Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/URwPeEZAfkuBCfJU-vqzEDGD7LA.roa
File: URwPeEZAfkuBCfJU-vqzEDGD7LA.roa (raw, json)
Hash identifier: 4CvsiODXH7IOmeia6wAwOJCUQYnWeN3QGKHnfanqzgc=
Subject key identifier: 51:1C:0F:78:46:40:7E:4B:81:09:F2:54:FA:FA:B3:10:31:83:EC:B0
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0186B5DCEF14145421D46E8C596C8A672D81
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/URwPeEZAfkuBCfJU-vqzEDGD7LA.roa
Signing time: Mon 06 Mar 2023 07:40:00 +0000
ROA not before: Mon 06 Mar 2023 07:40:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 92.118.72.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:dc:ef:14:14:54:21:d4:6e:8c:59:6c:8a:67:2d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Mar 6 07:40:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=511c0f7846407e4b8109f254fafab3103183ecb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c6:89:dd:82:ca:01:ca:c5:61:c7:fe:83:8c:
d7:b6:d9:64:5f:7b:a2:7f:f7:54:ee:f4:6a:a0:a1:
4f:5d:22:c2:09:bd:44:98:b4:6e:9d:30:02:34:d6:
18:c9:39:d4:b4:aa:d0:d9:e1:c4:dc:28:22:87:a7:
a4:1e:dc:d8:74:c3:91:26:82:6f:5a:97:fb:ae:df:
82:5e:3a:e1:01:2c:d8:89:6a:7b:e9:2b:6c:e2:95:
bc:6e:d2:5d:0b:ff:f4:48:a9:c5:a7:b0:36:69:2a:
b7:6a:d0:ee:d8:05:44:f2:0c:12:7f:a3:42:36:72:
bd:85:f9:92:40:e1:a4:79:d1:e3:34:2a:52:59:9c:
68:72:61:18:fc:fc:ef:70:5c:69:bf:4c:b7:26:bc:
11:d4:3a:ad:e2:2d:bc:60:65:f3:db:06:9a:8f:f3:
eb:c0:37:ce:ff:fd:98:fc:30:93:57:39:ca:37:96:
99:f0:16:ff:a5:f3:54:0f:ed:d5:97:01:13:f9:05:
23:57:1d:06:34:ac:7f:ef:a6:a3:9a:eb:9a:53:e6:
37:c2:6d:96:68:40:19:6d:c0:20:0a:ff:31:82:a8:
fc:2a:a1:2d:21:79:b7:d7:36:51:c1:d3:6f:88:c1:
1d:30:9d:82:12:47:65:21:2b:ec:df:90:23:62:21:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1C:0F:78:46:40:7E:4B:81:09:F2:54:FA:FA:B3:10:31:83:EC:B0
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/URwPeEZAfkuBCfJU-vqzEDGD7LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.72.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:5f:99:23:4f:1f:97:82:9a:1d:6f:80:8b:64:07:6f:8b:e9:
a3:74:90:9b:b2:d2:50:52:ed:35:1e:f0:be:e3:28:a0:0a:15:
2f:ee:90:3f:aa:9d:df:7d:9c:ff:2a:3d:e7:4e:e7:fb:3f:0b:
5b:47:82:07:0d:43:0e:e6:e3:64:ad:0a:4c:e2:30:94:23:a8:
a4:83:d9:64:31:25:90:9a:d0:3f:17:b5:e7:2d:22:8f:d0:75:
53:db:af:bb:6a:df:19:c4:78:ab:38:e2:ca:00:c7:69:24:18:
03:00:52:14:5b:0c:c8:f9:41:d3:77:fc:c6:f8:de:6a:51:b4:
15:d2:99:d9:44:42:93:d8:b6:cb:f0:88:fe:cd:9b:b2:34:0e:
26:98:a8:6d:99:31:03:ac:f8:1a:ac:eb:f3:2c:ce:ad:26:ec:
ce:e8:70:5b:da:1e:b8:3b:96:5a:40:42:c4:a5:a0:10:f1:99:
f5:08:c0:df:dc:dc:71:9e:61:33:cd:0d:bd:c3:0f:b7:81:9d:
16:d9:37:ec:da:6e:87:a3:f2:0e:ab:c7:b0:65:62:10:08:77:
53:fd:03:0c:cb:63:a9:9f:89:1c:43:fe:e2:18:65:d9:0a:5d:
ec:4d:2c:ae:cb:4e:61:34:3c:43:13:f6:3f:50:dc:96:9c:b8:
af:44:6b:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa13O8UFFQh1G6MWWyKZy2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwMzA2MDc0MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFjMGY3ODQ2NDA3ZTRiODEwOWYyNTRmYWZhYjMxMDMxODNlY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcaJ3YLKAcrFYcf+g4zXttlkX3ui
f/dU7vRqoKFPXSLCCb1EmLRunTACNNYYyTnUtKrQ2eHE3Cgih6ekHtzYdMORJoJv
Wpf7rt+CXjrhASzYiWp76Sts4pW8btJdC//0SKnFp7A2aSq3atDu2AVE8gwSf6NC
NnK9hfmSQOGkedHjNCpSWZxocmEY/PzvcFxpv0y3JrwR1Dqt4i28YGXz2waaj/Pr
wDfO//2Y/DCTVznKN5aZ8Bb/pfNUD+3VlwET+QUjVx0GNKx/76ajmuuaU+Y3wm2W
aEAZbcAgCv8xgqj8KqEtIXm31zZRwdNviMEdMJ2CEkdlISvs35AjYiFpJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEcD3hGQH5LgQnyVPr6sxAxg+ywMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvVVJ3UGVFWkFma3VCQ2ZKVS12cXpFREdEN0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXHZIMA0G
CSqGSIb3DQEBCwUAA4IBAQAsX5kjTx+Xgpodb4CLZAdvi+mjdJCbstJQUu01HvC+
4yigChUv7pA/qp3ffZz/Kj3nTuf7PwtbR4IHDUMO5uNkrQpM4jCUI6ikg9lkMSWQ
mtA/F7XnLSKP0HVT26+7at8ZxHirOOLKAMdpJBgDAFIUWwzI+UHTd/zG+N5qUbQV
0pnZREKT2LbL8Ij+zZuyNA4mmKhtmTEDrPgarOvzLM6tJuzO6HBb2h64O5ZaQELE
paAQ8Zn1CMDf3NxxnmEzzQ29ww+3gZ0W2Tfs2m6Ho/IOq8ewZWIQCHdT/QMMy2Op
n4kcQ/7iGGXZCl3sTSyuy05hNDxDE/Y/UNyWnLivRGvB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org