Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/huLLn7xrE3DWANwTQ6drS7GFFXk.roa
File: huLLn7xrE3DWANwTQ6drS7GFFXk.roa (raw, json)
Hash identifier: +N6FRVjf1gbVm1vh95bmsypXCPeAJskro2vROSbXjhw=
Subject key identifier: 86:E2:CB:9F:BC:6B:13:70:D6:00:DC:13:43:A7:6B:4B:B1:85:15:79
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018E316D866B65695205F220F6598BD9D23C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/huLLn7xrE3DWANwTQ6drS7GFFXk.roa
Signing time: Tue 12 Mar 2024 06:50:45 +0000
ROA not before: Tue 12 Mar 2024 06:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.47.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:6d:86:6b:65:69:52:05:f2:20:f6:59:8b:d9:d2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 12 06:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86e2cb9fbc6b1370d600dc1343a76b4bb1851579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:ca:04:6a:a4:21:fd:1d:18:88:8e:24:d6:
07:d5:5e:2d:bf:39:fc:f4:2e:61:29:d9:ba:8a:56:
dc:9b:2f:b8:0d:88:17:f4:55:e4:0d:a7:9b:8a:4e:
ee:74:a8:0e:d1:9e:fe:65:5b:09:e2:2a:72:11:51:
eb:67:e3:a3:ed:cf:ea:05:15:b4:f5:b5:f3:0d:1a:
3b:6b:69:7d:d2:3e:ae:6d:74:ab:5a:ea:20:05:8b:
43:89:24:83:e2:68:12:bf:11:f7:55:97:30:73:15:
10:45:e6:07:be:79:d8:8b:9c:db:08:3f:f1:02:3f:
45:3d:f7:f7:cc:72:32:a0:9a:01:e9:3e:ea:45:90:
3c:3a:38:58:fb:1a:2d:02:00:05:33:cd:c1:ec:57:
73:59:79:88:ae:6c:a6:83:ba:20:f9:ed:f4:10:38:
f1:a4:0a:7a:90:7d:93:11:50:69:bb:c6:ed:6d:2a:
3d:41:81:ac:9b:61:8b:8a:20:eb:73:3a:e7:de:19:
eb:1f:1a:2d:da:67:fa:5c:7f:21:51:fc:95:f6:79:
2b:0e:4a:4c:bd:f2:6c:cb:47:dd:28:e4:dd:b7:f8:
b0:14:f1:31:b0:14:df:a3:9a:e9:9c:4e:df:6f:91:
39:a6:9e:98:95:06:fd:9e:22:2a:35:d8:38:e4:72:
86:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E2:CB:9F:BC:6B:13:70:D6:00:DC:13:43:A7:6B:4B:B1:85:15:79
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/huLLn7xrE3DWANwTQ6drS7GFFXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.249.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:06:ec:78:88:26:14:ee:b7:9b:b8:3c:69:5f:c5:9e:92:02:
35:9e:8b:29:93:4b:1c:e7:7a:58:49:c6:d7:16:16:b1:81:8c:
f6:62:a6:23:be:dd:92:42:69:12:d9:de:95:93:ee:00:15:54:
db:61:e7:39:41:58:72:ca:ff:46:02:f3:e4:b9:25:fc:dd:18:
af:08:3a:c8:4c:c8:86:23:0a:21:a0:58:0a:5a:b0:41:44:2f:
2e:e7:ab:db:8b:9f:21:b5:93:df:68:84:4e:9c:c8:85:50:fd:
ff:d8:80:fc:82:3e:08:93:e4:7d:d0:5e:0e:5f:f7:79:72:3f:
c1:ee:ef:f5:5a:ed:45:b5:78:e3:63:2a:b7:02:2e:75:f8:bc:
54:4f:18:7e:5f:1d:ea:bb:40:80:d6:ba:dc:76:bb:99:3f:6b:
4a:d0:52:4b:5e:45:32:51:66:cf:ba:b2:56:3a:e7:c0:5e:09:
f4:dd:1f:c1:9a:d3:34:29:dc:63:f2:10:5d:d0:02:5c:05:1d:
f0:d8:a2:0f:68:a4:73:27:c2:f2:de:81:c0:38:32:f9:1d:ef:
a7:00:4a:dc:46:70:d9:23:21:91:25:7c:99:c1:d3:9d:6f:77:
ce:3e:3b:ae:da:9d:7f:ed:ee:d1:a0:a2:90:54:45:95:77:36:
45:14:8f:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4xbYZrZWlSBfIg9lmL2dI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMzEyMDY1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUyY2I5ZmJjNmIxMzcwZDYwMGRjMTM0M2E3NmI0YmIxODUxNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE3KBGqkIf0dGIiOJNYH1V4tvzn8
9C5hKdm6ilbcmy+4DYgX9FXkDaebik7udKgO0Z7+ZVsJ4ipyEVHrZ+Oj7c/qBRW0
9bXzDRo7a2l90j6ubXSrWuogBYtDiSSD4mgSvxH3VZcwcxUQReYHvnnYi5zbCD/x
Aj9FPff3zHIyoJoB6T7qRZA8OjhY+xotAgAFM83B7FdzWXmIrmymg7og+e30EDjx
pAp6kH2TEVBpu8btbSo9QYGsm2GLiiDrczrn3hnrHxot2mf6XH8hUfyV9nkrDkpM
vfJsy0fdKOTdt/iwFPExsBTfo5rpnE7fb5E5pp6YlQb9niIqNdg45HKGLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbiy5+8axNw1gDcE0Ona0uxhRV5MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvaHVMTG43eHJFM0RXQU53VFE2ZHJTN0dGRlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS/5MA0G
CSqGSIb3DQEBCwUAA4IBAQCcBux4iCYU7rebuDxpX8WekgI1nospk0sc53pYScbX
FhaxgYz2YqYjvt2SQmkS2d6Vk+4AFVTbYec5QVhyyv9GAvPkuSX83RivCDrITMiG
IwohoFgKWrBBRC8u56vbi58htZPfaIROnMiFUP3/2ID8gj4Ik+R90F4OX/d5cj/B
7u/1Wu1FtXjjYyq3Ai51+LxUTxh+Xx3qu0CA1rrcdruZP2tK0FJLXkUyUWbPurJW
OufAXgn03R/BmtM0Kdxj8hBd0AJcBR3w2KIPaKRzJ8Ly3oHAODL5He+nAErcRnDZ
IyGRJXyZwdOdb3fOPjuu2p1/7e7RoKKQVEWVdzZFFI/d
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:40:41 2024 by rpki-client on console-ams.rpki-client.org