Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/NDIkz95PjI8m1pQHhD9Q_vxvZV0.roa
File: NDIkz95PjI8m1pQHhD9Q_vxvZV0.roa (raw, json)
Hash identifier: ms5qocAc1i0wirlmSgL3hqKEfaDyfdb0/cM59J2CAU4=
Subject key identifier: 34:32:24:CF:DE:4F:8C:8F:26:D6:94:07:84:3F:50:FE:FC:6F:65:5D
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: B98F9F
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/NDIkz95PjI8m1pQHhD9Q_vxvZV0.roa
Signing time: Sat 01 Jan 2022 13:02:13 +0000
ROA not before: Sat 01 Jan 2022 13:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21461
IP address blocks: 93.89.0.0/24 maxlen: 24
93.89.5.0/24 maxlen: 24
93.89.6.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12160927 (0xb98f9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jan 1 13:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=343224cfde4f8c8f26d69407843f50fefc6f655d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:98:a3:f0:76:27:e9:e2:4a:08:c8:45:55:e8:
39:fe:a2:ba:45:d4:45:98:3f:32:df:65:d1:96:d9:
37:9f:21:9b:21:2a:ed:44:f3:30:ad:43:93:0b:10:
95:53:23:ec:ea:da:f5:66:47:87:b8:5e:43:a5:7b:
68:ee:6c:a5:60:38:06:58:6b:f7:76:fb:34:75:61:
df:d5:61:b1:3c:05:84:1c:07:21:9b:1f:79:33:31:
40:29:42:fb:b8:74:16:73:5a:4a:ec:9c:78:4b:ae:
2f:37:03:54:57:cb:31:8d:a9:50:50:38:fd:1c:f0:
0a:57:c9:4c:15:05:0c:5e:b8:6c:cd:5f:eb:ed:21:
88:53:a1:fe:a4:e1:fa:c8:c6:d2:6d:c4:71:a8:4a:
9b:01:b2:10:e8:df:33:67:e9:ed:18:5a:61:fe:57:
9d:9b:eb:21:e8:b4:e4:9b:ac:dd:73:49:16:0b:ed:
7c:0c:fc:22:5a:a2:d3:6e:81:7d:70:74:75:a9:47:
7c:8f:c4:22:f6:06:3f:d6:5a:53:bc:a8:b1:5f:3e:
1c:8e:1a:f4:37:40:76:82:3c:88:a1:39:55:6d:d1:
55:74:84:23:32:b4:d6:92:57:11:95:18:df:c8:e9:
07:f8:85:b6:e2:eb:e5:ea:af:02:19:f3:aa:08:05:
6a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:32:24:CF:DE:4F:8C:8F:26:D6:94:07:84:3F:50:FE:FC:6F:65:5D
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/NDIkz95PjI8m1pQHhD9Q_vxvZV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.0.0/24
93.89.5.0-93.89.7.255
Signature Algorithm: sha256WithRSAEncryption
66:b5:4a:f8:93:f4:0f:e2:5c:c7:c8:ba:a7:e0:a4:a7:89:1f:
b8:53:5c:94:6e:60:94:84:7f:0b:b9:49:ef:cf:f4:bf:59:b6:
0e:45:e9:f8:1c:08:79:20:b3:b8:f0:70:c8:da:a4:3b:11:5c:
87:7a:40:55:db:17:c0:74:ba:90:34:f2:94:f6:1d:c4:bf:86:
57:c6:99:0e:47:9a:9e:08:72:06:6c:36:f3:50:0e:0f:bf:45:
28:2c:4f:d1:d1:5a:ce:f4:f2:c0:ad:27:22:9b:89:8b:d5:5b:
24:8c:43:e3:60:f1:f8:13:cc:94:de:b1:ff:d6:ad:30:a8:90:
e8:14:a0:87:b1:70:4d:0d:e1:7e:97:f2:c1:cf:a9:ad:65:fc:
a2:ab:c6:d5:7e:e3:0a:98:2e:ff:bb:e7:9b:01:0e:17:93:6b:
d8:14:d3:48:19:45:c3:8d:1b:b2:fc:48:9d:6e:d9:81:cb:2f:
d9:b8:70:fb:99:5e:02:7b:aa:bf:be:71:db:75:59:27:f2:56:
0b:a6:f3:29:46:e0:39:f4:ab:ba:d5:6e:d8:b7:6d:69:31:e1:
ae:df:22:b3:68:a7:09:d1:3d:aa:6d:1d:b0:c1:17:90:40:1f:
93:9b:27:7e:6e:89:e6:a9:fe:78:3b:44:28:35:64:7e:a3:18:
17:be:71:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEALmPnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2ViMGViZDg3OGI3N2Q0MmYyY2E5ZGQwOGY3MGMzMjNjNWQwM2RiMB4XDTIyMDEw
MTEzMDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQzMjI0Y2ZkZTRm
OGM4ZjI2ZDY5NDA3ODQzZjUwZmVmYzZmNjU1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2Yo/B2J+niSgjIRVXoOf6iukXURZg/Mt9l0ZbZN58hmyEq
7UTzMK1DkwsQlVMj7Ora9WZHh7heQ6V7aO5spWA4Blhr93b7NHVh39VhsTwFhBwH
IZsfeTMxQClC+7h0FnNaSuyceEuuLzcDVFfLMY2pUFA4/RzwClfJTBUFDF64bM1f
6+0hiFOh/qTh+sjG0m3EcahKmwGyEOjfM2fp7RhaYf5XnZvrIei05Jus3XNJFgvt
fAz8Ilqi026BfXB0dalHfI/EIvYGP9ZaU7yosV8+HI4a9DdAdoI8iKE5VW3RVXSE
IzK01pJXEZUY38jpB/iFtuLr5eqvAhnzqggFaocCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQ0MiTP3k+MjybWlAeEP1D+/G9lXTAfBgNVHSMEGDAWgBRc6w69h4t31C8s
qd0I9wwyPF0D2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hPc092WWVMZDlRdkxLbmRDUGNNTWp4ZEE5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvM2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8x
L05ESWt6OTVQakk4bTFwUUhoRDlRX3Z4dlpWMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
M2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8xL1hPc092WWVMZDlR
dkxLbmRDUGNNTWp4ZEE5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAF1ZADAMAwQAXVkFAwQDXVkAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmtUr4k/QP4lzHyLqn4KSniR+4U1yUbmCUhH8LuUnv
z/S/WbYORen4HAh5ILO48HDI2qQ7EVyHekBV2xfAdLqQNPKU9h3Ev4ZXxpkOR5qe
CHIGbDbzUA4Pv0UoLE/R0VrO9PLArScim4mL1VskjEPjYPH4E8yU3rH/1q0wqJDo
FKCHsXBNDeF+l/LBz6mtZfyiq8bVfuMKmC7/u+ebAQ4Xk2vYFNNIGUXDjRuy/Eid
btmByy/ZuHD7mV4Ce6q/vnHbdVkn8lYLpvMpRuA59Ku61W7Yt21pMeGu3yKzaKcJ
0T2qbR2wwReQQB+Tmyd+bonmqf54O0QoNWR+oxgXvnHp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org