Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EYP9UQOQ0pN1c6S8SbaXdLk2eiM.roa
File: EYP9UQOQ0pN1c6S8SbaXdLk2eiM.roa (raw, json)
Hash identifier: +bP0m//joaqvDX84yV3NW28EvAmr36b7cKB45Tg9pOU=
Subject key identifier: 11:83:FD:51:03:90:D2:93:75:73:A4:BC:49:B6:97:74:B9:36:7A:23
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018480916A0A582F11CF38278735396A7AB4
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EYP9UQOQ0pN1c6S8SbaXdLk2eiM.roa
Signing time: Wed 16 Nov 2022 13:12:04 +0000
ROA not before: Wed 16 Nov 2022 13:12:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 89.191.228.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:91:6a:0a:58:2f:11:cf:38:27:87:35:39:6a:7a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Nov 16 13:12:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1183fd510390d2937573a4bc49b69774b9367a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:2b:f5:5c:9e:0a:3f:95:fc:a0:d9:c8:5a:
c5:d2:f5:dd:7a:2e:1a:68:48:65:58:73:b3:44:20:
91:a8:c7:4c:48:cc:23:1e:c0:c0:2e:81:cb:c0:84:
93:ef:f9:5f:95:16:83:ae:2e:99:65:87:6d:99:76:
48:7f:1f:f8:49:0e:dc:22:df:e2:f8:2a:67:94:8a:
27:e7:fc:2c:7d:3b:ee:04:5b:5e:78:ec:8c:24:31:
3b:5f:38:81:a9:59:15:a6:bd:aa:72:c4:89:d5:47:
66:41:11:4c:02:71:de:9d:30:90:ad:30:51:6f:6d:
1e:01:94:de:af:8b:81:e1:94:99:11:73:4c:df:e3:
65:83:17:89:76:3f:59:7e:09:2b:a2:1d:b3:00:f5:
68:51:65:ad:3c:eb:1a:fa:e2:04:8a:6e:ee:1f:d0:
3e:3e:2d:89:95:1d:4f:38:9f:af:72:70:60:6b:29:
b6:6c:73:e8:1d:4e:9b:39:df:10:17:86:4c:4a:40:
1c:70:19:f2:c1:bd:60:0a:2b:cc:4d:3f:45:91:ad:
5f:63:fb:d2:3d:31:52:96:db:70:5a:4c:a4:ed:2c:
78:e6:39:b0:f3:f3:8a:82:78:23:2d:c6:67:c0:cf:
87:e7:6a:f6:ba:f3:fd:18:42:35:0f:e8:f1:17:a2:
73:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:83:FD:51:03:90:D2:93:75:73:A4:BC:49:B6:97:74:B9:36:7A:23
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EYP9UQOQ0pN1c6S8SbaXdLk2eiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.228.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:ad:90:a7:c2:1e:ab:43:e4:4c:84:77:18:ff:c5:c2:a0:bf:
bd:5a:39:5c:74:c7:5d:9d:34:49:f8:72:0c:a0:ec:8f:96:41:
95:a8:59:2c:6d:10:42:4c:6b:44:b7:2e:6b:6a:12:90:5c:09:
6d:58:9b:f2:9c:55:a0:a1:41:79:b3:05:4d:e5:32:81:0c:aa:
63:41:a3:15:be:43:18:53:81:aa:ba:ae:da:da:4a:f7:d5:43:
13:d4:fa:1e:4e:29:d4:0c:f7:ae:1a:ba:2e:7f:8f:3f:fe:3d:
cd:67:ab:1d:70:38:f1:9a:82:2b:ff:2e:68:e6:43:e8:e8:f4:
ef:03:e9:9b:a1:c4:8c:1f:fe:99:ce:36:db:32:ed:81:a0:8f:
74:22:4b:f0:f0:7e:4e:e0:15:be:4a:15:e9:69:22:81:48:e4:
99:91:6f:c4:68:6c:1d:02:61:7b:46:21:77:2f:52:eb:1b:20:
d8:73:9c:b4:b0:29:30:f4:b3:8b:d4:30:16:57:85:b5:1f:a3:
22:61:77:31:7e:dc:ca:28:ac:94:85:c4:9b:6f:1b:fc:99:da:
ed:80:2b:0d:54:e0:62:c7:b0:56:e6:44:ee:50:f4:53:d6:f1:
f3:88:77:33:68:f3:24:86:60:d3:56:76:93:9d:c8:8a:23:2c:
4d:9c:d9:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSAkWoKWC8RzzgnhzU5anq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMTE2MTMxMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTgzZmQ1MTAzOTBkMjkzNzU3M2E0YmM0OWI2OTc3NGI5MzY3YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQIr9VyeCj+V/KDZyFrF0vXdei4a
aEhlWHOzRCCRqMdMSMwjHsDALoHLwIST7/lflRaDri6ZZYdtmXZIfx/4SQ7cIt/i
+CpnlIon5/wsfTvuBFteeOyMJDE7XziBqVkVpr2qcsSJ1UdmQRFMAnHenTCQrTBR
b20eAZTer4uB4ZSZEXNM3+NlgxeJdj9Zfgkroh2zAPVoUWWtPOsa+uIEim7uH9A+
Pi2JlR1POJ+vcnBgaym2bHPoHU6bOd8QF4ZMSkAccBnywb1gCivMTT9Fka1fY/vS
PTFSlttwWkyk7Sx45jmw8/OKgngjLcZnwM+H52r2uvP9GEI1D+jxF6JzgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGD/VEDkNKTdXOkvEm2l3S5NnojMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRVlQOVVRT1EwcE4xYzZTOFNiYVhkTGsyZWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWb/kMA0G
CSqGSIb3DQEBCwUAA4IBAQBvrZCnwh6rQ+RMhHcY/8XCoL+9WjlcdMddnTRJ+HIM
oOyPlkGVqFksbRBCTGtEty5rahKQXAltWJvynFWgoUF5swVN5TKBDKpjQaMVvkMY
U4Gquq7a2kr31UMT1PoeTinUDPeuGrouf48//j3NZ6sdcDjxmoIr/y5o5kPo6PTv
A+mbocSMH/6ZzjbbMu2BoI90Ikvw8H5O4BW+ShXpaSKBSOSZkW/EaGwdAmF7RiF3
L1LrGyDYc5y0sCkw9LOL1DAWV4W1H6MiYXcxftzKKKyUhcSbbxv8mdrtgCsNVOBi
x7BW5kTuUPRT1vHziHczaPMkhmDTVnaTnciKIyxNnNnc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org