Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/g7-RupGoQVOLIgoIreCszZcso6M.roa
File: g7-RupGoQVOLIgoIreCszZcso6M.roa (raw, json)
Hash identifier: Cf0jJlUiFI8zMgWf/wBHQj4zo6DNCmPN/ynaVq8bNug=
Subject key identifier: 83:BF:91:BA:91:A8:41:53:8B:22:0A:08:AD:E0:AC:CD:97:2C:A3:A3
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 01856BC1046CF5BF26763BEE8D6D2DFEFED1
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/g7-RupGoQVOLIgoIreCszZcso6M.roa
Signing time: Sun 01 Jan 2023 05:14:49 +0000
ROA not before: Sun 01 Jan 2023 05:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16200
IP address blocks: 92.118.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:04:6c:f5:bf:26:76:3b:ee:8d:6d:2d:fe:fe:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 05:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83bf91ba91a841538b220a08ade0accd972ca3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e7:8f:c0:17:98:dc:67:d9:33:ab:2e:3a:02:
3d:14:64:62:2e:ab:88:d3:f4:f9:27:07:44:4d:66:
ba:2b:d3:86:fa:9a:0a:62:20:62:40:22:cb:cf:60:
1f:37:47:57:3a:a9:f2:48:6a:26:68:32:a2:1a:e6:
b2:f0:89:58:4a:19:b8:55:63:5c:ca:9f:86:fd:aa:
5f:69:b7:4d:dc:49:02:45:f4:9f:e2:40:4f:08:c3:
05:eb:ec:81:df:4a:bd:ea:e6:50:70:25:a6:b3:af:
1f:0b:41:3a:87:60:4c:1d:dd:7e:c2:ba:d4:0c:1a:
3a:db:d2:75:e7:b0:cc:4e:0d:d3:20:8c:61:c8:77:
72:af:92:17:a8:4e:13:cb:a1:63:af:8a:52:27:82:
b4:d9:c9:9b:55:73:97:db:f1:b8:3f:2f:2a:67:77:
0a:b8:3a:60:96:9e:fc:1c:67:06:40:0b:a3:8c:2f:
2a:7c:79:c9:a3:ee:7f:b2:e3:ad:76:b9:30:5f:a5:
2f:fa:46:a2:8a:0f:f3:f3:2f:72:d9:83:d5:78:6e:
d6:87:c6:bd:20:13:15:e8:9e:6e:c0:9a:8e:fd:15:
da:78:e1:65:15:f6:d5:f9:4f:64:dd:dd:72:4c:27:
7b:51:0d:54:1c:de:73:ed:08:07:48:1f:69:d4:01:
1b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BF:91:BA:91:A8:41:53:8B:22:0A:08:AD:E0:AC:CD:97:2C:A3:A3
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/g7-RupGoQVOLIgoIreCszZcso6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.8.0/22
Signature Algorithm: sha256WithRSAEncryption
02:6c:4d:5d:40:99:83:d6:94:a0:bb:bf:e7:db:cc:91:70:51:
b5:b3:5a:50:2f:2d:e7:a5:f8:80:d4:78:ff:75:e0:fe:31:05:
42:ec:b8:35:f1:c7:52:47:8d:a3:da:9e:e8:12:9b:b1:80:08:
e9:10:77:0b:f5:2f:db:14:38:ef:53:4f:e1:68:5d:1c:4e:fe:
a2:25:58:a8:62:9d:62:10:ec:e7:b3:44:74:81:bc:6b:f2:d9:
c0:ea:ed:8e:f5:1e:2c:ee:97:58:44:ab:2c:8e:84:9a:64:99:
2e:7b:79:95:32:ed:9d:42:f6:d8:7b:ab:cf:8b:d8:1d:a6:58:
c3:38:b0:0d:19:59:08:ca:49:ca:bf:dd:e1:10:f8:d7:96:7f:
23:1e:24:1e:9c:0a:43:b8:e7:df:ee:b1:01:d6:1e:f8:74:75:
87:91:6e:1b:76:cc:2c:da:c5:4d:d1:81:33:96:fa:85:4f:0f:
77:0d:8f:a3:28:c6:b1:48:38:6c:c0:4a:e1:9c:4c:34:a2:68:
3f:d7:56:69:d3:27:44:8f:d9:ef:c8:79:70:8e:db:96:5a:44:
2e:ef:3f:13:40:f4:4f:69:30:50:32:25:0f:50:8e:2c:76:d6:
2a:28:75:94:1a:e9:dc:31:9d:61:df:8b:35:da:48:64:d3:37:
47:0a:6e:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwQRs9b8mdjvujW0t/v7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjMwMTAxMDUxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JmOTFiYTkxYTg0MTUzOGIyMjBhMDhhZGUwYWNjZDk3MmNhM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOePwBeY3GfZM6suOgI9FGRiLquI
0/T5JwdETWa6K9OG+poKYiBiQCLLz2AfN0dXOqnySGomaDKiGuay8IlYShm4VWNc
yp+G/apfabdN3EkCRfSf4kBPCMMF6+yB30q96uZQcCWms68fC0E6h2BMHd1+wrrU
DBo629J157DMTg3TIIxhyHdyr5IXqE4Ty6Fjr4pSJ4K02cmbVXOX2/G4Py8qZ3cK
uDpglp78HGcGQAujjC8qfHnJo+5/suOtdrkwX6Uv+kaiig/z8y9y2YPVeG7Wh8a9
IBMV6J5uwJqO/RXaeOFlFfbV+U9k3d1yTCd7UQ1UHN5z7QgHSB9p1AEbaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIO/kbqRqEFTiyIKCK3grM2XLKOjMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvZzctUnVwR29RVk9MSWdvSXJlQ3N6WmNzbzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXHYIMA0G
CSqGSIb3DQEBCwUAA4IBAQACbE1dQJmD1pSgu7/n28yRcFG1s1pQLy3npfiA1Hj/
deD+MQVC7Lg18cdSR42j2p7oEpuxgAjpEHcL9S/bFDjvU0/haF0cTv6iJVioYp1i
EOzns0R0gbxr8tnA6u2O9R4s7pdYRKssjoSaZJkue3mVMu2dQvbYe6vPi9gdpljD
OLANGVkIyknKv93hEPjXln8jHiQenApDuOff7rEB1h74dHWHkW4bdsws2sVN0YEz
lvqFTw93DY+jKMaxSDhswErhnEw0omg/11Zp0ydEj9nvyHlwjtuWWkQu7z8TQPRP
aTBQMiUPUI4sdtYqKHWUGuncMZ1h34s12khk0zdHCm4J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org