Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/wD7BtU9QqAETbBjgKd5kYZ0d8tY.roa
File: wD7BtU9QqAETbBjgKd5kYZ0d8tY.roa (raw, json)
Hash identifier: btpf5qVZXgZH38BoTCFdRJh/e0WMmtlS46GD4XmUrSo=
Subject key identifier: C0:3E:C1:B5:4F:50:A8:01:13:6C:18:E0:29:DE:64:61:9D:1D:F2:D6
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0186C193FAEA26F5BFF58E8AD7DF9B89264D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/wD7BtU9QqAETbBjgKd5kYZ0d8tY.roa
Signing time: Wed 08 Mar 2023 14:15:46 +0000
ROA not before: Wed 08 Mar 2023 14:15:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61204
IP address blocks: 92.114.93.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:93:fa:ea:26:f5:bf:f5:8e:8a:d7:df:9b:89:26:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Mar 8 14:15:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c03ec1b54f50a801136c18e029de64619d1df2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b1:33:38:62:80:09:04:c6:a0:f9:ca:50:57:
3f:c8:88:49:fc:53:32:b9:04:be:cd:9f:42:4c:a9:
a0:2b:f6:2d:68:0f:0e:04:60:68:b2:87:52:a4:84:
dd:6d:b2:47:f6:e1:3d:8b:ca:02:ca:1d:f4:ce:d1:
a0:c7:ca:30:fe:89:d8:24:fc:70:3b:da:78:ba:dc:
c2:b8:fe:75:a2:f3:ad:30:87:47:db:8a:38:95:01:
d8:92:34:90:18:17:a9:dd:91:af:e9:5d:99:0a:a8:
e8:bc:d9:d9:2d:6a:5d:a8:1c:4e:8e:99:d7:de:76:
28:3e:44:77:76:bd:8b:3f:d8:14:83:c1:b7:10:f5:
be:e2:4c:33:18:c3:ef:bd:58:10:3f:24:37:e5:5d:
a7:46:ba:3a:60:dd:62:7e:4e:8e:1e:61:a8:58:33:
02:48:01:a1:f7:e3:b8:96:81:33:08:62:e5:d5:d6:
3e:98:67:a1:48:95:dd:34:6d:b8:a4:47:34:e5:45:
f1:c0:dd:37:61:d9:ca:79:e3:a2:84:e4:1b:10:4f:
9f:b9:14:58:7e:9c:65:e7:6f:33:08:ab:9a:11:13:
dc:9c:19:f9:25:aa:54:a0:1b:a4:d6:a9:4d:25:34:
e3:5a:8d:13:f3:a7:51:6a:18:ba:c4:2b:e2:57:4b:
1a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3E:C1:B5:4F:50:A8:01:13:6C:18:E0:29:DE:64:61:9D:1D:F2:D6
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/wD7BtU9QqAETbBjgKd5kYZ0d8tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.93.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:a7:90:bd:90:ad:6e:ad:ec:2c:39:ba:18:9c:7c:f8:2b:e9:
c0:c6:e7:39:78:88:95:03:c3:97:27:bc:1c:91:3c:36:17:b3:
a4:15:b5:3d:7c:5c:6f:4b:06:b2:05:84:a3:0d:d7:11:f5:72:
36:af:3b:6b:64:86:cd:6d:5d:0e:ee:37:f5:62:94:44:5d:de:
9f:a1:17:fc:39:87:f1:59:69:52:46:7c:3b:53:ac:06:a3:5d:
d1:91:c5:a9:02:e4:08:76:12:64:f6:59:95:68:fe:96:13:07:
ae:ac:23:1c:fd:4f:48:e8:95:71:5a:52:70:2c:5d:76:2a:f7:
47:43:53:f2:d0:e0:8b:85:ee:84:f7:cc:4f:57:74:c2:b4:b6:
5c:d8:ef:d3:ac:7a:29:55:2c:b3:5b:3d:d9:85:9e:92:a2:6a:
ca:61:83:74:ea:c7:ae:03:50:c7:47:c2:17:34:58:08:c9:9e:
d7:88:98:13:51:98:d0:a1:77:3c:a2:60:f5:db:89:f3:bd:57:
3c:12:51:21:8f:e7:46:e0:a3:2a:e9:fd:7e:19:45:a2:78:fa:
b5:86:44:d2:db:5a:d2:78:b0:71:36:e8:0e:ac:3d:1f:2f:23:
9c:99:b8:f5:d0:9b:c2:cc:bb:9a:32:88:ae:7a:78:c0:34:9e:
c5:20:66:c2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYbBk/rqJvW/9Y6K19+biSZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMzA4MTQxNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNlYzFiNTRmNTBhODAxMTM2YzE4ZTAyOWRlNjQ2MTlkMWRmMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7EzOGKACQTGoPnKUFc/yIhJ/FMy
uQS+zZ9CTKmgK/YtaA8OBGBosodSpITdbbJH9uE9i8oCyh30ztGgx8ow/onYJPxw
O9p4utzCuP51ovOtMIdH24o4lQHYkjSQGBep3ZGv6V2ZCqjovNnZLWpdqBxOjpnX
3nYoPkR3dr2LP9gUg8G3EPW+4kwzGMPvvVgQPyQ35V2nRro6YN1ifk6OHmGoWDMC
SAGh9+O4loEzCGLl1dY+mGehSJXdNG24pEc05UXxwN03YdnKeeOihOQbEE+fuRRY
fpxl528zCKuaERPcnBn5JapUoBuk1qlNJTTjWo0T86dRahi6xCviV0sa0QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMA+wbVPUKgBE2wY4CneZGGdHfLWMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3dEN0J0VTlRcUFFVGJCamdLZDVrWVowZDh0WS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABccl0D
BAC81x8wDQYJKoZIhvcNAQELBQADggEBAJ2nkL2QrW6t7Cw5uhicfPgr6cDG5zl4
iJUDw5cnvByRPDYXs6QVtT18XG9LBrIFhKMN1xH1cjavO2tkhs1tXQ7uN/VilERd
3p+hF/w5h/FZaVJGfDtTrAajXdGRxakC5Ah2EmT2WZVo/pYTB66sIxz9T0jolXFa
UnAsXXYq90dDU/LQ4IuF7oT3zE9XdMK0tlzY79OseilVLLNbPdmFnpKiasphg3Tq
x64DUMdHwhc0WAjJnteImBNRmNChdzyiYPXbifO9VzwSUSGP50bgoyrp/X4ZRaJ4
+rWGRNLbWtJ4sHE26A6sPR8vI5yZuPXQm8LMu5oyiK56eMA0nsUgZsI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org