Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/9NNaMGNmo7sU3zLbSn3eLqWU2Jk.roa
File: 9NNaMGNmo7sU3zLbSn3eLqWU2Jk.roa (raw, json)
Hash identifier: eg+FGdejh3Sn9nARlKycJxJ3+osdH2g8q47xxSuDLU0=
Subject key identifier: F4:D3:5A:30:63:66:A3:BB:14:DF:32:DB:4A:7D:DE:2E:A5:94:D8:99
Certificate issuer: /CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Certificate serial: 381F6604
Authority key identifier: ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/9NNaMGNmo7sU3zLbSn3eLqWU2Jk.roa
Signing time: Sat 01 Jan 2022 02:59:00 +0000
ROA not before: Sat 01 Jan 2022 02:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20704
IP address blocks: 81.92.246.0/24 maxlen: 24
81.92.242.0/24 maxlen: 24
81.92.245.0/24 maxlen: 24
81.92.244.0/24 maxlen: 24
81.92.243.0/24 maxlen: 24
81.92.247.0/24 maxlen: 24
217.196.64.0/19 maxlen: 20
2001:1408::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941581828 (0x381f6604)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Validity
Not Before: Jan 1 02:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4d35a306366a3bb14df32db4a7dde2ea594d899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:98:c1:06:96:91:34:73:e1:90:33:61:98:
4a:fa:c0:80:ca:0a:d2:64:f2:84:04:63:ff:39:f3:
04:a1:ed:0b:1c:9a:58:a4:fa:68:95:7d:39:cf:de:
96:e6:74:ec:3d:7d:f2:bf:1c:0e:cd:8c:67:f9:c3:
43:58:40:a7:5c:f4:d0:93:16:f2:df:ab:48:88:4f:
6b:99:47:96:59:4b:fa:b6:44:b6:84:a6:eb:a8:3d:
bc:a5:89:2e:33:6e:57:d1:ad:19:67:b9:6e:67:88:
c9:41:dd:56:2d:b3:70:85:eb:9d:dc:54:3f:0e:ad:
05:8b:89:0f:0e:cf:6b:06:bb:92:d8:f9:e6:78:6f:
6b:d4:38:21:6a:fc:16:cd:6d:b1:f1:41:bd:7d:c5:
19:a9:86:33:4a:7a:20:c5:77:3d:ba:fb:01:52:23:
62:2e:59:4e:c1:f4:f8:48:15:37:03:49:5c:d1:ca:
37:f8:04:da:de:fd:ec:15:a2:9e:9c:b6:fa:11:db:
3b:e4:ac:0e:c7:f4:79:c5:05:83:59:c7:21:ce:6c:
0d:08:7c:07:3c:e6:7f:90:de:7b:22:4a:5c:94:61:
2a:bc:3f:c8:37:92:a7:27:b7:33:58:6e:48:d6:5f:
15:f1:1f:ee:fb:35:5f:d1:29:d5:67:34:b8:d1:d4:
fe:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D3:5A:30:63:66:A3:BB:14:DF:32:DB:4A:7D:DE:2E:A5:94:D8:99
X509v3 Authority Key Identifier:
keyid:ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/9NNaMGNmo7sU3zLbSn3eLqWU2Jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.242.0-81.92.247.255
217.196.64.0/19
IPv6:
2001:1408::/32
Signature Algorithm: sha256WithRSAEncryption
42:cd:48:71:1f:39:20:89:be:1c:c5:48:3f:85:b1:62:26:17:
3f:b9:6c:ba:3e:5d:d3:e3:bf:c5:38:20:81:34:8b:c6:c7:5f:
