Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/uL2tOzjZj_oe4jzz40R7jdORIRU.roa
File: uL2tOzjZj_oe4jzz40R7jdORIRU.roa (raw, json)
Hash identifier: 463Gv9FwOf6sBfhVD4C0INRAwcIS5ULy5lc8pe0sZQE=
Subject key identifier: B8:BD:AD:3B:38:D9:8F:FA:1E:E2:3C:F3:E3:44:7B:8D:D3:91:21:15
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 01877D3D4FBB3F911BE7D0F71F09EDA35B5A
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/uL2tOzjZj_oe4jzz40R7jdORIRU.roa
Signing time: Fri 14 Apr 2023 00:49:42 +0000
ROA not before: Fri 14 Apr 2023 00:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.38.134.0/24 maxlen: 24
89.39.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7d:3d:4f:bb:3f:91:1b:e7:d0:f7:1f:09:ed:a3:5b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Apr 14 00:49:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8bdad3b38d98ffa1ee23cf3e3447b8dd3912115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:9a:9e:27:05:63:6d:84:7a:3c:5e:0a:a0:
1a:d8:8c:b0:8b:c9:d3:b9:1d:26:73:4d:ac:24:c0:
3d:6c:8a:e2:05:2f:b1:4d:0a:d2:cd:f3:61:4b:ae:
c6:62:d1:81:29:c5:44:5d:38:17:af:b5:da:ea:c4:
36:f3:c4:42:b7:48:e1:8f:55:9d:c9:fc:8d:c9:43:
c9:7a:cf:ff:c7:8a:7e:4e:58:00:fb:b7:c7:0d:fb:
31:e1:46:4b:6e:a1:67:0b:13:0b:1f:57:d3:45:c7:
74:6c:23:f4:46:0b:36:29:4a:37:53:a5:b9:a8:9a:
2f:97:a7:fd:7f:a5:cd:b3:79:42:b5:c1:c9:b0:e2:
63:86:c4:71:e4:06:f5:98:7c:e2:04:e3:47:46:ab:
b2:90:5a:e0:c6:3e:5a:19:80:83:75:fe:76:d9:6a:
18:79:21:7d:fb:03:b1:18:f2:81:13:ec:b7:cb:ad:
f2:71:60:dd:96:ce:0a:ee:ce:46:50:cd:3f:2f:bc:
5c:60:02:a0:69:4a:b4:d3:d5:28:5b:d5:0f:b1:40:
f1:49:c6:6b:d2:2a:c6:82:9c:6c:c5:c0:35:7a:a7:
7f:d3:ca:3f:05:7f:2a:e1:1e:01:8e:bc:9f:a1:b9:
88:97:e3:99:3b:78:69:23:9f:14:34:90:c4:d9:41:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BD:AD:3B:38:D9:8F:FA:1E:E2:3C:F3:E3:44:7B:8D:D3:91:21:15
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/uL2tOzjZj_oe4jzz40R7jdORIRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.134.0/24
89.39.91.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1c:cf:ce:70:ea:a3:0b:1b:26:43:65:f9:d3:a6:c3:a7:22:
fe:a0:70:f0:76:68:e9:7b:78:e3:26:92:31:b1:df:8c:f6:2f:
09:56:50:30:e3:d7:69:98:26:b7:3f:3f:64:39:9f:8c:f3:98:
6f:ce:f8:06:36:d7:a4:2d:b3:cd:2b:84:7b:60:c4:da:09:98:
31:6c:6e:c8:ee:25:10:77:ab:d4:a6:ff:0f:d1:2d:4b:cf:42:
4b:39:78:50:db:65:5d:b0:0d:f6:c6:49:39:09:d9:fd:9f:23:
c2:49:15:b0:12:2e:59:f8:f5:8b:d5:fa:6d:f2:6d:b5:51:86:
24:6c:c1:89:77:3d:d5:6e:8d:cd:b5:ca:40:17:46:ce:ed:99:
30:51:03:b5:4f:22:bb:90:fd:1d:0e:1b:02:9d:86:81:4e:58:
8e:5a:ff:d1:cc:50:9d:2c:cf:e9:17:e9:e0:9f:df:35:95:86:
ef:84:b3:5b:b0:75:db:35:bc:37:d8:9b:67:d1:6d:e4:59:d4:
60:2c:a6:7f:27:7e:5a:03:d2:50:b9:44:b6:88:8c:c1:1f:e2:
35:12:a8:83:b7:27:fb:8b:b2:3f:67:8d:3a:d6:60:7f:19:33:
19:c3:ae:48:94:c3:f6:29:20:26:f3:77:26:34:95:02:89:7d:
2e:0b:08:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd9PU+7P5Eb59D3Hwnto1taMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwNDE0MDA0OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGJkYWQzYjM4ZDk4ZmZhMWVlMjNjZjNlMzQ0N2I4ZGQzOTEyMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY2anicFY22EejxeCqAa2Iywi8nT
uR0mc02sJMA9bIriBS+xTQrSzfNhS67GYtGBKcVEXTgXr7Xa6sQ288RCt0jhj1Wd
yfyNyUPJes//x4p+TlgA+7fHDfsx4UZLbqFnCxMLH1fTRcd0bCP0Rgs2KUo3U6W5
qJovl6f9f6XNs3lCtcHJsOJjhsRx5Ab1mHziBONHRquykFrgxj5aGYCDdf522WoY
eSF9+wOxGPKBE+y3y63ycWDdls4K7s5GUM0/L7xcYAKgaUq009UoW9UPsUDxScZr
0irGgpxsxcA1eqd/08o/BX8q4R4BjryfobmIl+OZO3hpI58UNJDE2UH9GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLi9rTs42Y/6HuI88+NEe43TkSEVMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvdUwydE96alpqX29lNGp6ejQwUjdqZE9SSVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSaGAwQA
WSdbMA0GCSqGSIb3DQEBCwUAA4IBAQBNHM/OcOqjCxsmQ2X506bDpyL+oHDwdmjp
e3jjJpIxsd+M9i8JVlAw49dpmCa3Pz9kOZ+M85hvzvgGNtekLbPNK4R7YMTaCZgx
bG7I7iUQd6vUpv8P0S1Lz0JLOXhQ22VdsA32xkk5Cdn9nyPCSRWwEi5Z+PWL1fpt
8m21UYYkbMGJdz3Vbo3NtcpAF0bO7ZkwUQO1TyK7kP0dDhsCnYaBTliOWv/RzFCd
LM/pF+ngn981lYbvhLNbsHXbNbw32Jtn0W3kWdRgLKZ/J35aA9JQuUS2iIzBH+I1
EqiDtyf7i7I/Z4061mB/GTMZw65IlMP2KSAm83cmNJUCiX0uCwi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org