Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/BNe3vtKz9w05ygWqp6k1t3G5f64.roa
File: BNe3vtKz9w05ygWqp6k1t3G5f64.roa (raw, json)
Hash identifier: 15+b19W4haKdNeTYqHbeq6eXKBj4Xs/Xj0cTWA9b95E=
Subject key identifier: 04:D7:B7:BE:D2:B3:F7:0D:39:CA:05:AA:A7:A9:35:B7:71:B9:7F:AE
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 05922BF0
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/BNe3vtKz9w05ygWqp6k1t3G5f64.roa
Signing time: Tue 25 Jan 2022 00:24:07 +0000
ROA not before: Tue 25 Jan 2022 00:24:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 89.43.48.0/24 maxlen: 24
86.106.89.0/24 maxlen: 24
85.204.72.0/24 maxlen: 24
89.40.37.0/24 maxlen: 24
89.35.135.0/24 maxlen: 24
89.35.25.0/24 maxlen: 24
86.107.241.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93465584 (0x5922bf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: Jan 25 00:24:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04d7b7bed2b3f70d39ca05aaa7a935b771b97fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:3a:66:c8:22:84:8d:96:f1:0b:61:43:56:
ce:bb:94:f4:76:3d:3c:f8:6d:a9:aa:91:fb:13:bc:
db:47:33:f5:d8:82:c1:dd:50:f9:c6:08:52:4c:44:
b9:29:8b:4c:54:df:c4:40:7d:f2:47:73:86:0d:58:
59:76:73:58:17:ba:05:a0:e1:89:f4:48:70:92:fa:
06:5f:6e:ae:9c:78:d8:1b:5d:89:0d:26:cb:71:3c:
79:47:11:b5:fb:cd:be:bb:d7:99:5f:ee:1b:26:cf:
25:b2:72:0f:6b:a0:31:ab:f8:d1:4e:a7:d3:6a:e8:
9f:36:55:8e:5d:b7:a2:38:99:3e:e7:9c:3c:78:01:
07:7a:dc:60:45:b0:37:d5:d1:c5:50:cc:d6:93:87:
1f:9e:be:b0:f0:9b:fb:b9:9b:71:ac:86:09:15:8e:
35:47:e4:3d:bd:91:16:9d:2a:0f:1c:a0:86:08:7d:
2a:77:09:f3:dd:00:51:7c:1f:24:a6:cc:1d:6d:7b:
70:33:48:39:d4:d1:97:6d:7d:93:a9:b8:bb:36:74:
f0:ea:fb:61:70:56:02:a8:de:38:38:2f:4d:7d:7e:
6a:c0:84:e8:90:ea:9b:b9:0d:4e:ec:fe:a2:99:f7:
42:9e:15:71:00:78:79:aa:eb:0f:3e:35:e7:6c:06:
9e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D7:B7:BE:D2:B3:F7:0D:39:CA:05:AA:A7:A9:35:B7:71:B9:7F:AE
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/BNe3vtKz9w05ygWqp6k1t3G5f64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.72.0/24
86.106.89.0/24
86.107.241.0/24
89.35.25.0/24
89.35.135.0/24
89.40.37.0/24
89.43.48.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:0f:5d:90:b9:f0:a8:c7:05:14:e9:63:9f:cf:4c:85:b7:89:
8c:5c:61:69:41:ae:c3:56:97:83:75:dd:a8:c0:f5:2e:32:97:
75:bc:60:cf:4d:e2:24:22:2d:73:d6:3a:0f:6e:fd:81:2f:1d:
3d:ac:b6:c1:99:e3:4b:a9:70:64:f6:c3:57:70:da:c6:ea:d9:
c4:55:d6:a0:b9:06:0d:6f:58:2f:99:5c:f8:ea:be:d9:8e:c2:
02:ab:3c:7e:5a:9d:d3:6d:8c:06:17:b1:8f:8b:be:68:c3:74:
42:0e:53:a4:d4:3f:5e:8a:a7:e9:48:cb:a3:97:c7:07:4e:38:
cb:9e:04:54:2a:86:aa:82:8b:85:e2:ca:a2:4a:7b:97:57:de:
7d:a9:2a:64:51:cc:8a:a9:fa:fe:04:5c:e8:25:e9:7d:db:75:
1c:39:97:90:b9:b7:af:61:c7:7a:6c:72:63:d3:49:39:87:29:
d9:c0:b7:44:38:20:f7:7c:6e:cc:7f:3a:53:57:dd:9f:a7:8a:
e0:d2:87:d7:55:e6:33:cf:2f:6a:db:a4:61:12:9e:95:4f:d6:
e9:83:51:00:36:c2:7a:fa:43:45:3e:a6:6e:6f:55:74:2f:f8:
a5:59:0f:d6:c4:8d:9a:65:ec:aa:dc:ef:5a:a1:6f:99:c0:43:
c3:79:2d:61
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBZIr8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDEy
NTAwMjQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRkN2I3YmVkMmIz
ZjcwZDM5Y2EwNWFhYTdhOTM1Yjc3MWI5N2ZhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4hOmbIIoSNlvELYUNWzruU9HY9PPhtqaqR+xO820cz9diC
wd1Q+cYIUkxEuSmLTFTfxEB98kdzhg1YWXZzWBe6BaDhifRIcJL6Bl9urpx42Btd
iQ0my3E8eUcRtfvNvrvXmV/uGybPJbJyD2ugMav40U6n02ronzZVjl23ojiZPuec
PHgBB3rcYEWwN9XRxVDM1pOHH56+sPCb+7mbcayGCRWONUfkPb2RFp0qDxyghgh9
KncJ890AUXwfJKbMHW17cDNIOdTRl219k6m4uzZ08Or7YXBWAqjeODgvTX1+asCE
6JDqm7kNTuz+opn3Qp4VcQB4earrDz4152wGnicCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQE17e+0rP3DTnKBaqnqTW3cbl/rjAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L0JOZTN2dEt6OXcwNXlnV3FwNmsxdDNHNWY2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFXMSAMEAFZqWQMEAFZr8QMEAFkj
GQMEAFkjhwMEAFkoJQMEAFkrMDANBgkqhkiG9w0BAQsFAAOCAQEAwA9dkLnwqMcF
FOljn89MhbeJjFxhaUGuw1aXg3XdqMD1LjKXdbxgz03iJCItc9Y6D279gS8dPay2
wZnjS6lwZPbDV3DaxurZxFXWoLkGDW9YL5lc+Oq+2Y7CAqs8flqd022MBhexj4u+
aMN0Qg5TpNQ/Xoqn6UjLo5fHB044y54EVCqGqoKLheLKokp7l1fefakqZFHMiqn6
/gRc6CXpfdt1HDmXkLm3r2HHemxyY9NJOYcp2cC3RDgg93xuzH86U1fdn6eK4NKH
11XmM88vatukYRKelU/W6YNRADbCevpDRT6mbm9VdC/4pVkP1sSNmmXsqtzvWqFv
mcBDw3ktYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-fra.rpki-client.org