5c:b4:ca:9f:8f:91:72:71:24:bc:33:2a:a1:78:c8:f4:67:a0:
61:c5:4d:b5:19:74:4d:7f:06:14:42:e4:4a:68:d1:24:d2:f5:
ce:10:3c:db:49:26:f9:c9:a9:07:46:06:fa:cc:45:f4:93:5d:
88:53:dc:d5:6e:d0:58:64:88:2e:64:df:b9:d1:79:3a:8c:5a:
6a:1a:92:a4:5e:d5:a4:32:8e:c8:cd:49:ad:bc:02:b1:45:d3:
a4:f1:8f:64:63:e2:65:7c:88:c9:bd:5a:aa:ba:cb:f6:85:e5:
2d:e3:2a:9b:17:d8:55:ad:4b:a8:c6:ef:6f:8c:96:7e:7c:b3:
ab:5f:e8:04:a1:36:27:22:cf:1e:2d:44:3b:5d:75:c9:d7:81:
7e:8c:21:25:4f:d9:ed:46:01:3a:77:c1:8a:fc:09:ee:06:d1:
91:33:04:61:b2:2c:8f:47:65:08:03:2f:de:c6:99:92:bd:4c:
33:f0:23:42:78:e6:b4:b9:62:02:e3:c9:a9:ad:be:e4:b0:fe:
d4:43:89:be:de:c2:78:0d:ed:87:42:89:ac:8f:fb:c5:26:c8:
ff:f7:6d:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEOB9mBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGMyMjEzOGMwYWY4MWM1Y2JmNDNhNGY4ZGRkN2M4ZGUxM2M3MjMwMB4XDTIyMDEw
MTAyNTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRkMzVhMzA2MzY2
YTNiYjE0ZGYzMmRiNGE3ZGRlMmVhNTk0ZDg5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxzmMEGlpE0c+GQM2GYSvrAgMoK0mTyhARj/znzBKHtCxya
WKT6aJV9Oc/eluZ07D198r8cDs2MZ/nDQ1hAp1z00JMW8t+rSIhPa5lHlllL+rZE
toSm66g9vKWJLjNuV9GtGWe5bmeIyUHdVi2zcIXrndxUPw6tBYuJDw7Pawa7ktj5
5nhva9Q4IWr8Fs1tsfFBvX3FGamGM0p6IMV3Pbr7AVIjYi5ZTsH0+EgVNwNJXNHK
N/gE2t797BWinpy2+hHbO+SsDsf0ecUFg1nHIc5sDQh8Bzzmf5DeeyJKXJRhKrw/
yDeSpye3M1huSNZfFfEf7vs1X9Ep1Wc0uNHU/oMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBT001owY2ajuxTfMttKfd4upZTYmTAfBgNVHSMEGDAWgBTtwiE4wK+Bxcv0
Ok+N3XyN4TxyMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdjSWhPTUN2Z2NYTDlEcFBqZDE4amVFOGNqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvNjQ5YWViLTc4ZGQtNDIyZi04OWM2LTU1MzhkYzBiYjA5OS8x
LzlOTmFNR05tbzdzVTN6TGJTbjNlTHFXVTJKay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
NjQ5YWViLTc4ZGQtNDIyZi04OWM2LTU1MzhkYzBiYjA5OS8xLzdjSWhPTUN2Z2NY
TDlEcFBqZDE4amVFOGNqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQBUVzyAwQDUVzwAwQF2cRAMA0E
AgACMAcDBQAgARQIMA0GCSqGSIb3DQEBCwUAA4IBAQBCzUhxHzkgib4cxUg/hbFi
Jhc/uWy6Pl3T47/FOCCBNIvGx19ctMqfj5FycSS8MyqheMj0Z6BhxU21GXRNfwYU
QuRKaNEk0vXOEDzbSSb5yakHRgb6zEX0k12IU9zVbtBYZIguZN+50Xk6jFpqGpKk
XtWkMo7IzUmtvAKxRdOk8Y9kY+JlfIjJvVqqusv2heUt4yqbF9hVrUuoxu9vjJZ+
fLOrX+gEoTYnIs8eLUQ7XXXJ14F+jCElT9ntRgE6d8GK/AnuBtGRMwRhsiyPR2UI
Ay/expmSvUwz8CNCeOa0uWIC48mprb7ksP7UQ4m+3sJ4De2HQomsj/vFJsj/921G
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:42 2023 by rpki-client on console-ams.rpki-client.org