Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/OqS9_IXMFyFz1pVt5IOcd5br170.roa
File: OqS9_IXMFyFz1pVt5IOcd5br170.roa (raw, json)
Hash identifier: gKlb3m9LsgkFyE4ySW96WhtCnr2aXsB/Vqyq8zOQTkY=
Subject key identifier: 3A:A4:BD:FC:85:CC:17:21:73:D6:95:6D:E4:83:9C:77:96:EB:D7:BD
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0187FCA1B731C7DF3433FD22C322CA4100A9
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/OqS9_IXMFyFz1pVt5IOcd5br170.roa
Signing time: Mon 08 May 2023 18:31:09 +0000
ROA not before: Mon 08 May 2023 18:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208911
IP address blocks: 92.118.73.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:a1:b7:31:c7:df:34:33:fd:22:c3:22:ca:41:00:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: May 8 18:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aa4bdfc85cc172173d6956de4839c7796ebd7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:85:63:d6:ec:99:4f:9d:0f:57:34:5f:7f:c4:
d8:d8:b7:87:8f:91:c3:fe:7b:72:a2:58:54:70:41:
d8:27:a3:4f:43:58:80:a1:a1:b6:ea:bd:1d:33:38:
84:e6:b1:c4:83:6b:22:65:65:bb:df:ee:16:2d:b3:
5f:ad:6e:60:80:94:d9:e1:80:61:f0:b6:90:c7:d9:
29:97:bb:e8:69:b0:d5:67:a9:90:61:38:dc:b4:1b:
20:72:a1:ec:35:75:61:04:c1:60:20:1b:1d:32:35:
f6:06:67:26:77:9f:c4:22:a7:e1:66:c6:75:40:4e:
1a:46:6b:b5:6f:3d:47:ba:72:9e:40:a6:50:64:e0:
95:96:c4:1e:3d:2e:ae:26:0f:a4:a8:17:0f:a7:a8:
23:2f:90:78:70:d4:e6:a2:7a:df:5c:e4:74:65:7e:
18:5c:f7:09:55:7f:5b:5d:18:4c:be:72:e6:01:63:
1d:53:77:61:02:ce:9a:64:af:a4:0b:c5:ed:4b:1a:
49:09:1d:48:d0:ad:3c:b9:61:0e:9c:ab:88:36:f0:
82:80:54:15:8a:57:8b:2c:38:84:35:32:1e:9c:11:
39:8d:0b:89:5b:23:ae:ea:fd:be:08:c3:12:f9:f1:
ed:61:bf:0b:d8:61:2a:58:42:7a:11:e5:ee:5c:10:
09:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A4:BD:FC:85:CC:17:21:73:D6:95:6D:E4:83:9C:77:96:EB:D7:BD
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/OqS9_IXMFyFz1pVt5IOcd5br170.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.73.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:3c:4c:ff:7b:79:6c:e2:8a:52:2c:2d:14:03:77:6e:0e:3f:
cf:e1:12:73:67:cf:ca:0a:f2:35:d3:06:d3:bc:25:f7:12:96:
aa:c5:1d:28:89:03:75:a1:26:e1:81:42:73:b2:23:f4:9a:74:
be:86:31:e7:72:97:c7:8a:2d:da:23:b3:6f:4b:69:0e:92:cb:
53:25:3e:9e:2f:d3:fa:82:8f:dd:6a:3e:63:bb:6f:4d:c4:64:
42:2f:26:9e:37:6d:ba:fe:c8:be:6d:15:08:ce:8b:27:d2:35:
0b:a8:ad:99:d8:37:f6:73:35:19:d3:f3:89:c8:88:96:36:bb:
f1:5c:5e:8c:d9:18:80:74:fd:68:d4:25:c1:d4:d4:02:ea:4a:
c3:8d:c6:09:07:cc:59:0e:11:f9:ef:b6:14:d1:98:39:1d:2c:
36:2f:76:b2:3d:1c:ed:e4:ae:4f:e8:75:a0:de:b4:08:da:85:
be:db:ec:73:93:06:3f:e0:14:c9:0c:65:66:9f:a5:a6:5e:e8:
19:8a:e4:0b:3d:30:84:c6:e5:a4:c3:85:db:da:4d:5c:f8:48:
f4:b8:c4:51:2d:da:1b:9d:94:3e:c9:0b:6b:b9:a4:04:42:8b:
08:ce:ab:7f:0c:8f:e3:bf:db:16:22:b1:59:dc:fb:8f:f4:a2:
d8:94:65:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf8obcxx980M/0iwyLKQQCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwNTA4MTgzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWE0YmRmYzg1Y2MxNzIxNzNkNjk1NmRlNDgzOWM3Nzk2ZWJkN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Vj1uyZT50PVzRff8TY2LeHj5HD
/ntyolhUcEHYJ6NPQ1iAoaG26r0dMziE5rHEg2siZWW73+4WLbNfrW5ggJTZ4YBh
8LaQx9kpl7voabDVZ6mQYTjctBsgcqHsNXVhBMFgIBsdMjX2Bmcmd5/EIqfhZsZ1
QE4aRmu1bz1HunKeQKZQZOCVlsQePS6uJg+kqBcPp6gjL5B4cNTmonrfXOR0ZX4Y
XPcJVX9bXRhMvnLmAWMdU3dhAs6aZK+kC8XtSxpJCR1I0K08uWEOnKuINvCCgFQV
ileLLDiENTIenBE5jQuJWyOu6v2+CMMS+fHtYb8L2GEqWEJ6EeXuXBAJSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqkvfyFzBchc9aVbeSDnHeW69e9MB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvT3FTOV9JWE1GeUZ6MXBWdDVJT2NkNWJyMTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZJMA0G
CSqGSIb3DQEBCwUAA4IBAQCcPEz/e3ls4opSLC0UA3duDj/P4RJzZ8/KCvI10wbT
vCX3EpaqxR0oiQN1oSbhgUJzsiP0mnS+hjHncpfHii3aI7NvS2kOkstTJT6eL9P6
go/daj5ju29NxGRCLyaeN226/si+bRUIzosn0jULqK2Z2Df2czUZ0/OJyIiWNrvx
XF6M2RiAdP1o1CXB1NQC6krDjcYJB8xZDhH577YU0Zg5HSw2L3ayPRzt5K5P6HWg
3rQI2oW+2+xzkwY/4BTJDGVmn6WmXugZiuQLPTCExuWkw4Xb2k1c+Ej0uMRRLdob
nZQ+yQtruaQEQosIzqt/DI/jv9sWIrFZ3PuP9KLYlGX7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org