Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PG6xESe0PoRlmKuR3pjleaM0vuE.roa
File: PG6xESe0PoRlmKuR3pjleaM0vuE.roa (raw, json)
Hash identifier: CSgMkdmcuYsyQfDoNXw0Nrkb/maVEF8Ej5V6xNFI8q4=
Subject key identifier: 3C:6E:B1:11:27:B4:3E:84:65:98:AB:91:DE:98:E5:79:A3:34:BE:E1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1DDFD202
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PG6xESe0PoRlmKuR3pjleaM0vuE.roa
Signing time: Tue 12 Apr 2022 05:36:11 +0000
ROA not before: Tue 12 Apr 2022 05:36:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 92.249.48.0/24 maxlen: 24
92.249.51.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 501207554 (0x1ddfd202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 12 05:36:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c6eb11127b43e846598ab91de98e579a334bee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:f1:20:72:5a:0e:60:fe:87:af:b2:86:da:
53:ff:19:8c:75:b4:b9:ec:69:e4:d0:09:f2:dd:58:
92:db:8d:ee:73:6a:cd:a1:b2:5c:10:71:ee:bd:b0:
2b:67:6a:b2:8a:5c:f1:ab:5d:25:08:c3:3d:fd:98:
76:ea:2c:56:77:d3:19:ad:3d:77:8b:59:f9:9c:0b:
f1:55:cb:67:eb:20:da:c4:b7:e7:c7:f7:f5:b1:ad:
27:cf:0c:f6:30:88:20:0c:92:95:61:a9:ab:ca:5e:
95:3a:4c:90:77:63:1b:6f:7d:94:da:dc:99:ea:fa:
ca:c8:72:c1:33:17:69:e9:8c:39:8c:23:05:24:c0:
b6:ca:f3:85:4d:51:cd:82:40:30:15:06:ac:71:5b:
a1:cd:c6:06:2c:54:10:45:fa:1c:9f:0c:ef:84:a0:
05:23:a4:b9:f7:82:c8:ad:d1:d7:fd:09:bd:d3:92:
5c:20:ac:23:63:b7:08:d5:bb:0c:95:ba:a6:c6:27:
92:10:ea:52:97:c6:af:65:e8:23:8e:f4:63:46:f4:
a0:d4:5c:42:7c:78:02:1f:b9:84:29:9b:4a:fd:74:
c2:cc:33:35:c0:1c:5b:9c:1d:ff:07:70:5e:6e:d3:
b3:9f:1a:8e:e8:68:4b:87:fa:d6:6b:12:14:c4:08:
02:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6E:B1:11:27:B4:3E:84:65:98:AB:91:DE:98:E5:79:A3:34:BE:E1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PG6xESe0PoRlmKuR3pjleaM0vuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.48.0/24
92.249.51.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:06:10:79:69:70:d0:de:84:15:16:42:27:b3:9e:95:36:9b:
98:9a:c2:ec:50:83:9e:72:4e:6d:c0:93:ec:93:74:9b:1d:ff:
3a:c4:44:28:d7:db:f0:57:99:20:fb:71:ff:8b:58:9a:20:3d:
4e:f4:6a:76:a9:60:59:0c:fc:b3:1a:73:31:37:0f:c3:e9:e5:
0f:7c:07:6e:41:d5:dd:3d:ee:26:57:e9:74:4a:ed:b0:6f:f7:
77:93:6b:ae:62:0a:d5:a0:a2:56:a8:80:4c:90:e2:cf:33:62:
9f:10:38:35:f5:df:f7:5a:f4:0b:89:f2:12:a4:4e:ee:cb:c5:
55:cd:ae:5e:a2:28:aa:de:ec:cc:42:78:29:ca:4a:83:e4:7a:
56:2e:39:22:c6:ca:f0:7c:b3:b9:bd:66:36:2d:50:2b:37:f8:
b0:4a:c2:76:dc:c0:e4:1d:ca:de:7a:a5:9f:57:a2:34:f3:7f:
50:a1:43:f5:29:7d:73:6d:75:7e:cc:15:aa:d5:2e:6e:26:a4:
c5:89:20:28:18:47:2d:0f:22:55:f1:33:e8:fd:e2:76:37:d1:
f7:38:55:3a:8b:59:cb:02:fa:02:aa:6f:97:be:60:a3:c8:c3:
86:7a:98:a0:be:32:8f:31:ce:2f:20:d6:22:a1:db:36:fb:66:
8f:5a:26:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHd/SAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQx
MjA1MzYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M2ZWIxMTEyN2I0
M2U4NDY1OThhYjkxZGU5OGU1NzlhMzM0YmVlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt08SByWg5g/oevsobaU/8ZjHW0uexp5NAJ8t1YktuN7nNq
zaGyXBBx7r2wK2dqsopc8atdJQjDPf2YduosVnfTGa09d4tZ+ZwL8VXLZ+sg2sS3
58f39bGtJ88M9jCIIAySlWGpq8pelTpMkHdjG299lNrcmer6yshywTMXaemMOYwj
BSTAtsrzhU1RzYJAMBUGrHFboc3GBixUEEX6HJ8M74SgBSOkufeCyK3R1/0JvdOS
XCCsI2O3CNW7DJW6psYnkhDqUpfGr2XoI470Y0b0oNRcQnx4Ah+5hCmbSv10wswz
NcAcW5wd/wdwXm7Ts58ajuhoS4f61msSFMQIApcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ8brERJ7Q+hGWYq5HemOV5ozS+4TAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1BHNnhFU2UwUG9SbG1LdVIzcGpsZWFNMHZ1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFz5MAMEAFz5MzANBgkqhkiG9w0B
AQsFAAOCAQEATgYQeWlw0N6EFRZCJ7OelTabmJrC7FCDnnJObcCT7JN0mx3/OsRE
KNfb8FeZIPtx/4tYmiA9TvRqdqlgWQz8sxpzMTcPw+nlD3wHbkHV3T3uJlfpdErt
sG/3d5NrrmIK1aCiVqiATJDizzNinxA4NfXf91r0C4nyEqRO7svFVc2uXqIoqt7s
zEJ4KcpKg+R6Vi45IsbK8Hyzub1mNi1QKzf4sErCdtzA5B3K3nqln1eiNPN/UKFD
9Sl9c211fswVqtUubiakxYkgKBhHLQ8iVfEz6P3idjfR9zhVOotZywL6Aqpvl75g
o8jDhnqYoL4yjzHOLyDWIqHbNvtmj1omfQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org