Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YPY1hfREdgGkLFeZUa-s4vOwXsU.roa
File: YPY1hfREdgGkLFeZUa-s4vOwXsU.roa (raw, json)
Hash identifier: eDgLNUiLh/XRVn8VmJRQPiNMCU4B8ZyPUCLrg6rRIFs=
Subject key identifier: 60:F6:35:85:F4:44:76:01:A4:2C:57:99:51:AF:AC:E2:F3:B0:5E:C5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1471AA26
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YPY1hfREdgGkLFeZUa-s4vOwXsU.roa
Signing time: Thu 24 Mar 2022 19:33:06 +0000
ROA not before: Thu 24 Mar 2022 19:33:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209945
IP address blocks: 5.252.168.0/22 maxlen: 22
92.118.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342993446 (0x1471aa26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 24 19:33:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60f63585f4447601a42c579951aface2f3b05ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:19:bc:c4:ba:83:bf:67:ad:e8:fe:12:64:5c:
12:70:24:22:7a:5d:83:a9:4f:ae:e5:2e:71:d0:3b:
12:a6:18:73:a7:2a:b2:6a:fc:b2:9b:d0:a8:bd:07:
48:13:a2:81:5d:ac:8b:d1:9f:93:92:9e:40:47:00:
81:94:12:98:04:0c:db:58:7b:60:1f:b5:4f:08:aa:
93:f1:61:dd:6b:f2:0c:a8:61:19:04:58:77:7e:a2:
6f:80:66:84:52:05:ab:c0:c8:59:89:9b:a3:f5:18:
8b:38:6d:6f:ce:47:95:7a:59:fb:4a:6a:86:80:c4:
60:eb:b0:af:7c:4d:61:e1:30:92:69:73:ee:6f:8d:
78:05:89:4e:77:9c:43:a2:14:89:75:b0:9e:7c:8b:
84:81:85:79:20:63:4f:e0:0a:31:6d:66:c3:3d:f1:
34:89:1a:34:e6:02:49:ea:10:2d:f6:89:52:e9:33:
b9:34:60:03:43:33:8e:c3:7c:f0:aa:b7:96:4a:de:
7c:1d:4c:d8:fe:94:7c:7e:4a:af:5f:1e:ef:41:1a:
bc:01:10:84:0d:b2:d4:7b:72:3c:00:f6:5a:fe:a4:
53:4a:a5:3d:e8:6f:c1:40:40:10:d6:a0:78:8a:eb:
14:2b:2b:dd:92:ed:a6:a8:e6:d7:14:c0:e7:88:0c:
2c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F6:35:85:F4:44:76:01:A4:2C:57:99:51:AF:AC:E2:F3:B0:5E:C5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YPY1hfREdgGkLFeZUa-s4vOwXsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.168.0/22
92.118.108.0/24
Signature Algorithm: sha256WithRSAEncryption
88:0c:be:74:7a:da:d2:b3:36:f0:5c:94:f2:22:0e:50:d3:84:
73:4a:ec:1c:a8:03:85:60:aa:c0:a6:a0:fd:4d:0f:f2:fe:a6:
1e:81:8e:ad:a6:dd:1e:9d:77:c5:67:49:dc:2a:d1:7e:27:a3:
f3:93:61:8f:d6:2b:f6:8a:46:0e:87:87:63:5a:20:a1:e9:c6:
94:22:8a:30:e5:9d:79:68:88:4d:ec:24:33:8c:21:d0:13:37:
d3:32:23:fd:ca:d8:1a:c6:10:89:55:d5:cf:92:45:9c:8e:02:
02:c8:6a:45:3b:5b:08:78:63:23:a6:08:f5:92:10:d9:ad:08:
26:1e:42:f7:c8:a6:60:d9:e8:bf:69:30:82:52:09:01:3d:34:
43:40:22:77:32:b8:21:06:03:1b:f6:33:46:6d:a0:64:3b:06:
29:b9:63:dd:0c:aa:88:d5:38:2a:0f:4f:24:b8:31:29:cc:ff:
3b:44:0c:99:0a:15:19:d2:43:01:1e:1e:9d:f7:62:8c:0f:93:
37:b5:9f:17:8c:4d:bc:78:2e:e4:cc:36:61:2e:36:4d:9b:44:
2a:29:ce:a4:60:5a:9b:df:15:03:93:b9:67:a5:8d:e1:47:0f:
77:a1:d3:89:9c:5b:68:a6:fe:24:70:d3:da:c5:61:ff:8a:f6:
21:aa:93:31
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFHGqJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMy
NDE5MzMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBmNjM1ODVmNDQ0
NzYwMWE0MmM1Nzk5NTFhZmFjZTJmM2IwNWVjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkZvMS6g79nrej+EmRcEnAkInpdg6lPruUucdA7EqYYc6cq
smr8spvQqL0HSBOigV2si9Gfk5KeQEcAgZQSmAQM21h7YB+1Twiqk/Fh3WvyDKhh
GQRYd36ib4BmhFIFq8DIWYmbo/UYizhtb85HlXpZ+0pqhoDEYOuwr3xNYeEwkmlz
7m+NeAWJTnecQ6IUiXWwnnyLhIGFeSBjT+AKMW1mwz3xNIkaNOYCSeoQLfaJUukz
uTRgA0MzjsN88Kq3lkrefB1M2P6UfH5Kr18e70EavAEQhA2y1HtyPAD2Wv6kU0ql
PehvwUBAENageIrrFCsr3ZLtpqjm1xTA54gMLA8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRg9jWF9ER2AaQsV5lRr6zi87BexTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L1lQWTFoZlJFZGdHa0xGZVpVYS1zNHZPd1hzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgX8qAMEAFx2bDANBgkqhkiG9w0B
AQsFAAOCAQEAiAy+dHra0rM28FyU8iIOUNOEc0rsHKgDhWCqwKag/U0P8v6mHoGO
rabdHp13xWdJ3CrRfiej85Nhj9Yr9opGDoeHY1ogoenGlCKKMOWdeWiITewkM4wh
0BM30zIj/crYGsYQiVXVz5JFnI4CAshqRTtbCHhjI6YI9ZIQ2a0IJh5C98imYNno
v2kwglIJAT00Q0AidzK4IQYDG/YzRm2gZDsGKblj3QyqiNU4Kg9PJLgxKcz/O0QM
mQoVGdJDAR4enfdijA+TN7WfF4xNvHgu5Mw2YS42TZtEKinOpGBam98VA5O5Z6WN
4UcPd6HTiZxbaKb+JHDT2sVh/4r2IaqTMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org