Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CSt4F78pD4D7JmXeoAOS0Vp8Zi8.roa
File: CSt4F78pD4D7JmXeoAOS0Vp8Zi8.roa (raw, json)
Hash identifier: VgE7TEx8KSf3MGPkOUIPtFG3Ysg/Z8VJdPesF810YGI=
Subject key identifier: 09:2B:78:17:BF:29:0F:80:FB:26:65:DE:A0:03:92:D1:5A:7C:66:2F
Certificate issuer: /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial: 01856F42A08E2E0E1D8FAA1CA7C5C4565352
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CSt4F78pD4D7JmXeoAOS0Vp8Zi8.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21734
IP address blocks: 95.172.76.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a0:8e:2e:0e:1d:8f:aa:1c:a7:c5:c4:56:53:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=092b7817bf290f80fb2665dea00392d15a7c662f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:0b:90:07:70:ef:3e:24:83:17:aa:0f:08:
a3:6d:49:e1:16:ac:e4:00:ab:64:2e:58:c5:4a:bd:
38:3d:55:8c:1d:c6:41:b8:e2:5f:96:f8:77:19:a2:
6f:53:03:f2:a0:89:ca:47:39:39:80:a4:2b:eb:25:
05:71:94:df:25:54:e9:23:b7:49:fc:85:41:56:a9:
ef:1a:dc:cf:72:f7:92:9b:ac:b6:ff:cb:a0:b3:62:
ef:7b:ca:70:bf:fb:d5:81:f0:47:95:34:93:45:c4:
b7:c5:38:4e:27:b7:6f:84:53:f6:ac:65:3c:59:c7:
a7:db:bd:34:65:b9:c0:3b:15:7e:23:1c:d6:38:78:
37:d1:8d:1f:c1:e3:d6:43:c4:6e:c7:36:e8:ef:40:
1e:a1:67:79:4b:c0:e0:7d:a7:43:5e:b4:ce:96:23:
4f:90:71:0e:cb:d4:c1:14:f2:72:ee:72:ff:94:8a:
25:f0:06:e8:52:f4:50:0c:cb:53:65:9e:35:2d:f3:
39:ce:12:bf:fc:07:a6:81:a7:7e:27:2d:09:9f:a9:
77:bf:63:f1:ad:08:03:e7:6d:4d:b1:cb:fe:f9:da:
ca:1b:11:02:00:52:9a:a2:a2:5c:18:b6:e5:8f:24:
c9:07:e0:ca:c3:5b:0a:60:00:13:5c:c3:69:7e:76:
e5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2B:78:17:BF:29:0F:80:FB:26:65:DE:A0:03:92:D1:5A:7C:66:2F
X509v3 Authority Key Identifier:
keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CSt4F78pD4D7JmXeoAOS0Vp8Zi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.172.76.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5b:f1:0f:94:0d:b7:a7:8b:55:8c:79:3c:6d:68:46:4e:19:
3f:6e:e4:4d:7a:b2:84:a1:76:fa:92:3f:1a:11:91:c2:85:12:
ab:51:04:3b:58:fb:26:6a:83:d9:88:cc:37:47:9d:6f:a0:dc:
e1:58:49:54:9b:d9:8f:7f:d5:79:6e:af:e7:0c:52:2d:83:42:
42:60:96:a8:24:bf:f9:2c:62:13:32:12:7d:f0:06:dc:7c:86:
92:7d:10:08:63:6e:6f:35:25:f9:24:ee:ea:2e:b8:c3:b6:01:
98:80:bc:fd:48:3d:da:1d:d4:f2:c4:22:3d:2b:72:51:15:cc:
80:65:d8:39:d1:be:08:13:b7:aa:b9:ad:4c:af:3b:b4:69:ab:
98:3a:f5:1f:e9:c1:d0:04:6d:03:8f:9f:86:bf:47:1e:7a:d3:
34:06:95:90:55:26:7f:98:61:6e:91:1e:bc:a1:ef:6d:3b:8c:
ef:c1:43:ed:95:3a:b9:4e:be:54:d9:14:79:46:dd:66:b9:70:
bc:8c:d6:4d:38:69:cb:4b:58:e8:be:67:bf:a9:ee:d3:f6:7c:
d3:0f:57:59:7d:e7:71:ff:58:89:6d:ee:f0:3e:c9:3e:be:3b:
46:26:81:01:25:a8:27:91:40:6e:43:e9:b4:9e:ae:12:06:54:
5b:9a:0e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqCOLg4dj6ocp8XEVlNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTJiNzgxN2JmMjkwZjgwZmIyNjY1ZGVhMDAzOTJkMTVhN2M2NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYALkAdw7z4kgxeqDwijbUnhFqzk
AKtkLljFSr04PVWMHcZBuOJflvh3GaJvUwPyoInKRzk5gKQr6yUFcZTfJVTpI7dJ
/IVBVqnvGtzPcveSm6y2/8ugs2Lve8pwv/vVgfBHlTSTRcS3xThOJ7dvhFP2rGU8
Wcen2700ZbnAOxV+IxzWOHg30Y0fwePWQ8Ruxzbo70AeoWd5S8DgfadDXrTOliNP
kHEOy9TBFPJy7nL/lIol8AboUvRQDMtTZZ41LfM5zhK//Aemgad+Jy0Jn6l3v2Px
rQgD521Nscv++drKGxECAFKaoqJcGLbljyTJB+DKw1sKYAATXMNpfnblcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkreBe/KQ+A+yZl3qADktFafGYvMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvQ1N0NEY3OHBENEQ3Sm1YZW9BT1MwVnA4Wmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6xMMA0G
CSqGSIb3DQEBCwUAA4IBAQAHW/EPlA23p4tVjHk8bWhGThk/buRNerKEoXb6kj8a
EZHChRKrUQQ7WPsmaoPZiMw3R51voNzhWElUm9mPf9V5bq/nDFItg0JCYJaoJL/5
LGITMhJ98AbcfIaSfRAIY25vNSX5JO7qLrjDtgGYgLz9SD3aHdTyxCI9K3JRFcyA
Zdg50b4IE7equa1Mrzu0aauYOvUf6cHQBG0Dj5+Gv0ceetM0BpWQVSZ/mGFukR68
oe9tO4zvwUPtlTq5Tr5U2RR5Rt1muXC8jNZNOGnLS1jovme/qe7T9nzTD1dZfedx
/1iJbe7wPsk+vjtGJoEBJagnkUBuQ+m0nq4SBlRbmg6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:08 2024 by rpki-client on console-ams.rpki-client.org