Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/WuOS5EIs-_HZQQ7s8819-QAYwiQ.roa
File: WuOS5EIs-_HZQQ7s8819-QAYwiQ.roa (raw, json)
Hash identifier: 9EpFfDfUMeVjGC2umE4DCHYJyEN3elqJdWgM6kgIHhU=
Subject key identifier: 5A:E3:92:E4:42:2C:FB:F1:D9:41:0E:EC:F3:CD:7D:F9:00:18:C2:24
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 01856E78CEC6A8DC0C065BC9EF927D96C3F3
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/WuOS5EIs-_HZQQ7s8819-QAYwiQ.roa
Signing time: Sun 01 Jan 2023 17:54:49 +0000
ROA not before: Sun 01 Jan 2023 17:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211282
IP address blocks: 80.72.18.0/23 maxlen: 32
2a00:8740:600::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ce:c6:a8:dc:0c:06:5b:c9:ef:92:7d:96:c3:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 17:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ae392e4422cfbf1d9410eecf3cd7df90018c224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ad:48:84:4d:cd:59:01:5b:de:66:64:45:44:
54:56:e6:23:f9:10:d3:42:37:62:28:70:9f:7c:aa:
85:40:2c:9d:ea:85:42:5d:15:42:38:d0:23:86:9e:
ba:c5:1a:33:32:ca:15:d7:2c:4f:3a:e8:f6:5c:e3:
cc:2c:49:40:0a:32:f4:65:9d:60:33:c9:1e:a9:eb:
d2:70:f2:ff:d3:d6:ce:b8:50:ab:c4:f9:c3:0f:4f:
cd:e5:5f:80:16:a9:64:48:71:f6:fa:ef:cd:13:a5:
47:18:bc:21:ac:42:a6:b6:05:84:54:4a:59:41:5a:
fb:b5:d1:28:54:89:ff:f7:38:b5:5f:a2:16:4c:ed:
d7:0e:31:87:17:05:d0:0d:61:68:c6:66:e0:f9:da:
1c:46:a5:8d:69:6d:44:37:03:0f:f5:c0:f9:12:ff:
fc:77:c6:46:48:97:61:89:34:27:29:61:7b:cf:0a:
7a:09:3c:1e:32:f3:a9:88:a0:f9:6d:54:c2:94:1c:
ab:cd:25:fc:ee:5b:ed:12:f9:61:c0:44:38:40:2a:
4b:08:66:f2:7a:5f:fe:e2:8d:64:ab:04:7e:6b:7b:
f5:c5:64:dc:a5:b8:c6:72:6d:1d:ef:d9:47:e4:96:
c6:47:20:eb:f2:b2:4c:3a:1f:fa:80:2f:01:59:b0:
c2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E3:92:E4:42:2C:FB:F1:D9:41:0E:EC:F3:CD:7D:F9:00:18:C2:24
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/WuOS5EIs-_HZQQ7s8819-QAYwiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.18.0/23
IPv6:
2a00:8740:600::/40
Signature Algorithm: sha256WithRSAEncryption
0d:e2:f8:30:f0:0c:6d:d5:63:e1:c4:85:09:ef:18:02:80:28:
7e:19:63:e0:6a:14:2a:e5:6a:8a:c8:93:bb:7e:1a:f3:ed:aa:
bc:35:30:6c:ff:38:5a:e9:77:62:ff:ba:b9:aa:8c:22:47:4f:
8c:56:56:d4:90:ef:0b:b5:a5:04:a0:56:25:d3:53:0c:c1:a1:
7e:52:de:2c:12:b8:0c:78:3b:bb:34:1e:14:ab:9d:19:67:19:
97:cd:be:ae:b9:b2:51:ee:40:d3:16:95:b7:1b:75:38:e5:fa:
aa:2e:f0:9e:e1:a5:85:91:8b:1f:35:8c:d4:28:1d:6f:ad:e5:
86:65:53:0b:ab:52:8e:0d:26:93:ab:a5:59:94:a5:11:b5:dd:
bf:9b:bf:59:e2:a5:61:13:0d:44:79:55:8a:0f:83:9d:e4:c7:
d5:6d:1b:ff:8f:27:0a:2c:49:c3:06:cc:38:ef:e6:ac:30:ac:
c7:cb:5a:27:10:d6:40:37:14:e3:4e:55:d4:3f:6a:18:a9:73:
59:34:2b:25:39:a1:4e:93:90:ae:e3:79:a3:37:8f:dd:2c:81:
93:0b:10:6f:5e:7f:d4:9a:e8:13:27:b3:55:55:4c:6d:88:f6:
7b:d2:31:21:73:aa:63:44:f7:ea:04:97:fe:70:3d:45:ca:a8:
e7:25:d6:55
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVueM7GqNwMBlvJ75J9lsPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwMTAxMTc1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWUzOTJlNDQyMmNmYmYxZDk0MTBlZWNmM2NkN2RmOTAwMThjMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw61IhE3NWQFb3mZkRURUVuYj+RDT
QjdiKHCffKqFQCyd6oVCXRVCONAjhp66xRozMsoV1yxPOuj2XOPMLElACjL0ZZ1g
M8keqevScPL/09bOuFCrxPnDD0/N5V+AFqlkSHH2+u/NE6VHGLwhrEKmtgWEVEpZ
QVr7tdEoVIn/9zi1X6IWTO3XDjGHFwXQDWFoxmbg+docRqWNaW1ENwMP9cD5Ev/8
d8ZGSJdhiTQnKWF7zwp6CTweMvOpiKD5bVTClByrzSX87lvtEvlhwEQ4QCpLCGby
el/+4o1kqwR+a3v1xWTcpbjGcm0d79lH5JbGRyDr8rJMOh/6gC8BWbDCfwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFrjkuRCLPvx2UEO7PPNffkAGMIkMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvV3VPUzVFSXMtX0haUVE3czg4MTktUUFZd2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBUEgSMA4E
AgACMAgDBgAqAIdABjANBgkqhkiG9w0BAQsFAAOCAQEADeL4MPAMbdVj4cSFCe8Y
AoAofhlj4GoUKuVqisiTu34a8+2qvDUwbP84Wul3Yv+6uaqMIkdPjFZW1JDvC7Wl
BKBWJdNTDMGhflLeLBK4DHg7uzQeFKudGWcZl82+rrmyUe5A0xaVtxt1OOX6qi7w
nuGlhZGLHzWM1Cgdb63lhmVTC6tSjg0mk6ulWZSlEbXdv5u/WeKlYRMNRHlVig+D
neTH1W0b/48nCixJwwbMOO/mrDCsx8taJxDWQDcU405V1D9qGKlzWTQrJTmhTpOQ
ruN5ozeP3SyBkwsQb15/1JroEyezVVVMbYj2e9IxIXOqY0T36gSX/nA9Rcqo5yXW
VQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org