Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/Lc8_vItoUE49yhYq8x5d5fHvv9A.roa
File: Lc8_vItoUE49yhYq8x5d5fHvv9A.roa (raw, json)
Hash identifier: AGzKgZJGSG6pWZf/1vC2lc9q7bcvKVEssRF2SP/uf7E=
Subject key identifier: 2D:CF:3F:BC:8B:68:50:4E:3D:CA:16:2A:F3:1E:5D:E5:F1:EF:BF:D0
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0187A2877F39DAF6F361D7400056226A8B2A
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/Lc8_vItoUE49yhYq8x5d5fHvv9A.roa
Signing time: Fri 21 Apr 2023 06:36:41 +0000
ROA not before: Fri 21 Apr 2023 06:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 92.118.73.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:87:7f:39:da:f6:f3:61:d7:40:00:56:22:6a:8b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Apr 21 06:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dcf3fbc8b68504e3dca162af31e5de5f1efbfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:9a:c2:a2:be:a9:b4:59:1d:d2:08:f1:cc:
42:b1:9d:a7:bc:8a:45:f7:14:30:1b:19:ff:16:4a:
ab:3f:33:4c:d5:be:b4:f3:70:74:2a:1c:4a:fb:07:
74:51:6a:8d:a3:df:dc:d1:68:e5:b5:7d:e8:7c:02:
73:1f:11:10:f9:2a:c8:9f:a0:51:58:be:57:e8:11:
1e:89:9c:8c:db:29:c4:3f:84:99:e6:98:d9:ae:14:
65:c4:32:11:fd:9f:5a:2f:da:f3:a4:0a:43:7f:22:
f3:76:9a:39:85:ee:a7:77:90:3c:07:55:9e:f7:aa:
81:07:e8:e5:8a:97:60:5a:eb:7f:93:2d:46:72:f3:
d3:7e:8d:21:d6:37:25:64:35:a6:63:7c:36:24:5d:
49:7e:ab:bc:fc:be:b8:30:5d:55:d9:d3:49:70:6e:
f8:a7:d1:71:e6:aa:67:e5:2c:bc:94:be:b8:44:9f:
d1:12:84:25:5b:47:14:58:7c:05:72:8c:bd:be:7a:
29:3b:77:4e:f5:58:0a:d1:a8:d2:48:5e:e8:8f:d4:
d0:10:ca:6c:03:ba:50:2e:32:11:ad:56:d5:1d:fd:
c0:fd:de:cd:f7:64:0d:d5:93:42:e4:72:ea:b1:9c:
fe:2e:8e:02:b3:47:e5:b3:2a:85:89:28:7c:21:f2:
83:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CF:3F:BC:8B:68:50:4E:3D:CA:16:2A:F3:1E:5D:E5:F1:EF:BF:D0
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/Lc8_vItoUE49yhYq8x5d5fHvv9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.73.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:ea:e2:89:52:7e:04:82:aa:5e:63:9b:47:80:ef:3e:2d:d7:
26:7e:8c:f2:73:b0:bf:45:66:38:99:bd:04:97:5d:ac:19:77:
6a:ce:0a:4a:79:fb:31:c7:c2:eb:d7:22:83:09:ae:29:dd:ce:
0a:56:e5:ef:7a:f8:1d:21:fe:79:13:1c:eb:e8:53:29:e8:11:
47:f8:a8:40:e4:45:39:10:0a:06:69:34:08:c4:d1:55:35:7e:
b2:3a:14:43:88:c3:2f:c1:37:e8:c9:3a:f1:c4:14:38:d5:3c:
f8:d0:bd:ae:ea:dc:e8:8d:e5:98:f4:57:fb:38:28:05:5a:11:
54:2e:22:48:9c:ed:48:b6:7f:0a:bf:6a:f0:63:61:92:20:52:
28:a9:08:ad:2f:20:29:3d:55:21:96:14:9a:f8:4f:bc:8c:ed:
5b:5d:b2:17:3f:e9:a2:29:2a:51:63:f5:27:c1:82:26:67:bb:
1a:fc:bc:8a:29:bb:03:21:01:d8:64:c8:af:c7:03:ed:36:93:
f4:db:fe:79:08:57:0b:80:4d:87:31:93:22:7f:d0:fd:d3:93:
9d:d0:6b:04:db:41:6a:c2:46:ca:d1:f5:07:41:78:3a:06:0b:
1c:1d:f9:51:38:59:0b:e3:52:f9:80:8e:4d:c4:90:fb:87:cb:
c2:65:19:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeih3852vbzYddAAFYiaosqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwNDIxMDYzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNmM2ZiYzhiNjg1MDRlM2RjYTE2MmFmMzFlNWRlNWYxZWZiZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzaawqK+qbRZHdII8cxCsZ2nvIpF
9xQwGxn/FkqrPzNM1b6083B0KhxK+wd0UWqNo9/c0WjltX3ofAJzHxEQ+SrIn6BR
WL5X6BEeiZyM2ynEP4SZ5pjZrhRlxDIR/Z9aL9rzpApDfyLzdpo5he6nd5A8B1We
96qBB+jlipdgWut/ky1GcvPTfo0h1jclZDWmY3w2JF1Jfqu8/L64MF1V2dNJcG74
p9Fx5qpn5Sy8lL64RJ/REoQlW0cUWHwFcoy9vnopO3dO9VgK0ajSSF7oj9TQEMps
A7pQLjIRrVbVHf3A/d7N92QN1ZNC5HLqsZz+Lo4Cs0flsyqFiSh8IfKDoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3PP7yLaFBOPcoWKvMeXeXx77/QMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvTGM4X3ZJdG9VRTQ5eWhZcTh4NWQ1Zkh2djlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZJMA0G
CSqGSIb3DQEBCwUAA4IBAQB86uKJUn4EgqpeY5tHgO8+Ldcmfozyc7C/RWY4mb0E
l12sGXdqzgpKefsxx8Lr1yKDCa4p3c4KVuXvevgdIf55Exzr6FMp6BFH+KhA5EU5
EAoGaTQIxNFVNX6yOhRDiMMvwTfoyTrxxBQ41Tz40L2u6tzojeWY9Ff7OCgFWhFU
LiJInO1Itn8Kv2rwY2GSIFIoqQitLyApPVUhlhSa+E+8jO1bXbIXP+miKSpRY/Un
wYImZ7sa/LyKKbsDIQHYZMivxwPtNpP02/55CFcLgE2HMZMif9D905Od0GsE20Fq
wkbK0fUHQXg6BgscHflROFkL41L5gI5NxJD7h8vCZRnT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org