Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/ZFKcrLkYo-W4fE_stpwl_W3gvAM.roa
File: ZFKcrLkYo-W4fE_stpwl_W3gvAM.roa (raw, json)
Hash identifier: T6U1TitIk7zAB0QLGN4OJsdHBVV59HBlpcq5wpO8i00=
Subject key identifier: 64:52:9C:AC:B9:18:A3:E5:B8:7C:4F:EC:B6:9C:25:FD:6D:E0:BC:03
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 0A7FD8C6
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/ZFKcrLkYo-W4fE_stpwl_W3gvAM.roa
Signing time: Sat 01 Jan 2022 02:54:16 +0000
ROA not before: Sat 01 Jan 2022 02:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41200
IP address blocks: 89.46.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176150726 (0xa7fd8c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 02:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64529cacb918a3e5b87c4fecb69c25fd6de0bc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:98:08:b9:fc:1f:86:8c:d2:0a:6b:bd:b2:
32:62:63:f6:25:a1:6a:fd:eb:1c:b5:b5:4a:9c:71:
d5:bb:26:d3:fa:1f:35:33:87:17:91:8b:e6:57:bb:
6c:47:2a:ba:97:73:df:e6:e0:6e:8d:dc:23:2e:d2:
b0:4c:79:2b:c9:27:b0:93:e3:c5:d4:42:7c:70:5b:
6e:52:bd:9a:aa:03:bf:a2:3f:46:c7:81:e9:78:d5:
cf:45:95:ce:6a:80:20:5b:1d:5b:08:4b:ef:5b:db:
c1:d9:d4:31:2f:13:95:68:b5:96:71:85:e4:a2:80:
fb:36:04:c9:9a:ee:c9:96:1a:65:54:de:93:03:d7:
e2:8f:e6:81:6a:f1:32:c3:34:3d:2b:e7:5a:aa:85:
45:08:11:6e:3a:8f:0c:d0:d2:03:e5:be:8c:6d:4d:
9e:30:84:6c:82:45:4a:fb:85:50:86:ca:33:9a:28:
38:40:ff:04:88:ab:12:61:ac:95:d1:16:b8:48:8e:
40:15:c9:02:e9:03:00:20:8a:16:b3:48:c5:33:90:
2c:48:fa:08:d2:91:9b:fd:60:cb:b5:02:8d:a5:fa:
0e:dc:a6:13:c1:a3:53:3d:38:ec:b1:c8:67:0a:f3:
d9:d7:a7:74:44:23:c3:78:b1:3e:53:81:51:66:6d:
c5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:52:9C:AC:B9:18:A3:E5:B8:7C:4F:EC:B6:9C:25:FD:6D:E0:BC:03
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/ZFKcrLkYo-W4fE_stpwl_W3gvAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.124.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:20:54:4a:b9:1c:a6:51:32:0c:d0:51:43:a2:2e:b2:ef:43:
1e:70:85:9a:a1:96:1a:b9:fd:a7:0b:fa:93:7d:f1:8d:17:73:
f4:b1:61:14:85:cc:64:13:ee:47:59:6c:a7:00:01:49:67:f1:
dd:6a:65:5f:28:d9:e6:79:18:9e:8f:7d:47:d7:68:b7:43:76:
f1:ef:17:d6:77:8d:f0:03:6d:de:65:ee:c0:ab:07:4c:75:2b:
d6:d5:e5:23:05:98:1f:14:a5:99:d8:2d:60:da:65:50:f2:44:
7b:ee:08:c9:6a:c5:8c:80:88:0c:4c:d0:e3:d0:dc:12:24:8f:
8d:48:bb:e6:1c:e5:7d:55:5a:a4:0a:ea:d8:9b:f7:50:e3:93:
7b:06:48:34:87:2f:80:3b:5d:ca:1b:ec:76:99:c3:20:e3:43:
0e:41:26:13:fc:60:0e:71:30:a4:3b:bd:e6:65:c2:24:6b:49:
c0:5c:ff:2e:3c:1a:f2:ee:86:8c:df:57:56:6c:b6:e6:80:d0:
9c:79:b1:d2:01:d2:38:ce:0e:fb:1b:57:51:a4:c3:e6:83:99:
06:ae:62:48:00:71:dc:ca:52:b2:70:44:c6:d8:a3:3f:1e:3c:
23:37:37:61:83:5f:66:44:3a:de:2b:a7:05:39:96:31:f5:39:
a9:d4:e0:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECn/YxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGMyMGFlMWRhY2NhMzE4MTViMjc0NzAyOTI3YzFhNWE5ZGJjN2IzMB4XDTIyMDEw
MTAyNTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ1MjljYWNiOTE4
YTNlNWI4N2M0ZmVjYjY5YzI1ZmQ2ZGUwYmMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsPmAi5/B+GjNIKa72yMmJj9iWhav3rHLW1Spxx1bsm0/of
NTOHF5GL5le7bEcqupdz3+bgbo3cIy7SsEx5K8knsJPjxdRCfHBbblK9mqoDv6I/
RseB6XjVz0WVzmqAIFsdWwhL71vbwdnUMS8TlWi1lnGF5KKA+zYEyZruyZYaZVTe
kwPX4o/mgWrxMsM0PSvnWqqFRQgRbjqPDNDSA+W+jG1NnjCEbIJFSvuFUIbKM5oo
OED/BIirEmGsldEWuEiOQBXJAukDACCKFrNIxTOQLEj6CNKRm/1gy7UCjaX6Dtym
E8GjUz047LHIZwrz2dendEQjw3ixPlOBUWZtxbUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkUpysuRij5bh8T+y2nCX9beC8AzAfBgNVHSMEGDAWgBSwwgrh2syjGBWy
dHApJ8GlqdvHszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NNSUs0ZHJNb3hnVnNuUndLU2ZCcGFuYng3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8x
L1pGS2NyTGtZby1XNGZFX3N0cHdsX1czZ3ZBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8xL3NNSUs0ZHJNb3hn
VnNuUndLU2ZCcGFuYng3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkufDANBgkqhkiG9w0BAQsFAAOC
AQEASiBUSrkcplEyDNBRQ6Iusu9DHnCFmqGWGrn9pwv6k33xjRdz9LFhFIXMZBPu
R1lspwABSWfx3WplXyjZ5nkYno99R9dot0N28e8X1neN8ANt3mXuwKsHTHUr1tXl
IwWYHxSlmdgtYNplUPJEe+4IyWrFjICIDEzQ49DcEiSPjUi75hzlfVVapArq2Jv3
UOOTewZINIcvgDtdyhvsdpnDIONDDkEmE/xgDnEwpDu95mXCJGtJwFz/Ljwa8u6G
jN9XVmy25oDQnHmx0gHSOM4O+xtXUaTD5oOZBq5iSABx3MpSsnBExtijPx48Izc3
YYNfZkQ63iunBTmWMfU5qdTg3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org