliT7Gy8jPXnyajW13T/A6eNsV6qWIDC1OTVr+LBaIX/25Tcu5F
CroHLVJd6NA40twiUHJQ7ogQT2b/5yEXshUMzAUTKLbC3I4aymrgQfOPOXqAnMj8
+z0mQ3ww1ykMq+PHA4IZ54TETlC7vyB7B6p2RqSva5V+fe5CKA9kCAcSJSiBFOXh
8bti2XVhy+oxJmeDeDI7CRmxRY4x9EbtpP1T3/Hyp/RY2ETfoOMmkn/49kWRdU00
4WuzKkU3c0dDTbnf+zC9fjKRxl4QNp459g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:32:33 2025 by rpki-client