Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Iu9wuPcP5w_ihUZ0e3Ibyt-hv-0.roa
File: Iu9wuPcP5w_ihUZ0e3Ibyt-hv-0.roa (raw, json)
Hash identifier: cBHJYzc4pj7apcdtR6gcvnchaqe2k87IpkOJ8t+VI0g=
Subject key identifier: 22:EF:70:B8:F7:0F:E7:0F:E2:85:46:74:7B:72:1B:CA:DF:A1:BF:ED
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B530A7693BBB2F88C925448DD64760F1F
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Iu9wuPcP5w_ihUZ0e3Ibyt-hv-0.roa
Signing time: Sat 21 Oct 2023 16:21:16 +0000
ROA not before: Sat 21 Oct 2023 16:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44620
IP address blocks: 77.92.146.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:0a:76:93:bb:b2:f8:8c:92:54:48:dd:64:76:0f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 21 16:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22ef70b8f70fe70fe28546747b721bcadfa1bfed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:29:55:2d:e9:bd:1f:0a:2a:2c:9e:a7:e6:e9:
bd:34:17:87:66:90:2f:80:de:2b:d3:08:26:4a:98:
e3:2f:f5:28:6b:90:26:fc:a3:41:f9:9c:81:a1:6e:
51:a5:6c:fb:d5:e5:52:fa:4f:1f:49:0b:d6:8c:f0:
1a:d9:09:95:72:26:f3:3a:7c:e0:9c:13:5c:19:6d:
66:3b:38:63:4d:c8:5f:ca:dd:53:85:ab:0b:72:78:
ea:5c:d5:45:ef:94:ee:5e:11:70:69:a5:7b:77:70:
45:9d:59:9d:35:25:a7:3d:be:1a:fe:89:3f:2c:c5:
56:4a:a4:39:07:14:59:50:a6:b9:30:4a:cb:2e:e4:
a7:af:0d:8c:4d:9c:30:ef:2f:6b:fd:20:79:45:80:
15:4b:5d:39:e5:9d:ab:53:b2:33:d9:2f:b6:3f:b8:
97:ff:18:5e:d7:1b:31:c8:69:b0:a4:8f:89:17:08:
ce:ac:38:fc:aa:6c:ad:2e:da:f9:a3:46:46:7c:72:
4a:b4:27:c5:1b:61:95:30:81:2e:a5:4c:06:06:f8:
68:ff:b3:7f:84:63:a9:b5:10:a2:bc:41:02:d4:88:
cd:50:96:a1:d9:60:3f:b4:f7:33:8f:9b:93:d2:60:
80:b0:0a:db:13:4a:8e:94:de:6a:0e:45:4a:23:05:
ac:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EF:70:B8:F7:0F:E7:0F:E2:85:46:74:7B:72:1B:CA:DF:A1:BF:ED
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Iu9wuPcP5w_ihUZ0e3Ibyt-hv-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.146.0/24
188.132.206.0/24
Signature Algorithm: sha256WithRSAEncryption
15:3d:65:92:27:b2:4e:c8:03:21:9c:70:58:41:fc:0b:fc:14:
9e:c8:ea:d2:4f:a9:7b:ab:43:21:17:f2:2c:b7:e3:13:43:30:
d2:b6:bc:d0:0b:1d:c2:ec:a7:8d:45:a9:99:16:a9:c7:59:6d:
e2:48:a5:70:da:00:08:17:90:48:95:e3:a1:ef:f3:7b:91:ce:
85:ed:90:4b:25:c3:16:f3:36:ec:b5:df:32:86:82:e5:f4:e9:
d7:ee:08:d4:1f:6d:b3:39:a3:cc:9c:b4:91:2d:ac:f4:56:2e:
af:8e:d2:5f:64:a7:d8:4f:05:e5:73:27:f1:6b:83:7c:d6:ba:
cb:de:1f:57:0b:e7:a2:d4:27:7e:67:de:4f:63:a6:e4:5e:83:
71:03:0f:80:9f:d0:65:e8:0e:fd:cf:7f:32:e2:2c:89:82:ed:
dd:c2:16:7f:20:22:59:2e:f9:95:1e:a1:3a:b2:f8:f4:05:c2:
28:10:e6:72:cd:eb:ad:80:f9:95:62:22:3c:bf:14:3a:5d:47:
fc:e2:fa:2c:46:c1:12:47:23:d9:2a:8b:1b:54:61:73:f7:5b:
0f:fb:d5:04:9b:32:b3:66:a7:6b:eb:1a:b8:4e:24:82:39:53:
45:e4:37:3c:be:84:a9:fe:f2:56:be:ae:64:67:46:c8:b7:9a:
2b:6b:2a:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtTCnaTu7L4jJJUSN1kdg8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDIxMTYyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVmNzBiOGY3MGZlNzBmZTI4NTQ2NzQ3YjcyMWJjYWRmYTFiZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgilVLem9HwoqLJ6n5um9NBeHZpAv
gN4r0wgmSpjjL/Uoa5Am/KNB+ZyBoW5RpWz71eVS+k8fSQvWjPAa2QmVcibzOnzg
nBNcGW1mOzhjTchfyt1ThasLcnjqXNVF75TuXhFwaaV7d3BFnVmdNSWnPb4a/ok/
LMVWSqQ5BxRZUKa5MErLLuSnrw2MTZww7y9r/SB5RYAVS1055Z2rU7Iz2S+2P7iX
/xhe1xsxyGmwpI+JFwjOrDj8qmytLtr5o0ZGfHJKtCfFG2GVMIEupUwGBvho/7N/
hGOptRCivEEC1IjNUJah2WA/tPczj5uT0mCAsArbE0qOlN5qDkVKIwWsRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLvcLj3D+cP4oVGdHtyG8rfob/tMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvSXU5d3VQY1A1d19paFVaMGUzSWJ5dC1odi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVySAwQA
vITOMA0GCSqGSIb3DQEBCwUAA4IBAQAVPWWSJ7JOyAMhnHBYQfwL/BSeyOrST6l7
q0MhF/Ist+MTQzDStrzQCx3C7KeNRamZFqnHWW3iSKVw2gAIF5BIleOh7/N7kc6F
7ZBLJcMW8zbstd8yhoLl9OnX7gjUH22zOaPMnLSRLaz0Vi6vjtJfZKfYTwXlcyfx
a4N81rrL3h9XC+ei1Cd+Z95PY6bkXoNxAw+An9Bl6A79z38y4iyJgu3dwhZ/ICJZ
LvmVHqE6svj0BcIoEOZyzeutgPmVYiI8vxQ6XUf84vosRsESRyPZKosbVGFz91sP
+9UEmzKzZqdr6xq4TiSCOVNF5Dc8voSp/vJWvq5kZ0bIt5orayqH
-----END CERTIFICATE-----
Generated at Wed Oct 25 11:20:31 2023 by rpki-client on console-ams.rpki-client.org