Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/leXPpprLZOwHcCUf6Z59RNmoLWg.roa
File: leXPpprLZOwHcCUf6Z59RNmoLWg.roa (raw, json)
Hash identifier: QIQmpiiA+eEH2FJjFscozRXHfQLzh4eVBBXe8ElfMEs=
Subject key identifier: 95:E5:CF:A6:9A:CB:64:EC:07:70:25:1F:E9:9E:7D:44:D9:A8:2D:68
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 01835A889D32B2067AA17FE8A7A1EEB02D15
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/leXPpprLZOwHcCUf6Z59RNmoLWg.roa
Signing time: Tue 20 Sep 2022 10:54:06 +0000
ROA not before: Tue 20 Sep 2022 10:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 92.118.72.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:88:9d:32:b2:06:7a:a1:7f:e8:a7:a1:ee:b0:2d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Sep 20 10:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95e5cfa69acb64ec0770251fe99e7d44d9a82d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:42:49:19:b7:91:a2:03:ff:9d:9f:7e:7f:
87:eb:24:9c:71:b3:11:74:57:80:b1:40:d4:64:09:
dd:69:14:ad:88:db:f2:75:c1:77:ae:7b:b2:29:48:
f7:f6:de:63:2f:7a:70:1d:4b:c5:21:d0:ca:db:7b:
ff:89:62:8b:52:ff:3c:eb:37:c9:fc:80:61:3e:64:
d4:cb:3a:6c:00:7a:28:a2:6e:53:e9:4f:4c:11:14:
16:39:d8:e4:45:8d:96:b0:13:99:00:e7:f7:a5:bc:
02:db:ea:d6:6c:54:bb:9b:b3:ae:4a:fd:eb:a3:a0:
3f:99:54:b5:13:17:d0:ca:3a:0c:00:1e:3f:cd:e7:
e3:8f:1e:c2:4c:f3:5a:07:1f:c8:33:b9:77:fa:b5:
46:80:4e:57:b2:42:3a:77:f6:1f:59:a3:6f:2f:ee:
d1:3c:1b:32:57:38:e3:fa:09:15:8d:77:c2:78:e8:
4a:85:ad:1d:b9:d8:0d:22:f9:26:d1:4e:c4:54:2c:
4d:11:4f:9d:9f:c0:f7:3d:9c:99:df:19:de:d2:fe:
95:01:4b:c9:ef:fc:73:c5:fd:35:67:38:6c:66:dd:
af:97:83:5f:b7:ee:2d:86:7c:7c:75:35:16:b6:40:
d6:c5:26:1c:0b:b5:02:34:01:bf:d3:2a:0d:f2:65:
e0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E5:CF:A6:9A:CB:64:EC:07:70:25:1F:E9:9E:7D:44:D9:A8:2D:68
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/leXPpprLZOwHcCUf6Z59RNmoLWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.72.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:02:cc:75:53:51:89:1c:2c:62:ad:a4:f1:30:00:dd:f3:0f:
bb:fb:ff:9e:90:c3:60:52:a7:f4:06:09:1d:a1:c7:8d:cf:d7:
54:90:f1:52:31:ff:d5:69:0a:67:be:d8:83:99:81:f3:f2:c8:
91:35:9e:ed:dc:e3:61:07:57:6e:2b:b0:65:06:a4:73:be:4b:
7d:37:47:a4:44:67:44:70:0c:f5:cf:ec:cb:ca:52:0c:82:b4:
66:53:ff:b5:d5:ff:96:30:dc:8e:37:79:ea:b4:f2:08:84:f3:
bb:39:df:4d:5b:b9:bd:d8:92:55:86:d6:c9:21:0c:c2:20:3d:
0c:db:6c:61:d9:15:3e:65:ed:7f:fc:8f:89:96:4e:aa:4f:04:
f3:76:6e:6a:f5:b4:41:0a:90:ff:7a:82:4c:4c:48:3c:a6:75:
0d:8f:5e:84:cb:21:ef:10:1c:1e:cb:98:f2:c4:b8:57:af:9c:
fb:dd:a0:54:52:46:28:5e:02:d9:af:b2:5b:20:85:e0:37:a9:
80:a9:1c:9d:98:b9:81:fe:73:c2:39:27:5c:95:17:4b:86:d1:
d8:82:ce:0b:39:d2:35:4c:a3:1b:63:c5:ce:7e:a6:d0:8c:7e:
83:1e:d8:13:7b:47:bc:b0:01:85:37:8f:3d:da:8b:87:c3:58:
c9:f0:2e:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNaiJ0ysgZ6oX/op6HusC0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjIwOTIwMTA1NDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU1Y2ZhNjlhY2I2NGVjMDc3MDI1MWZlOTllN2Q0NGQ5YTgyZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3dCSRm3kaID/52ffn+H6ySccbMR
dFeAsUDUZAndaRStiNvydcF3rnuyKUj39t5jL3pwHUvFIdDK23v/iWKLUv886zfJ
/IBhPmTUyzpsAHooom5T6U9MERQWOdjkRY2WsBOZAOf3pbwC2+rWbFS7m7OuSv3r
o6A/mVS1ExfQyjoMAB4/zefjjx7CTPNaBx/IM7l3+rVGgE5XskI6d/YfWaNvL+7R
PBsyVzjj+gkVjXfCeOhKha0dudgNIvkm0U7EVCxNEU+dn8D3PZyZ3xne0v6VAUvJ
7/xzxf01ZzhsZt2vl4Nft+4thnx8dTUWtkDWxSYcC7UCNAG/0yoN8mXgHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXlz6aay2TsB3AlH+mefUTZqC1oMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvbGVYUHBwckxaT3dIY0NVZjZaNTlSTm1vTFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZIMA0G
CSqGSIb3DQEBCwUAA4IBAQBeAsx1U1GJHCxiraTxMADd8w+7+/+ekMNgUqf0Bgkd
oceNz9dUkPFSMf/VaQpnvtiDmYHz8siRNZ7t3ONhB1duK7BlBqRzvkt9N0ekRGdE
cAz1z+zLylIMgrRmU/+11f+WMNyON3nqtPIIhPO7Od9NW7m92JJVhtbJIQzCID0M
22xh2RU+Ze1//I+Jlk6qTwTzdm5q9bRBCpD/eoJMTEg8pnUNj16EyyHvEBwey5jy
xLhXr5z73aBUUkYoXgLZr7JbIIXgN6mAqRydmLmB/nPCOSdclRdLhtHYgs4LOdI1
TKMbY8XOfqbQjH6DHtgTe0e8sAGFN4892ouHw1jJ8C47
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org