Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PUyrTMvduyVkZ9AtJpM6nXdBjiM.roa
File: PUyrTMvduyVkZ9AtJpM6nXdBjiM.roa (raw, json)
Hash identifier: hey5K9Vug6k/eRKl4FTbdDoklCLMAOWfVwXmfASMito=
Subject key identifier: 3D:4C:AB:4C:CB:DD:BB:25:64:67:D0:2D:26:93:3A:9D:77:41:8E:23
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01867992C8B77054B6B6A5641F86A076FD4E
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PUyrTMvduyVkZ9AtJpM6nXdBjiM.roa
Signing time: Wed 22 Feb 2023 14:41:48 +0000
ROA not before: Wed 22 Feb 2023 14:41:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 45.66.116.0/24 maxlen: 24
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:92:c8:b7:70:54:b6:b6:a5:64:1f:86:a0:76:fd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 22 14:41:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d4cab4ccbddbb256467d02d26933a9d77418e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:72:c6:ac:d1:e1:3c:78:6a:ba:35:0f:72:
84:82:7e:9f:f9:28:ba:97:c6:13:73:41:fe:af:63:
6f:03:54:6b:47:e0:63:28:6d:c2:47:58:61:77:b1:
7f:4a:2b:c7:ce:c3:c5:e5:16:94:15:20:44:a3:4b:
68:6d:dc:93:25:8c:94:fc:bb:32:2c:03:f3:6e:5d:
28:77:6f:ef:68:11:07:bd:ca:55:73:bf:e0:1c:2a:
91:60:39:28:7a:e9:c2:64:02:de:45:59:81:dc:85:
cd:0e:2d:05:d9:10:a5:2e:4a:7b:f6:02:a1:ae:4b:
0e:f9:a1:37:f2:ca:9e:58:c6:8c:b4:2c:d4:e4:2e:
ef:3c:45:83:97:39:47:e4:c6:03:5d:b2:9d:ff:49:
e6:2e:3a:af:26:d2:74:93:36:a2:41:a9:be:23:26:
68:8e:0e:82:47:a8:b3:05:b1:13:fc:21:59:ed:27:
6b:9d:e6:91:ab:65:47:81:c3:fc:63:42:e3:1d:52:
6f:cd:5f:30:7e:55:3a:63:8b:5e:ad:ba:8b:85:7c:
62:8d:09:51:5c:2e:89:aa:cb:8e:8d:4b:33:5d:26:
0a:18:24:2d:ef:f3:ca:21:d9:6d:73:f2:a7:fa:1b:
f8:e5:47:b2:14:e4:bf:1e:bc:05:82:0f:81:12:37:
df:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4C:AB:4C:CB:DD:BB:25:64:67:D0:2D:26:93:3A:9D:77:41:8E:23
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PUyrTMvduyVkZ9AtJpM6nXdBjiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.116.0/24
92.118.114.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c2:79:56:f9:cf:bb:5a:21:2d:8e:17:7b:4b:79:ee:a9:47:
88:ff:39:51:fa:10:8d:af:e2:ec:25:29:6e:fe:ec:de:46:c0:
35:45:2e:39:52:f4:ee:00:70:0b:bf:da:1f:5c:37:d7:e2:37:
5f:9b:75:9f:26:cb:5c:96:e4:c1:17:69:38:d7:84:0e:fe:05:
2f:b7:c7:f8:ad:20:a9:0f:4f:0e:cf:64:30:4a:9a:c8:d5:7b:
cf:66:9a:7b:b6:78:f5:80:f6:39:72:33:e3:ac:e5:15:41:64:
a8:3c:9b:1d:a9:79:0d:29:e2:ae:d8:84:0e:53:d4:ba:12:af:
0e:d4:59:71:5c:35:5d:a9:68:4f:c0:a9:6f:58:75:42:d6:42:
26:bb:af:62:f3:40:65:1e:e1:a1:67:fd:25:61:aa:4f:de:12:
93:1d:fb:a9:af:d9:f7:74:87:73:b7:ee:d0:8e:99:e6:fa:cf:
2e:29:64:58:a2:f8:6c:64:f2:bc:4e:6a:ae:ee:72:24:8e:4b:
21:64:0f:f8:b7:0a:16:05:19:98:93:5f:45:ff:f4:20:e2:47:
94:d3:2f:b1:98:88:f3:ca:bf:4c:a6:69:39:37:f1:e0:64:ad:
50:00:08:07:f1:b2:c5:59:5c:4f:8a:9c:92:ef:99:6a:20:f1:
c4:4b:73:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ5ksi3cFS2tqVkH4agdv1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjIyMTQ0MTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRjYWI0Y2NiZGRiYjI1NjQ2N2QwMmQyNjkzM2E5ZDc3NDE4ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVhyxqzR4Tx4aro1D3KEgn6f+Si6
l8YTc0H+r2NvA1RrR+BjKG3CR1hhd7F/SivHzsPF5RaUFSBEo0tobdyTJYyU/Lsy
LAPzbl0od2/vaBEHvcpVc7/gHCqRYDkoeunCZALeRVmB3IXNDi0F2RClLkp79gKh
rksO+aE38sqeWMaMtCzU5C7vPEWDlzlH5MYDXbKd/0nmLjqvJtJ0kzaiQam+IyZo
jg6CR6izBbET/CFZ7SdrneaRq2VHgcP8Y0LjHVJvzV8wflU6Y4terbqLhXxijQlR
XC6JqsuOjUszXSYKGCQt7/PKIdltc/Kn+hv45UeyFOS/HrwFgg+BEjfflwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1Mq0zL3bslZGfQLSaTOp13QY4jMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUFV5clRNdmR1eVZrWjlBdEpwTTZuWGRCamlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUJ0AwQB
XHZyMA0GCSqGSIb3DQEBCwUAA4IBAQBTwnlW+c+7WiEtjhd7S3nuqUeI/zlR+hCN
r+LsJSlu/uzeRsA1RS45UvTuAHALv9ofXDfX4jdfm3WfJstcluTBF2k414QO/gUv
t8f4rSCpD08Oz2QwSprI1XvPZpp7tnj1gPY5cjPjrOUVQWSoPJsdqXkNKeKu2IQO
U9S6Eq8O1FlxXDVdqWhPwKlvWHVC1kImu69i80BlHuGhZ/0lYapP3hKTHfupr9n3
dIdzt+7Qjpnm+s8uKWRYovhsZPK8Tmqu7nIkjkshZA/4twoWBRmYk19F//Qg4keU
0y+xmIjzyr9Mpmk5N/HgZK1QAAgH8bLFWVxPipyS75lqIPHES3NY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org