Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/6UTfv87tUipxW-EmYOBQIAQ7q0Y.roa
File: 6UTfv87tUipxW-EmYOBQIAQ7q0Y.roa (raw, json)
Hash identifier: 4baNsDQhQoo3KH/mEVwlP7hiRuMNgOtUg33DyAQ0B04=
Subject key identifier: E9:44:DF:BF:CE:ED:52:2A:71:5B:E1:26:60:E0:50:20:04:3B:AB:46
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 01856E78CA4AB1947A5447A133B316FAFB5F
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/6UTfv87tUipxW-EmYOBQIAQ7q0Y.roa
Signing time: Sun 01 Jan 2023 17:54:47 +0000
ROA not before: Sun 01 Jan 2023 17:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39577
IP address blocks: 185.230.243.0/24 maxlen: 32
92.118.74.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ca:4a:b1:94:7a:54:47:a1:33:b3:16:fa:fb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 17:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e944dfbfceed522a715be12660e05020043bab46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:87:90:ca:38:01:3f:1c:9e:85:ea:dd:49:
2c:cb:99:b2:fb:46:32:1f:83:9f:c0:4c:8e:dc:a6:
19:2f:ae:5b:40:50:cd:e3:c0:b2:de:74:4b:a1:2f:
c3:69:dd:6e:14:0a:95:5e:01:d7:b5:b1:6e:8c:98:
58:cf:9d:d9:b8:30:e4:c2:a0:44:f7:5e:6d:30:9a:
ec:86:a6:f4:5b:86:c5:5b:17:da:c8:61:bc:b8:d3:
97:0d:a1:05:83:79:1f:28:cc:f6:0d:b4:b1:1e:7e:
88:8e:08:f3:16:72:5e:31:9d:44:6e:42:dc:74:51:
57:e5:06:4e:80:8d:fb:42:e8:73:98:f6:36:47:70:
2a:eb:cc:72:4b:7d:bb:a6:36:aa:35:30:3d:87:b1:
fe:1d:c1:cb:7c:49:6e:45:d0:80:d7:63:1d:64:b7:
37:25:ad:49:a8:0c:27:ea:00:4e:6e:0b:aa:bc:de:
16:e8:15:38:c6:41:63:4d:63:3a:13:a9:00:c8:26:
9d:52:c8:f3:b5:fb:d5:3f:8b:ea:dd:fe:29:71:40:
5f:90:b6:08:fc:ea:93:46:48:af:05:59:3c:c4:f9:
32:e3:64:21:63:00:b0:be:31:91:40:54:a4:37:5f:
0a:a9:5a:52:33:51:c1:01:73:47:09:83:c5:5e:2c:
b2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:44:DF:BF:CE:ED:52:2A:71:5B:E1:26:60:E0:50:20:04:3B:AB:46
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/6UTfv87tUipxW-EmYOBQIAQ7q0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.74.0/23
185.230.243.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d0:e1:ee:14:5a:94:d7:8d:68:88:06:59:ca:08:39:8f:5a:
26:eb:4b:5b:32:17:a5:54:f1:b0:5c:3f:66:19:78:03:93:90:
46:86:d5:97:59:c9:84:7e:8c:50:e9:47:f9:0f:82:cc:0d:04:
17:ce:af:04:43:cf:5a:bb:4a:0c:25:0d:a4:f2:e6:4c:5d:95:
8f:6e:ff:d0:99:3e:ff:91:b6:ee:ad:cb:a3:d4:49:d1:1d:c2:
b5:bd:4e:7d:0d:4a:1f:0b:f5:88:fb:26:f4:be:67:41:92:59:
87:ce:6f:da:51:28:d8:cf:55:fa:91:20:b2:60:6b:d1:ef:a6:
ea:70:58:87:ef:d1:f8:40:fe:c8:56:b8:95:44:e9:56:c2:62:
a2:c9:cb:70:70:44:ee:46:58:22:d5:ef:cd:8b:4f:ae:c1:df:
85:1e:0b:3a:64:b7:31:34:09:8e:1b:b8:9e:53:80:82:dc:ef:
09:fc:2c:d9:94:fb:1f:3f:6f:0d:56:97:90:45:1d:4b:5f:82:
3f:43:b0:80:27:74:6c:e1:ac:6a:bc:c9:b0:65:26:2c:a2:76:
9a:42:6f:bf:4b:eb:b1:e5:12:f9:c5:45:64:4e:a5:ec:c3:0d:
9b:b1:98:a3:fa:c0:95:7a:88:9a:af:79:3d:59:5e:e4:6c:c6:
55:41:93:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVueMpKsZR6VEehM7MW+vtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwMTAxMTc1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQ0ZGZiZmNlZWQ1MjJhNzE1YmUxMjY2MGUwNTAyMDA0M2JhYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5uHkMo4AT8cnoXq3Uksy5my+0Yy
H4OfwEyO3KYZL65bQFDN48Cy3nRLoS/Dad1uFAqVXgHXtbFujJhYz53ZuDDkwqBE
915tMJrshqb0W4bFWxfayGG8uNOXDaEFg3kfKMz2DbSxHn6IjgjzFnJeMZ1EbkLc
dFFX5QZOgI37QuhzmPY2R3Aq68xyS327pjaqNTA9h7H+HcHLfEluRdCA12MdZLc3
Ja1JqAwn6gBObguqvN4W6BU4xkFjTWM6E6kAyCadUsjztfvVP4vq3f4pcUBfkLYI
/OqTRkivBVk8xPky42QhYwCwvjGRQFSkN18KqVpSM1HBAXNHCYPFXiyy1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOlE37/O7VIqcVvhJmDgUCAEO6tGMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvNlVUZnY4N3RVaXB4Vy1FbVlPQlFJQVE3cTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXHZKAwQA
uebzMA0GCSqGSIb3DQEBCwUAA4IBAQCZ0OHuFFqU141oiAZZygg5j1om60tbMhel
VPGwXD9mGXgDk5BGhtWXWcmEfoxQ6Uf5D4LMDQQXzq8EQ89au0oMJQ2k8uZMXZWP
bv/QmT7/kbburcuj1EnRHcK1vU59DUofC/WI+yb0vmdBklmHzm/aUSjYz1X6kSCy
YGvR76bqcFiH79H4QP7IVriVROlWwmKiyctwcETuRlgi1e/Ni0+uwd+FHgs6ZLcx
NAmOG7ieU4CC3O8J/CzZlPsfP28NVpeQRR1LX4I/Q7CAJ3Rs4axqvMmwZSYsonaa
Qm+/S+ux5RL5xUVkTqXsww2bsZij+sCVeoiar3k9WV7kbMZVQZOh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org