Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/3ah6176l1gQwFXvP42tiFl4lo0o.roa
File: 3ah6176l1gQwFXvP42tiFl4lo0o.roa (raw, json)
Hash identifier: YIOyb651PWsvBwBoBbu0QlWbBEqm1RuhUHlpU6k40Vg=
Subject key identifier: DD:A8:7A:D7:BE:A5:D6:04:30:15:7B:CF:E3:6B:62:16:5E:25:A3:4A
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 01880E807A62186A9A9707185B21DCD45E1D
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/3ah6176l1gQwFXvP42tiFl4lo0o.roa
Signing time: Fri 12 May 2023 05:48:00 +0000
ROA not before: Fri 12 May 2023 05:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 89.47.94.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:80:7a:62:18:6a:9a:97:07:18:5b:21:dc:d4:5e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: May 12 05:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dda87ad7bea5d60430157bcfe36b62165e25a34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:de:13:ff:71:08:14:4a:27:dd:10:1f:9f:0e:
01:61:ff:d5:d2:de:fd:f0:83:f8:73:7c:98:ea:09:
58:37:43:1e:b0:85:88:bc:07:8f:8e:37:fa:57:4e:
da:65:6d:7b:d3:6b:c5:98:a1:df:e8:4a:8f:5f:93:
2e:80:d5:e0:cf:c8:40:ae:78:9e:17:2f:78:45:a4:
b6:c5:b6:dd:17:42:bb:e1:a1:59:64:39:ad:79:ad:
d3:3b:51:81:53:e9:8b:7f:c4:06:9f:c2:2c:aa:de:
1d:77:95:e7:61:7e:e5:2e:7e:60:91:67:61:0c:eb:
d1:23:f0:01:18:fe:31:d4:69:45:c4:fc:54:b7:18:
64:1f:37:db:1a:98:03:0e:51:0a:8d:08:ba:c5:a2:
71:cc:6c:83:b5:ce:39:17:af:a4:ed:83:44:74:33:
2f:b8:72:54:0b:2f:2a:bf:a4:d1:b4:71:b7:23:62:
68:6b:4c:6a:70:f4:22:13:a8:d1:3a:0a:30:d2:4c:
d9:52:d8:da:82:ce:a5:05:da:5f:ba:c1:d0:b1:b7:
2f:e7:4e:27:87:d9:c6:20:79:42:18:c1:27:85:dd:
09:01:5c:52:49:37:d8:eb:29:d9:21:68:e4:db:01:
f6:40:2e:00:5d:3a:d4:64:7e:88:cd:d1:37:fe:d3:
f2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A8:7A:D7:BE:A5:D6:04:30:15:7B:CF:E3:6B:62:16:5E:25:A3:4A
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/3ah6176l1gQwFXvP42tiFl4lo0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:31:26:3f:56:e1:c7:43:86:b3:51:af:54:e7:3b:93:7d:eb:
9a:5c:1d:97:c2:a3:cf:ad:02:29:ab:04:a4:12:16:f5:40:d9:
db:21:2d:53:41:fd:db:20:42:cb:17:ae:7b:0f:fa:d6:4e:4e:
b6:31:7d:96:f8:b2:20:7e:d5:45:06:2a:9f:2d:68:9d:78:ed:
51:9b:d7:84:84:3a:c3:0b:b6:fb:91:2e:66:b4:d3:b6:c3:ba:
70:e1:9e:c7:c5:49:b4:97:f3:52:b9:19:0f:d7:fd:3b:6a:aa:
3a:e6:51:c9:64:b6:7e:c3:e1:7f:2c:54:7a:48:93:06:46:14:
89:28:61:f3:39:4c:77:d5:cf:59:9a:22:50:fe:db:02:5f:77:
a3:2a:41:d3:7e:cd:05:68:77:ff:3a:f3:e5:17:4f:4c:7e:62:
5f:af:a0:c3:f5:f5:60:5e:4a:19:2b:a1:56:aa:06:19:5f:38:
2e:58:89:5b:ff:ed:56:0e:cc:6f:18:3a:96:23:e7:ed:8d:c4:
03:74:ad:b6:3d:13:f4:fd:df:01:48:45:4a:1a:d2:23:fc:39:
62:cc:cc:1a:56:99:4d:1d:f3:72:a5:25:e8:66:18:17:c8:a3:
f7:c9:e1:17:cc:f4:5b:98:6b:3a:bb:9b:16:da:80:0e:c1:c2:
06:4c:62:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgOgHpiGGqalwcYWyHc1F4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwNTEyMDU0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGE4N2FkN2JlYTVkNjA0MzAxNTdiY2ZlMzZiNjIxNjVlMjVhMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN4T/3EIFEon3RAfnw4BYf/V0t79
8IP4c3yY6glYN0MesIWIvAePjjf6V07aZW1702vFmKHf6EqPX5MugNXgz8hArnie
Fy94RaS2xbbdF0K74aFZZDmtea3TO1GBU+mLf8QGn8Isqt4dd5XnYX7lLn5gkWdh
DOvRI/ABGP4x1GlFxPxUtxhkHzfbGpgDDlEKjQi6xaJxzGyDtc45F6+k7YNEdDMv
uHJUCy8qv6TRtHG3I2Joa0xqcPQiE6jROgow0kzZUtjags6lBdpfusHQsbcv504n
h9nGIHlCGMEnhd0JAVxSSTfY6ynZIWjk2wH2QC4AXTrUZH6IzdE3/tPy7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2oete+pdYEMBV7z+NrYhZeJaNKMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvM2FoNjE3NmwxZ1F3Rlh2UDQydGlGbDRsbzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9eMA0G
CSqGSIb3DQEBCwUAA4IBAQA6MSY/VuHHQ4azUa9U5zuTfeuaXB2XwqPPrQIpqwSk
Ehb1QNnbIS1TQf3bIELLF657D/rWTk62MX2W+LIgftVFBiqfLWideO1Rm9eEhDrD
C7b7kS5mtNO2w7pw4Z7HxUm0l/NSuRkP1/07aqo65lHJZLZ+w+F/LFR6SJMGRhSJ
KGHzOUx31c9ZmiJQ/tsCX3ejKkHTfs0FaHf/OvPlF09MfmJfr6DD9fVgXkoZK6FW
qgYZXzguWIlb/+1WDsxvGDqWI+ftjcQDdK22PRP0/d8BSEVKGtIj/DlizMwaVplN
HfNypSXoZhgXyKP3yeEXzPRbmGs6u5sW2oAOwcIGTGJM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org