Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/GGboZzg_vBPtBXxJcMw1XgcBdzQ.roa
File: GGboZzg_vBPtBXxJcMw1XgcBdzQ.roa (raw, json)
Hash identifier: Jhk5XqestTTxX92cPyurw5kXTCn1rI8chgYmDgAUP38=
Subject key identifier: 18:66:E8:67:38:3F:BC:13:ED:05:7C:49:70:CC:35:5E:07:01:77:34
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0D79E046
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/GGboZzg_vBPtBXxJcMw1XgcBdzQ.roa
Signing time: Sat 01 Jan 2022 14:02:13 +0000
ROA not before: Sat 01 Jan 2022 14:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201702
IP address blocks: 92.118.72.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226091078 (0xd79e046)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 14:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1866e867383fbc13ed057c4970cc355e07017734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:53:96:f0:5b:53:cb:80:53:10:2d:38:91:
7b:69:8e:2a:95:3a:97:bf:83:4e:6a:bc:b4:84:85:
34:55:dd:e4:03:48:c0:fa:6e:7e:01:72:57:ef:e2:
c4:31:07:b1:ae:69:b6:a7:8c:eb:b1:9f:39:3d:d5:
e5:2e:33:b7:87:a4:d3:0a:d2:f6:4f:aa:61:8e:0b:
34:3a:04:a6:60:75:fc:80:49:76:0c:2e:b3:5b:65:
eb:a2:d5:bc:3d:27:3a:ba:40:cb:da:22:f1:c8:ab:
2e:41:ee:90:28:aa:36:70:e6:74:66:fc:a6:94:4d:
17:65:b9:d4:46:a7:3c:08:d9:ff:98:1d:fa:23:f6:
8f:90:79:a6:f4:0a:52:06:91:c6:96:f6:fb:67:1a:
1a:83:96:95:9e:93:08:e1:eb:87:a0:b3:79:f7:be:
81:ea:9f:5b:2a:90:00:00:a1:93:71:f1:34:c5:53:
34:bd:d9:70:f6:5f:f2:9e:37:e1:12:ee:30:c6:bc:
77:c4:61:96:0c:68:77:21:69:fa:bb:5c:13:9f:90:
54:05:73:25:3b:6e:f9:27:9e:10:dd:f6:7c:2d:29:
19:58:f6:16:32:26:6e:4a:25:9c:a1:f0:5b:37:0f:
5d:03:b2:5a:46:a7:c8:6f:de:82:71:7b:b2:c9:a3:
b8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:66:E8:67:38:3F:BC:13:ED:05:7C:49:70:CC:35:5E:07:01:77:34
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/GGboZzg_vBPtBXxJcMw1XgcBdzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.72.0/22
Signature Algorithm: sha256WithRSAEncryption
21:e7:f3:d6:43:f5:e1:d4:c6:98:b9:8d:74:30:11:02:5a:13:
f2:84:3f:0b:fa:83:29:c1:e4:47:fe:6c:b7:91:07:1e:eb:6e:
98:cc:cf:57:82:05:ac:e8:2f:63:70:c3:0d:ef:31:4b:ed:63:
c2:bd:b0:5d:e8:9b:07:2a:88:ae:8e:58:88:50:eb:6c:30:f4:
be:9d:4d:15:db:f2:81:b5:e8:04:03:0d:52:5a:7b:6f:cc:f5:
58:3f:dd:10:38:01:1b:47:2b:d3:9f:bf:2d:64:46:f0:f8:c0:
80:d1:e8:3c:ed:88:1f:bf:79:2f:5c:56:d7:b0:ff:c4:6b:54:
bc:f0:79:6d:84:4b:13:a5:a1:64:13:c8:e7:03:6a:bf:f0:fe:
7c:0f:9d:04:22:fb:b9:aa:b2:4b:dd:e4:3c:02:a1:4b:d8:43:
0f:97:34:d0:c9:75:9b:e3:f7:ac:5d:bf:89:57:c0:4a:5a:b5:
1e:96:1a:fe:fe:79:04:d7:f8:19:24:c0:d5:3c:8c:4e:d4:a0:
16:c7:be:c5:d3:24:c4:70:ab:f7:4e:ea:9f:68:24:90:b6:aa:
c9:24:44:c1:77:8c:35:fc:4f:16:62:a5:ce:d7:84:90:b0:62:
a7:49:0d:04:b1:b5:a3:d2:5c:0f:34:07:cc:39:85:52:f0:1f:
f2:96:7f:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDXngRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjlkOTc1MWYzNjc1ZjUxMzMyNzM0ZGE2OGVhOTYwMjYwMDQ1YjEyMB4XDTIyMDEw
MTE0MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg2NmU4NjczODNm
YmMxM2VkMDU3YzQ5NzBjYzM1NWUwNzAxNzczNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrIU5bwW1PLgFMQLTiRe2mOKpU6l7+DTmq8tISFNFXd5ANI
wPpufgFyV+/ixDEHsa5ptqeM67GfOT3V5S4zt4ek0wrS9k+qYY4LNDoEpmB1/IBJ
dgwus1tl66LVvD0nOrpAy9oi8cirLkHukCiqNnDmdGb8ppRNF2W51EanPAjZ/5gd
+iP2j5B5pvQKUgaRxpb2+2caGoOWlZ6TCOHrh6Czefe+geqfWyqQAAChk3HxNMVT
NL3ZcPZf8p434RLuMMa8d8RhlgxodyFp+rtcE5+QVAVzJTtu+SeeEN32fC0pGVj2
FjImbkolnKHwWzcPXQOyWkanyG/egnF7ssmjuHkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQYZuhnOD+8E+0FfElwzDVeBwF3NDAfBgNVHSMEGDAWgBSinZdR82dfUTMn
NNpo6pYCYARbEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29wMlhVZk5uWDFFekp6VGFhT3FXQW1BRVd4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8x
L0dHYm9aemdfdkJQdEJYeEpjTXcxWGdjQmR6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8xL29wMlhVZk5uWDFF
ekp6VGFhT3FXQW1BRVd4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlx2SDANBgkqhkiG9w0BAQsFAAOC
AQEAIefz1kP14dTGmLmNdDARAloT8oQ/C/qDKcHkR/5st5EHHutumMzPV4IFrOgv
Y3DDDe8xS+1jwr2wXeibByqIro5YiFDrbDD0vp1NFdvygbXoBAMNUlp7b8z1WD/d
EDgBG0cr05+/LWRG8PjAgNHoPO2IH795L1xW17D/xGtUvPB5bYRLE6WhZBPI5wNq
v/D+fA+dBCL7uaqyS93kPAKhS9hDD5c00Ml1m+P3rF2/iVfASlq1HpYa/v55BNf4
GSTA1TyMTtSgFse+xdMkxHCr907qn2gkkLaqySREwXeMNfxPFmKlzteEkLBip0kN
BLG1o9JcDzQHzDmFUvAf8pZ//Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org