Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/SaBJgm_j0hk1hYmKs7O0guK-9AY.roa
File: SaBJgm_j0hk1hYmKs7O0guK-9AY.roa (raw, json)
Hash identifier: Wqja5yGu7ZRjCa9ZTCUvYLmlsdpT5zV5eHhWYZ9/gJ0=
Subject key identifier: 49:A0:49:82:6F:E3:D2:19:35:85:89:8A:B3:B3:B4:82:E2:BE:F4:06
Certificate issuer: /CN=769dc32be17d9e4decd4fb7beee275e5783ea891
Certificate serial: 01E8FBB2
Authority key identifier: 76:9D:C3:2B:E1:7D:9E:4D:EC:D4:FB:7B:EE:E2:75:E5:78:3E:A8:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/SaBJgm_j0hk1hYmKs7O0guK-9AY.roa
Signing time: Sat 01 Jan 2022 13:59:40 +0000
ROA not before: Sat 01 Jan 2022 13:59:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39838
IP address blocks: 89.39.219.0/24 maxlen: 24
89.39.217.0/24 maxlen: 24
89.39.220.0/24 maxlen: 24
89.42.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32046002 (0x1e8fbb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=769dc32be17d9e4decd4fb7beee275e5783ea891
Validity
Not Before: Jan 1 13:59:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49a049826fe3d2193585898ab3b3b482e2bef406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:0a:98:ba:94:30:8f:70:f1:ce:a5:86:5a:
34:fc:ad:96:f1:6f:67:08:02:78:72:54:db:59:f3:
5b:87:dc:d4:47:f3:16:3d:4c:33:ae:68:0f:9b:40:
8f:1b:7c:c0:8f:c7:99:ab:5e:ae:00:2a:7b:3b:48:
dd:40:7f:f1:5a:ad:b1:24:97:b4:37:c9:55:f0:7b:
ea:45:77:14:c7:e9:ba:71:63:48:3c:c5:5b:60:16:
04:e1:69:f9:b8:25:b9:fb:67:da:6c:26:d4:1c:2e:
73:79:e2:89:eb:c2:06:bb:66:ec:51:c4:68:20:a5:
33:21:8e:15:d5:8b:61:a8:9a:b4:c5:3b:41:39:77:
f7:69:58:ef:55:4f:b9:9d:80:e4:a5:f8:a0:11:64:
3b:3d:18:e6:44:dd:26:38:b0:79:30:d7:54:a6:a9:
c0:69:d5:9e:58:ab:cb:20:d0:e1:9b:99:83:65:59:
37:c7:e1:e8:69:7e:33:b9:30:81:1f:e0:f8:d0:e4:
8e:95:0e:0a:18:7f:41:8b:80:6b:39:84:dc:a0:a9:
ed:29:b7:0d:d3:7e:33:05:0c:57:ca:73:6e:e8:67:
61:f4:c4:bd:89:46:a8:80:9e:7c:d2:3a:b3:ad:c2:
57:6e:cc:90:dd:f1:ea:66:39:3e:d1:70:1d:81:6d:
92:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A0:49:82:6F:E3:D2:19:35:85:89:8A:B3:B3:B4:82:E2:BE:F4:06
X509v3 Authority Key Identifier:
keyid:76:9D:C3:2B:E1:7D:9E:4D:EC:D4:FB:7B:EE:E2:75:E5:78:3E:A8:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/SaBJgm_j0hk1hYmKs7O0guK-9AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.217.0/24
89.39.219.0-89.39.220.255
89.42.121.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7a:f1:de:88:20:98:70:b1:82:d6:2d:1d:77:32:e9:ad:11:
ee:c0:1c:50:1d:70:8d:e4:83:a1:ea:22:0e:be:51:e8:4c:6a:
