Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aOIN7TQ4Bsa9t9epKbpV4FzCGuk.roa
File: aOIN7TQ4Bsa9t9epKbpV4FzCGuk.roa (raw, json)
Hash identifier: gSPbz23wq4Bp0NYlVq8h26fZq0IUrhk1a977KBVzz2I=
Subject key identifier: 68:E2:0D:ED:34:38:06:C6:BD:B7:D7:A9:29:BA:55:E0:5C:C2:1A:E9
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 018CC50140D2BB16B54D79F5A0E2A27699F5
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aOIN7TQ4Bsa9t9epKbpV4FzCGuk.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16200
IP address blocks: 92.118.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:40:d2:bb:16:b5:4d:79:f5:a0:e2:a2:76:99:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68e20ded343806c6bdb7d7a929ba55e05cc21ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:90:a2:88:d4:c6:27:a7:37:ba:e6:a6:80:5a:
1a:28:0f:1c:e8:b5:d9:14:69:57:29:86:ea:5c:0f:
c3:51:a7:07:27:93:f0:0d:4e:f8:00:60:e5:6b:6b:
98:76:3c:60:4c:6e:52:63:20:16:29:d5:b8:64:4e:
9b:79:65:6c:bb:51:fe:93:29:dc:bd:6d:d7:c6:de:
74:d9:fd:8e:c4:e6:35:de:ca:01:2c:70:f2:f5:64:
70:8d:54:b4:54:c2:b6:c3:34:67:0b:98:33:76:1a:
20:5a:b5:32:cd:3e:3a:fe:1c:89:9e:75:25:bb:e5:
5b:1d:06:ab:d7:50:44:a2:4e:7d:b3:4a:61:ee:29:
62:46:bd:58:11:a5:59:12:1a:a7:9c:79:6d:30:00:
b3:c5:a9:90:5a:5e:c3:88:c8:85:33:70:ce:38:8f:
61:23:2b:46:dc:23:8b:d1:d3:08:05:40:17:63:80:
ea:ca:bd:a4:b1:11:d8:1a:ea:f0:0e:43:fe:e2:7c:
8c:55:c2:e5:2e:b3:61:54:76:6d:98:02:16:ba:58:
58:3c:70:0b:f0:30:80:84:a1:13:02:71:e9:84:f4:
26:31:50:00:be:07:4f:12:4a:2d:6f:89:20:d4:56:
d1:fc:e7:fb:c5:9b:5c:d1:86:73:e9:4d:fe:78:fa:
e8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E2:0D:ED:34:38:06:C6:BD:B7:D7:A9:29:BA:55:E0:5C:C2:1A:E9
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/aOIN7TQ4Bsa9t9epKbpV4FzCGuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.8.0/22
Signature Algorithm: sha256WithRSAEncryption
07:4b:a2:82:90:04:fd:43:5f:fd:0e:d8:8f:3c:86:cf:89:65:
66:3a:64:6f:99:c4:e1:05:3e:cf:0c:be:1d:8a:64:ca:ac:6c:
04:0f:9e:4c:08:8a:43:ca:ee:76:7b:50:63:19:6c:6f:ed:a8:
63:ac:e4:f7:8a:41:e0:cb:7c:80:d7:07:e1:fe:32:60:29:eb:
01:05:49:64:49:10:c0:43:75:b9:58:99:42:60:70:b8:b5:f0:
ea:1b:a9:ef:17:07:1d:2b:a8:48:8b:e1:0e:02:0a:68:f1:3f:
cc:81:d0:19:05:36:af:10:a9:aa:c5:78:02:18:78:bf:bc:81:
c8:67:a9:f0:73:9b:d6:c3:08:31:35:fb:eb:fa:6f:63:56:2c:
35:ef:db:a0:b5:af:17:09:f3:69:cf:04:6f:13:94:26:80:63:
61:3e:9b:c2:ed:16:03:8c:35:3b:16:bb:a1:f9:ef:2c:3d:2b:
16:31:dc:4b:72:5b:7d:a3:b7:83:7f:7d:af:34:8d:d1:be:89:
ea:45:79:24:63:7b:8f:71:0d:ea:dc:1a:e3:6a:54:72:88:00:
40:70:c1:54:36:4b:c6:b1:57:ce:6c:01:d7:5f:7d:cf:18:9a:
3f:72:e9:f5:b0:ad:ad:28:f1:e2:7e:38:82:49:e0:86:06:e4:
a8:57:e3:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUDSuxa1TXn1oOKidpn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUyMGRlZDM0MzgwNmM2YmRiN2Q3YTkyOWJhNTVlMDVjYzIxYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZCiiNTGJ6c3uuamgFoaKA8c6LXZ
FGlXKYbqXA/DUacHJ5PwDU74AGDla2uYdjxgTG5SYyAWKdW4ZE6beWVsu1H+kync
vW3Xxt502f2OxOY13soBLHDy9WRwjVS0VMK2wzRnC5gzdhogWrUyzT46/hyJnnUl
u+VbHQar11BEok59s0ph7iliRr1YEaVZEhqnnHltMACzxamQWl7DiMiFM3DOOI9h
IytG3COL0dMIBUAXY4Dqyr2ksRHYGurwDkP+4nyMVcLlLrNhVHZtmAIWulhYPHAL
8DCAhKETAnHphPQmMVAAvgdPEkotb4kg1FbR/Of7xZtc0YZz6U3+ePro8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjiDe00OAbGvbfXqSm6VeBcwhrpMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvYU9JTjdUUTRCc2E5dDllcEticFY0RnpDR3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXHYIMA0G
CSqGSIb3DQEBCwUAA4IBAQAHS6KCkAT9Q1/9DtiPPIbPiWVmOmRvmcThBT7PDL4d
imTKrGwED55MCIpDyu52e1BjGWxv7ahjrOT3ikHgy3yA1wfh/jJgKesBBUlkSRDA
Q3W5WJlCYHC4tfDqG6nvFwcdK6hIi+EOAgpo8T/MgdAZBTavEKmqxXgCGHi/vIHI
Z6nwc5vWwwgxNfvr+m9jViw179ugta8XCfNpzwRvE5QmgGNhPpvC7RYDjDU7Fruh
+e8sPSsWMdxLclt9o7eDf32vNI3RvonqRXkkY3uPcQ3q3BrjalRyiABAcMFUNkvG
sVfObAHXX33PGJo/cun1sK2tKPHifjiCSeCGBuSoV+PL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org