Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/dE-4863Kq_cChGnXSomR6Ro2BGM.roa
File: dE-4863Kq_cChGnXSomR6Ro2BGM.roa (raw, json)
Hash identifier: dZS8riAmwXZRcBNbb5YAe0pBI/dS5EjG9FOKCP92Fdc=
Subject key identifier: 74:4F:B8:F3:AD:CA:AB:F7:02:84:69:D7:4A:89:91:E9:1A:36:04:63
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 01856E78CD33147B16CAA9BD6172599FAB95
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/dE-4863Kq_cChGnXSomR6Ro2BGM.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206680
IP address blocks: 80.72.22.0/23 maxlen: 32
2a00:8740:700::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cd:33:14:7b:16:ca:a9:bd:61:72:59:9f:ab:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=744fb8f3adcaabf7028469d74a8991e91a360463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:7a:c6:6a:0d:76:71:f4:b0:28:84:56:ef:
1a:39:3e:24:ce:09:e3:05:a7:b5:07:da:e0:75:4f:
c8:02:90:cf:b8:0b:9b:aa:6b:2a:00:21:5d:8b:f5:
74:65:2b:d8:f5:3a:fc:20:ad:df:5d:73:c0:31:77:
b7:a4:0b:0d:63:5a:6c:06:ce:54:f4:ab:c9:22:f3:
d7:3c:ff:41:4b:31:b5:c5:52:3b:e9:cc:b4:38:d9:
69:59:21:30:09:3a:79:7a:95:93:3c:a1:a8:93:15:
27:8e:7d:f5:dc:ea:6b:e8:36:5e:5f:6b:93:8f:bc:
6b:46:90:98:ed:e2:4b:17:a2:a9:82:16:78:69:97:
80:52:70:3b:00:2d:09:36:ee:b1:c0:28:81:2a:99:
6b:16:7a:94:78:6f:51:a2:92:28:30:a5:32:7d:53:
27:3a:e5:40:34:c9:36:f6:c4:c2:91:ce:53:6b:8c:
eb:52:99:73:75:43:93:80:c7:2a:f0:04:70:41:73:
3f:36:07:34:79:8b:ad:eb:b7:77:ad:b7:22:3e:37:
88:d6:09:6e:3f:c3:28:3e:5e:39:57:7a:03:82:46:
13:92:6f:01:43:fd:a1:6b:21:b0:3a:c3:0d:db:72:
e5:99:0e:f4:e5:98:dd:23:47:3e:08:1a:6a:0f:cf:
ee:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4F:B8:F3:AD:CA:AB:F7:02:84:69:D7:4A:89:91:E9:1A:36:04:63
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/dE-4863Kq_cChGnXSomR6Ro2BGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.22.0/23
IPv6:
2a00:8740:700::/40
Signature Algorithm: sha256WithRSAEncryption
ad:a8:08:21:1b:99:74:61:14:67:16:23:d1:67:7b:07:86:1c:
de:00:77:d3:25:a4:51:ac:a0:36:59:e2:7e:c7:c6:28:8b:10:
2e:4a:46:21:41:47:b1:11:90:83:91:b3:cf:85:6e:5b:40:bb:
78:c0:d3:b5:a9:85:34:c8:3b:c6:33:56:2d:46:7a:cc:84:42:
82:ce:32:d3:b3:80:aa:ab:34:e9:25:4c:14:ff:7c:99:de:53:
05:d4:76:8f:49:53:40:08:38:a2:a6:f6:cf:2c:d8:dd:9d:a8:
bd:4a:34:a4:23:c7:cd:04:29:ea:52:2c:f2:a1:e5:45:44:c7:
ad:c8:a0:04:ae:8c:78:6c:96:93:2f:03:aa:1e:8d:83:e7:4a:
2a:56:e3:3e:f2:6d:a5:5b:00:4e:f5:06:d0:45:f9:b0:48:99:
69:57:9b:82:60:7a:ba:66:72:66:d7:73:36:82:47:7a:f8:0f:
9e:d4:c0:56:19:2a:2a:7a:9f:d4:76:5d:95:c8:19:e2:d4:2b:
eb:c8:85:a4:d6:0d:17:69:70:7e:2b:e0:cc:ba:b1:00:e1:dd:
51:d7:08:0f:e1:d8:d0:2d:53:c2:42:92:0b:55:d4:cb:e8:92:
c5:7e:e6:34:6e:7c:81:a4:44:18:73:c9:16:0f:4d:1e:7a:27:
2a:54:ee:0b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVueM0zFHsWyqm9YXJZn6uVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDRmYjhmM2FkY2FhYmY3MDI4NDY5ZDc0YTg5OTFlOTFhMzYwNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLh6xmoNdnH0sCiEVu8aOT4kzgnj
Bae1B9rgdU/IApDPuAubqmsqACFdi/V0ZSvY9Tr8IK3fXXPAMXe3pAsNY1psBs5U
9KvJIvPXPP9BSzG1xVI76cy0ONlpWSEwCTp5epWTPKGokxUnjn313Opr6DZeX2uT
j7xrRpCY7eJLF6KpghZ4aZeAUnA7AC0JNu6xwCiBKplrFnqUeG9RopIoMKUyfVMn
OuVANMk29sTCkc5Ta4zrUplzdUOTgMcq8ARwQXM/Ngc0eYut67d3rbciPjeI1glu
P8MoPl45V3oDgkYTkm8BQ/2hayGwOsMN23LlmQ705ZjdI0c+CBpqD8/uiwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHRPuPOtyqv3AoRp10qJkekaNgRjMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvZEUtNDg2M0txX2NDaEduWFNvbVI2Um8yQkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBUEgWMA4E
AgACMAgDBgAqAIdABzANBgkqhkiG9w0BAQsFAAOCAQEAragIIRuZdGEUZxYj0Wd7
B4Yc3gB30yWkUaygNlnifsfGKIsQLkpGIUFHsRGQg5Gzz4VuW0C7eMDTtamFNMg7
xjNWLUZ6zIRCgs4y07OAqqs06SVMFP98md5TBdR2j0lTQAg4oqb2zyzY3Z2ovUo0
pCPHzQQp6lIs8qHlRUTHrcigBK6MeGyWky8Dqh6Ng+dKKlbjPvJtpVsATvUG0EX5
sEiZaVebgmB6umZyZtdzNoJHevgPntTAVhkqKnqf1HZdlcgZ4tQr68iFpNYNF2lw
fivgzLqxAOHdUdcID+HY0C1TwkKSC1XUy+iSxX7mNG58gaREGHPJFg9NHnonKlTu
Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org