Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QIoLCXaT-460jREbZzNxM3TTwqk.roa
File: QIoLCXaT-460jREbZzNxM3TTwqk.roa (raw, json)
Hash identifier: afoEGNwinkRm5uKj76gRIU0rgipk5mCask+EFEx6NAY=
Subject key identifier: 40:8A:0B:09:76:93:FB:8E:B4:8D:11:1B:67:33:71:33:74:D3:C2:A9
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0190984FA48AF4E522C2F11288FFAAEB2FD6
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QIoLCXaT-460jREbZzNxM3TTwqk.roa
Signing time: Tue 09 Jul 2024 16:24:34 +0000
ROA not before: Tue 09 Jul 2024 16:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209706
IP address blocks: 89.44.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:4f:a4:8a:f4:e5:22:c2:f1:12:88:ff:aa:eb:2f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jul 9 16:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=408a0b097693fb8eb48d111b6733713374d3c2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:38:c9:22:2e:23:f9:3a:1a:11:73:2a:24:fe:
8a:a9:25:9b:c5:e9:5a:b7:7f:31:89:e7:11:7a:9c:
02:47:23:e6:59:a2:7e:f9:ea:39:e3:65:6b:47:5f:
90:f0:c8:c8:bf:2c:c6:ec:71:ee:9d:72:3b:a6:2e:
8c:bd:ea:55:8b:b8:1f:bb:78:9a:43:6f:22:a0:15:
7b:a4:09:9e:a2:c9:fa:3d:b8:39:cd:5e:11:08:bc:
25:89:01:32:d0:6f:e7:0a:78:41:19:fe:ef:fa:6b:
c3:ac:3a:59:a9:d9:d9:54:81:8b:a3:ee:35:fb:d5:
f3:61:77:be:f7:fb:05:49:ef:1b:36:dc:69:cf:9b:
79:7c:0f:7f:8b:84:35:ee:4d:43:18:3a:33:0d:f1:
88:ab:dd:31:22:96:e7:04:05:00:96:3a:e6:1b:d0:
d1:76:39:de:9c:f3:c2:4d:94:08:ed:da:2f:f3:c4:
12:eb:cf:2f:56:88:87:97:0a:91:f5:0c:2d:b8:77:
1a:32:c8:bb:8b:76:91:03:96:08:a9:5b:7d:3a:f8:
86:83:eb:1c:58:2e:1b:04:ff:2e:8e:62:78:66:60:
ab:38:b2:ad:be:f6:86:47:9c:28:f8:60:26:74:ca:
7e:dd:22:27:f9:84:63:95:ef:99:07:7f:04:ab:34:
a0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:0B:09:76:93:FB:8E:B4:8D:11:1B:67:33:71:33:74:D3:C2:A9
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QIoLCXaT-460jREbZzNxM3TTwqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f2:db:a1:48:d4:58:81:69:ce:dd:b5:d9:8b:a4:c1:f6:5e:
d6:d1:9f:bc:aa:55:2a:65:42:9a:fc:5c:be:41:08:3c:82:c1:
05:2d:6b:20:26:82:8d:06:f3:b1:6f:ac:67:6a:29:ea:53:f2:
2c:97:78:e5:0e:38:22:93:4b:cd:24:c3:bd:49:99:c5:3a:da:
f1:5b:8d:1d:47:2e:27:49:e7:40:c9:63:55:42:2e:e0:7b:fc:
94:c4:54:d4:00:55:63:c7:01:4e:67:f0:a4:aa:60:03:52:78:
f1:13:8c:22:4f:58:91:30:6e:43:18:26:44:dc:3f:8e:47:af:
41:d2:e0:33:bd:34:01:1e:47:f5:ab:d0:ea:3f:a5:5f:a4:23:
2d:fc:d1:4f:4b:71:5e:35:b0:d9:c4:cf:75:bf:77:01:64:b7:
16:45:f1:db:e5:75:de:3c:1d:45:55:91:75:c2:06:5f:32:b3:
fe:d7:89:60:52:25:1b:24:e5:1f:0b:46:44:62:98:27:bd:2c:
0d:d5:0b:c8:1c:21:66:62:0a:7a:7e:a4:5a:f8:0c:f8:b8:bb:
d6:41:5e:3f:74:9b:58:b5:61:c3:c4:db:0b:55:61:ff:ff:87:
0e:75:29:19:ab:ad:56:82:94:14:79:3f:26:57:f1:89:67:f9:
94:65:73:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCYT6SK9OUiwvESiP+q6y/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNzA5MTYyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhhMGIwOTc2OTNmYjhlYjQ4ZDExMWI2NzMzNzEzMzc0ZDNjMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TjJIi4j+ToaEXMqJP6KqSWbxela
t38xiecRepwCRyPmWaJ++eo542VrR1+Q8MjIvyzG7HHunXI7pi6MvepVi7gfu3ia
Q28ioBV7pAmeosn6Pbg5zV4RCLwliQEy0G/nCnhBGf7v+mvDrDpZqdnZVIGLo+41
+9XzYXe+9/sFSe8bNtxpz5t5fA9/i4Q17k1DGDozDfGIq90xIpbnBAUAljrmG9DR
djnenPPCTZQI7dov88QS688vVoiHlwqR9QwtuHcaMsi7i3aRA5YIqVt9OviGg+sc
WC4bBP8ujmJ4ZmCrOLKtvvaGR5wo+GAmdMp+3SIn+YRjle+ZB38EqzSgNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECKCwl2k/uOtI0RG2czcTN008KpMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUUlvTENYYVQtNDYwalJFYlp6TnhNM1RUd3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzSMA0G
CSqGSIb3DQEBCwUAA4IBAQAe8tuhSNRYgWnO3bXZi6TB9l7W0Z+8qlUqZUKa/Fy+
QQg8gsEFLWsgJoKNBvOxb6xnainqU/Isl3jlDjgik0vNJMO9SZnFOtrxW40dRy4n
SedAyWNVQi7ge/yUxFTUAFVjxwFOZ/CkqmADUnjxE4wiT1iRMG5DGCZE3D+OR69B
0uAzvTQBHkf1q9DqP6VfpCMt/NFPS3FeNbDZxM91v3cBZLcWRfHb5XXePB1FVZF1
wgZfMrP+14lgUiUbJOUfC0ZEYpgnvSwN1QvIHCFmYgp6fqRa+Az4uLvWQV4/dJtY
tWHDxNsLVWH//4cOdSkZq61WgpQUeT8mV/GJZ/mUZXPN
-----END CERTIFICATE-----
Generated at Thu Jul 25 13:50:37 2024 by rpki-client on console-ams.rpki-client.org