Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/_QFr1ifEESWvupo8UV8zUNZAa0s.roa
File: _QFr1ifEESWvupo8UV8zUNZAa0s.roa (raw, json)
Hash identifier: dRjeALo0FCGYdUZJYsY9v2hWrbhAh35hDoQygJseAis=
Subject key identifier: FD:01:6B:D6:27:C4:11:25:AF:BA:9A:3C:51:5F:33:50:D6:40:6B:4B
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0D7D9B16
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/_QFr1ifEESWvupo8UV8zUNZAa0s.roa
Signing time: Sat 01 Jan 2022 14:02:14 +0000
ROA not before: Sat 01 Jan 2022 14:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397373
IP address blocks: 80.72.20.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226335510 (0xd7d9b16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 14:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd016bd627c41125afba9a3c515f3350d6406b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:d0:81:7c:61:e5:b4:47:98:31:38:ce:af:
ca:28:09:55:27:b2:36:c4:53:8c:58:2c:48:e3:dd:
0c:a1:14:47:1f:bd:57:76:30:8c:a2:3c:7a:71:36:
ed:eb:dc:28:fd:c7:ce:fd:ba:4d:07:d4:98:13:87:
7f:e0:ea:c9:b8:92:8b:9f:9e:ad:17:ff:c0:c7:76:
01:fa:3d:17:4b:7b:57:cc:91:d1:2e:e0:bb:5a:9e:
07:c1:43:de:92:53:99:a3:0d:bf:3b:85:a6:af:9e:
1e:e7:0f:26:3c:d5:a9:9f:7e:97:6b:a8:ef:86:38:
77:7e:73:12:eb:23:04:53:60:98:f1:af:16:02:d4:
a9:10:b6:2a:87:8a:37:95:cd:16:58:3a:17:70:c9:
0d:22:42:ea:29:a2:52:bd:b7:33:59:c4:ef:1b:a5:
13:01:c0:c1:ca:be:8d:c6:f4:ab:40:31:df:d3:ff:
61:0c:14:88:fe:28:3f:ae:dd:7e:f3:3a:31:93:b7:
ae:55:19:4a:f5:1c:49:67:68:f1:a0:b9:24:e7:9a:
d2:a8:53:91:04:80:18:e3:de:16:76:34:7c:66:cf:
3f:b6:da:74:bf:56:6e:bb:2a:a6:51:fe:f3:cd:73:
70:4b:e0:f8:6b:0e:97:0a:49:8b:86:68:75:0a:5d:
ec:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:01:6B:D6:27:C4:11:25:AF:BA:9A:3C:51:5F:33:50:D6:40:6B:4B
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/_QFr1ifEESWvupo8UV8zUNZAa0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/22
Signature Algorithm: sha256WithRSAEncryption
56:a5:85:ca:a0:f3:db:49:9d:86:12:e8:32:40:63:5c:ba:42:
57:e2:f4:b1:97:86:35:ae:38:c3:93:f1:5c:0a:39:73:f1:e1:
0d:2b:2a:a4:d3:0f:5b:02:e9:d0:1d:13:4f:81:f8:42:f5:9d:
27:14:4e:b2:63:dd:0d:00:c0:28:9d:ea:c8:ff:c8:a5:46:51:
78:02:23:3f:38:2a:8d:17:e9:ab:e0:27:7a:49:7c:11:33:97:
fb:0c:35:03:33:b4:60:f4:0b:b3:69:79:9a:4f:d2:8f:0f:43:
60:a3:45:fc:db:17:93:27:73:fd:28:83:90:6e:29:a5:e9:df:
c0:d9:03:46:a7:14:ad:31:18:42:a6:61:cf:6c:0b:7c:84:b5:
74:57:bb:30:a0:73:f8:69:8c:b2:2b:7b:91:1c:84:40:3e:7a:
ee:3d:b8:65:b9:73:1e:05:e4:a8:58:79:bf:62:38:a1:92:de:
a6:81:67:0c:db:5a:a2:59:4f:58:9c:d2:99:e0:76:b5:e9:2a:
2f:61:22:b7:65:74:38:50:7d:22:0f:82:e0:32:f0:b8:29:c2:
38:19:1c:35:35:26:87:4b:0d:52:49:24:37:74:22:13:43:c6:
03:bb:77:4a:c3:89:40:d2:eb:7e:f7:d6:06:20:56:27:3c:c9:
2f:fe:53:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDX2bFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjlkOTc1MWYzNjc1ZjUxMzMyNzM0ZGE2OGVhOTYwMjYwMDQ1YjEyMB4XDTIyMDEw
MTE0MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQwMTZiZDYyN2M0
MTEyNWFmYmE5YTNjNTE1ZjMzNTBkNjQwNmI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO40IF8YeW0R5gxOM6vyigJVSeyNsRTjFgsSOPdDKEURx+9
V3YwjKI8enE27evcKP3Hzv26TQfUmBOHf+DqybiSi5+erRf/wMd2Afo9F0t7V8yR
0S7gu1qeB8FD3pJTmaMNvzuFpq+eHucPJjzVqZ9+l2uo74Y4d35zEusjBFNgmPGv
FgLUqRC2KoeKN5XNFlg6F3DJDSJC6imiUr23M1nE7xulEwHAwcq+jcb0q0Ax39P/
YQwUiP4oP67dfvM6MZO3rlUZSvUcSWdo8aC5JOea0qhTkQSAGOPeFnY0fGbPP7ba
dL9WbrsqplH+881zcEvg+GsOlwpJi4ZodQpd7K8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9AWvWJ8QRJa+6mjxRXzNQ1kBrSzAfBgNVHSMEGDAWgBSinZdR82dfUTMn
NNpo6pYCYARbEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29wMlhVZk5uWDFFekp6VGFhT3FXQW1BRVd4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8x
L19RRnIxaWZFRVNXdnVwbzhVVjh6VU5aQWEwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8xL29wMlhVZk5uWDFF
ekp6VGFhT3FXQW1BRVd4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlBIFDANBgkqhkiG9w0BAQsFAAOC
AQEAVqWFyqDz20mdhhLoMkBjXLpCV+L0sZeGNa44w5PxXAo5c/HhDSsqpNMPWwLp
0B0TT4H4QvWdJxROsmPdDQDAKJ3qyP/IpUZReAIjPzgqjRfpq+Anekl8ETOX+ww1
AzO0YPQLs2l5mk/Sjw9DYKNF/NsXkydz/SiDkG4ppenfwNkDRqcUrTEYQqZhz2wL
fIS1dFe7MKBz+GmMsit7kRyEQD567j24ZblzHgXkqFh5v2I4oZLepoFnDNtaollP
WJzSmeB2tekqL2Eit2V0OFB9Ig+C4DLwuCnCOBkcNTUmh0sNUkkkN3QiE0PGA7t3
SsOJQNLrfvfWBiBWJzzJL/5TYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org