Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/SdWP1pWWlyopgOSo7nTRI4eU6Fc.roa
File: SdWP1pWWlyopgOSo7nTRI4eU6Fc.roa (raw, json)
Hash identifier: GpnCIHYph42mLUupP6F+8hudwyHAl1A1/FDnGSxrEtc=
Subject key identifier: 49:D5:8F:D6:95:96:97:2A:29:80:E4:A8:EE:74:D1:23:87:94:E8:57
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0187A2877FC0BD20F70126EF605DF2C457F8
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/SdWP1pWWlyopgOSo7nTRI4eU6Fc.roa
Signing time: Fri 21 Apr 2023 06:36:41 +0000
ROA not before: Fri 21 Apr 2023 06:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49037
IP address blocks: 92.118.72.0/24 maxlen: 32
185.9.184.0/22 maxlen: 24
80.72.16.0/21 maxlen: 32
95.174.96.0/19 maxlen: 24
80.72.24.0/22 maxlen: 32
185.230.240.0/22 maxlen: 24
2a00:8740::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:87:7f:c0:bd:20:f7:01:26:ef:60:5d:f2:c4:57:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Apr 21 06:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49d58fd69596972a2980e4a8ee74d1238794e857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:96:d3:35:f9:cd:55:c2:ab:dd:4e:ff:40:05:
41:ea:9f:8d:d2:ef:f9:78:41:dd:b0:c8:07:05:02:
fa:7d:bc:a4:8a:ef:11:64:ae:79:8d:14:2f:24:46:
cd:96:2c:fd:44:4b:dd:62:64:3b:f7:a9:33:a9:60:
df:ac:ed:7c:13:d4:dc:9d:33:7a:50:f8:ba:26:37:
41:c0:b1:d7:90:96:0b:c4:69:a8:60:35:a8:1a:4a:
cd:21:68:b7:98:c4:e4:4b:04:7f:c9:bc:e3:ef:89:
c3:76:7e:06:d0:c3:a4:3a:4b:ea:83:81:a2:63:7e:
77:cd:4a:92:e5:16:11:e1:ae:2b:fb:10:db:1f:ea:
11:74:2d:e4:0f:3b:4e:6d:c0:60:d6:b3:af:9b:7c:
a1:48:1e:56:e1:e8:d0:04:eb:d3:e2:cb:12:7b:9b:
fa:71:90:0c:6b:ba:5d:93:25:97:64:68:9a:fc:c7:
cf:e1:c7:66:53:3b:2b:ae:b3:9b:ad:8c:55:44:de:
ec:f4:3f:4c:8d:37:e6:55:f6:22:a8:4a:d4:e6:4c:
31:35:89:5f:f5:4f:39:30:26:24:f0:df:08:e7:ba:
9e:ac:a0:23:2a:8d:d6:9d:37:3e:76:39:6e:db:2a:
6f:b8:c6:a0:87:fa:67:d7:c8:6c:91:22:ff:aa:48:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D5:8F:D6:95:96:97:2A:29:80:E4:A8:EE:74:D1:23:87:94:E8:57
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/SdWP1pWWlyopgOSo7nTRI4eU6Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.16.0-80.72.27.255
92.118.72.0/24
95.174.96.0/19
185.9.184.0/22
185.230.240.0/22
IPv6:
2a00:8740::/32
Signature Algorithm: sha256WithRSAEncryption
6d:99:e3:88:29:fc:a4:a7:a6:4b:69:14:bd:eb:f3:d2:35:81:
92:e1:70:f4:08:ea:58:fb:11:2f:f5:8c:d8:05:77:5c:06:80:
79:a2:83:87:57:ac:f5:ab:6b:4c:50:84:21:c4:f1:aa:28:c7:
3b:cf:30:37:ae:55:cc:82:2b:d3:ed:5e:53:1b:23:6b:c8:19:
8c:4a:e6:44:dc:16:9d:b3:f8:11:73:74:ef:5e:51:6a:76:8b:
3c:9e:e7:b2:be:82:4a:9b:1a:47:36:47:22:e8:f8:1e:f0:9f:
23:ca:76:11:14:59:5f:a8:de:53:b6:6a:6d:76:7a:2a:2b:0e:
83:14:b9:7a:32:68:b1:34:a5:a7:d6:8b:9e:16:53:27:f5:c2:
4b:b9:4b:31:4f:17:0d:db:e4:d8:92:3c:d1:93:e3:59:c2:fc:
a1:94:80:95:58:78:2d:23:3a:60:65:d1:aa:22:8d:66:2b:3e:
8f:13:b0:68:cd:d7:ec:68:00:0e:5d:39:18:ce:96:54:7c:1a:
25:a3:02:80:32:35:4c:a2:9b:ba:e7:0c:14:49:d8:31:f0:fd:
a4:bb:d7:a2:0b:98:c2:60:6d:72:a1:18:b0:c8:81:20:ea:f0:
5e:2f:ea:26:82:7e:7c:25:05:df:15:e2:75:aa:5c:49:3d:7f:
5a:c7:fc:86
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYeih3/AvSD3ASbvYF3yxFf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwNDIxMDYzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ1OGZkNjk1OTY5NzJhMjk4MGU0YThlZTc0ZDEyMzg3OTRlODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpbTNfnNVcKr3U7/QAVB6p+N0u/5
eEHdsMgHBQL6fbykiu8RZK55jRQvJEbNliz9REvdYmQ796kzqWDfrO18E9TcnTN6
UPi6JjdBwLHXkJYLxGmoYDWoGkrNIWi3mMTkSwR/ybzj74nDdn4G0MOkOkvqg4Gi
Y353zUqS5RYR4a4r+xDbH+oRdC3kDztObcBg1rOvm3yhSB5W4ejQBOvT4ssSe5v6
cZAMa7pdkyWXZGia/MfP4cdmUzsrrrObrYxVRN7s9D9MjTfmVfYiqErU5kwxNYlf
9U85MCYk8N8I57qerKAjKo3WnTc+djlu2ypvuMagh/pn18hskSL/qkhfsQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEnVj9aVlpcqKYDkqO500SOHlOhXMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvU2RXUDFwV1dseW9wZ09TbzduVFJJNGVVNkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBARQSBAD
BAJQSBgDBABcdkgDBAVfrmADBAK5CbgDBAK55vAwDQQCAAIwBwMFACoAh0AwDQYJ
KoZIhvcNAQELBQADggEBAG2Z44gp/KSnpktpFL3r89I1gZLhcPQI6lj7ES/1jNgF
d1wGgHmig4dXrPWra0xQhCHE8aooxzvPMDeuVcyCK9PtXlMbI2vIGYxK5kTcFp2z
+BFzdO9eUWp2izye57K+gkqbGkc2RyLo+B7wnyPKdhEUWV+o3lO2am12eiorDoMU
uXoyaLE0pafWi54WUyf1wku5SzFPFw3b5NiSPNGT41nC/KGUgJVYeC0jOmBl0aoi
jWYrPo8TsGjN1+xoAA5dORjOllR8GiWjAoAyNUyim7rnDBRJ2DHw/aS716ILmMJg
bXKhGLDIgSDq8F4v6iaCfnwlBd8V4nWqXEk9f1rH/IY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org