Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/72-mPBPejLnrRl7VyP8bM3B5RDk.roa
File: 72-mPBPejLnrRl7VyP8bM3B5RDk.roa (raw, json)
Hash identifier: fNrmzr+gHV1eN7vp6vG2FIv2fBF4Q5irZflySMyFArs=
Subject key identifier: EF:6F:A6:3C:13:DE:8C:B9:EB:46:5E:D5:C8:FF:1B:33:70:79:44:39
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 0188293A1C6776AC13A0ADBD9BE1385DF286
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/72-mPBPejLnrRl7VyP8bM3B5RDk.roa
Signing time: Wed 17 May 2023 10:20:54 +0000
ROA not before: Wed 17 May 2023 10:20:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59441
IP address blocks: 185.83.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:3a:1c:67:76:ac:13:a0:ad:bd:9b:e1:38:5d:f2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: May 17 10:20:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef6fa63c13de8cb9eb465ed5c8ff1b3370794439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:51:d9:17:55:f1:e0:a7:a3:6e:0e:46:c2:a1:
30:35:e3:2c:81:fe:6a:b1:61:91:5e:64:f3:73:9c:
1f:8e:87:9e:0a:fe:78:4e:6a:42:1f:b0:de:0c:77:
7e:c9:b2:7c:ef:49:2f:4a:a7:32:cd:2b:a8:c0:7b:
df:16:63:df:a5:be:17:38:9f:7e:4a:31:25:c2:5f:
b5:81:27:17:09:39:91:14:1b:1e:ba:07:d8:91:f4:
e6:7c:ce:71:6d:3b:d7:fd:fd:77:33:28:05:15:f3:
bf:5f:be:ec:04:61:37:39:4e:81:70:7a:9b:fc:78:
87:e5:f0:c9:81:79:f7:dc:b4:35:cf:f5:64:ac:8f:
ad:bf:01:d2:ec:8d:a8:ad:65:37:ad:d7:30:7e:0b:
b1:4d:31:e9:2f:da:76:cd:d6:a2:a8:31:c2:30:e7:
87:28:5b:3f:81:f5:29:2e:4a:7e:1b:d2:d3:82:c5:
73:2e:09:76:f0:85:f2:97:bb:f6:7a:32:98:67:f8:
eb:c6:ff:a2:2f:91:2f:68:b3:98:ba:4b:dd:64:ba:
6e:aa:4c:d6:89:73:b3:27:17:ed:e3:3d:6e:f5:32:
72:f9:cf:6d:7c:1c:ed:9a:3d:fc:9b:e5:a2:78:04:
21:b0:44:da:88:12:0b:fd:54:28:16:16:c3:26:4f:
95:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6F:A6:3C:13:DE:8C:B9:EB:46:5E:D5:C8:FF:1B:33:70:79:44:39
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/72-mPBPejLnrRl7VyP8bM3B5RDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.181.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:64:84:ed:ad:21:fc:b1:48:1a:30:67:89:6e:77:b3:c6:0a:
17:02:8c:60:3a:71:b3:75:a2:b3:61:bf:d3:83:d4:fb:5d:70:
22:61:cc:8c:74:8c:05:64:f2:2c:f9:01:47:63:d3:31:a7:93:
ee:3b:b1:c7:9a:d2:b5:20:57:a7:95:2a:04:8e:5f:0b:5f:ba:
34:34:c4:b6:4c:1d:83:f2:00:ee:fa:03:81:a9:58:43:b0:58:
9a:79:fb:8d:7d:f3:ce:b9:60:3b:93:a5:1d:3b:c5:39:74:9e:
79:e6:3b:61:d2:b1:58:ba:c5:df:2a:1a:21:aa:ae:c4:54:f7:
e1:57:16:9f:3f:0a:ff:ea:ae:2a:4c:84:52:24:c8:a1:f1:6a:
6a:f7:81:83:41:05:e7:ee:77:8d:41:b0:c5:9d:f2:6b:65:46:
aa:ff:df:e8:7a:96:bf:16:1f:2d:f0:45:dd:8e:fd:c7:bd:74:
fe:57:5a:1b:6f:4e:2a:e6:3e:79:2e:2b:ee:21:e4:a7:98:37:
62:91:db:c5:89:a8:f6:42:c2:4b:c7:3b:d0:45:7a:3f:24:f2:
58:d4:e5:6b:4b:0d:e8:fd:27:04:1e:21:2f:74:6f:f9:4c:16:
63:6d:c4:4f:0f:76:0a:a9:9c:9f:d3:e2:06:fc:04:f7:a5:33:
5f:8c:85:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgpOhxndqwToK29m+E4XfKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMwNTE3MTAyMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZmYTYzYzEzZGU4Y2I5ZWI0NjVlZDVjOGZmMWIzMzcwNzk0NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilHZF1Xx4Kejbg5GwqEwNeMsgf5q
sWGRXmTzc5wfjoeeCv54TmpCH7DeDHd+ybJ870kvSqcyzSuowHvfFmPfpb4XOJ9+
SjElwl+1gScXCTmRFBseugfYkfTmfM5xbTvX/f13MygFFfO/X77sBGE3OU6BcHqb
/HiH5fDJgXn33LQ1z/VkrI+tvwHS7I2orWU3rdcwfguxTTHpL9p2zdaiqDHCMOeH
KFs/gfUpLkp+G9LTgsVzLgl28IXyl7v2ejKYZ/jrxv+iL5EvaLOYukvdZLpuqkzW
iXOzJxft4z1u9TJy+c9tfBztmj38m+WieAQhsETaiBIL/VQoFhbDJk+V6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9vpjwT3oy560Ze1cj/GzNweUQ5MB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvNzItbVBCUGVqTG5yUmw3VnlQOGJNM0I1UkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVO1MA0G
CSqGSIb3DQEBCwUAA4IBAQAOZITtrSH8sUgaMGeJbnezxgoXAoxgOnGzdaKzYb/T
g9T7XXAiYcyMdIwFZPIs+QFHY9Mxp5PuO7HHmtK1IFenlSoEjl8LX7o0NMS2TB2D
8gDu+gOBqVhDsFiaefuNffPOuWA7k6UdO8U5dJ555jth0rFYusXfKhohqq7EVPfh
VxafPwr/6q4qTIRSJMih8Wpq94GDQQXn7neNQbDFnfJrZUaq/9/oepa/Fh8t8EXd
jv3HvXT+V1obb04q5j55LivuIeSnmDdikdvFiaj2QsJLxzvQRXo/JPJY1OVrSw3o
/ScEHiEvdG/5TBZjbcRPD3YKqZyf0+IG/AT3pTNfjIVZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org