ea:67:af:d7:61:50:3a:56:4b:55:57:f4:f1:9e:ea:96:67:75:
52:24:1a:ce:31:f2:ae:e1:e5:13:00:12:d0:e2:39:87:11:05:
a4:14:93:6e:00:be:0a:86:10:a3:ae:df:fe:a5:17:2d:51:d8:
fb:45:c4:7d:05:db:bf:1b:0d:a8:29:a2:63:84:02:f5:df:cb:
09:56:6a:11:fb:d1:6c:7c:28:27:87:de:a1:aa:ac:55:e0:90:
a9:14:d2:eb:eb:50:fb:ec:2e:3c:11:a8:53:a6:3d:9d:f6:18:
8a:de:58:9c:8a:73:81:02:a7:7f:2d:e2:15:09:e5:1a:19:ac:
74:aa:e5:7b:94:db:4c:e9:ed:6a:8f:29:d3:f0:6f:37:76:fb:
c6:70:d5:3c:72:d4:cb:6d:cb:14:44:ef:55:2f:61:c4:38:50:
fb:ee:5d:c0:e5:96:23:c0:d9:0d:c2:b4:63:5e:0a:44:ff:6a:
1c:11:9b:59:ad:4b:92:90:f5:46:77:15:24:87:89:9e:9f:28:
f8:4a:b5:9f:6c:4b:82:09:52:a5:ca:df:50:49:85:7a:5f:39:
d7:4c:76:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAej7sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjlkYzMyYmUxN2Q5ZTRkZWNkNGZiN2JlZWUyNzVlNTc4M2VhODkxMB4XDTIyMDEw
MTEzNTk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlhMDQ5ODI2ZmUz
ZDIxOTM1ODU4OThhYjNiM2I0ODJlMmJlZjQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJF7Cpi6lDCPcPHOpYZaNPytlvFvZwgCeHJU21nzW4fc1Efz
Fj1MM65oD5tAjxt8wI/HmatergAqeztI3UB/8VqtsSSXtDfJVfB76kV3FMfpunFj
SDzFW2AWBOFp+bgluftn2mwm1Bwuc3niievCBrtm7FHEaCClMyGOFdWLYaiatMU7
QTl392lY71VPuZ2A5KX4oBFkOz0Y5kTdJjiweTDXVKapwGnVnliryyDQ4ZuZg2VZ
N8fh6Gl+M7kwgR/g+NDkjpUOChh/QYuAazmE3KCp7Sm3DdN+MwUMV8pzbuhnYfTE
vYlGqICefNI6s63CV27MkN3x6mY5PtFwHYFtkv0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRJoEmCb+PSGTWFiYqzs7SC4r70BjAfBgNVHSMEGDAWgBR2ncMr4X2eTezU
+3vu4nXleD6okTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RwM0RLLUY5bmszczFQdDc3dUoxNVhnLXFKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMWI5NTBmLTlhM2UtNDA3Zi05OGJmLTMwNWE2ZTc1YTM4OS8x
L1NhQkpnbV9qMGhrMWhZbUtzN08wZ3VLLTlBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MWI5NTBmLTlhM2UtNDA3Zi05OGJmLTMwNWE2ZTc1YTM4OS8xL2RwM0RLLUY5bmsz
czFQdDc3dUoxNVhnLXFKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFkn2TAMAwQAWSfbAwQAWSfcAwQA
WSp5MA0GCSqGSIb3DQEBCwUAA4IBAQBmevHeiCCYcLGC1i0ddzLprRHuwBxQHXCN
5IOh6iIOvlHoTGrqZ6/XYVA6VktVV/TxnuqWZ3VSJBrOMfKu4eUTABLQ4jmHEQWk
FJNuAL4KhhCjrt/+pRctUdj7RcR9Bdu/Gw2oKaJjhAL138sJVmoR+9FsfCgnh96h
qqxV4JCpFNLr61D77C48EahTpj2d9hiK3licinOBAqd/LeIVCeUaGax0quV7lNtM
6e1qjynT8G83dvvGcNU8ctTLbcsURO9VL2HEOFD77l3A5ZYjwNkNwrRjXgpE/2oc
EZtZrUuSkPVGdxUkh4menyj4SrWfbEuCCVKlyt9QSYV6XznXTHao
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:51 2024 by rpki-client on console-ams.rpki-client.org