Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/oT6H4UU6e1WtLS4MOHBcDFjxvDQ.roa
File: oT6H4UU6e1WtLS4MOHBcDFjxvDQ.roa (raw, json)
Hash identifier: FJOXrqpBpmwaT2z4ZcYrAYsQts9tE5PP0C2nSyzwi3c=
Subject key identifier: A1:3E:87:E1:45:3A:7B:55:AD:2D:2E:0C:38:70:5C:0C:58:F1:BC:34
Certificate issuer: /CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Certificate serial: 06DEC4E2
Authority key identifier: 92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/oT6H4UU6e1WtLS4MOHBcDFjxvDQ.roa
Signing time: Sat 01 Jan 2022 09:06:33 +0000
ROA not before: Sat 01 Jan 2022 09:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206119
IP address blocks: 194.1.244.0/24 maxlen: 24
194.1.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115262690 (0x6dec4e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Validity
Not Before: Jan 1 09:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a13e87e1453a7b55ad2d2e0c38705c0c58f1bc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:18:27:ae:1a:50:99:2d:7d:73:a0:e7:b5:
e7:be:4e:0d:cf:98:80:56:92:57:ed:49:d0:a2:6a:
02:f1:89:6a:0a:3f:9e:13:86:06:36:0d:61:3e:3c:
4e:f5:ef:a9:d0:ba:64:7b:f0:d7:30:fb:e2:6c:fe:
4a:03:fd:5e:9b:8f:b2:b4:33:40:6e:c1:ca:3b:19:
f0:5f:38:ef:7c:70:09:50:34:f5:36:3e:45:6c:34:
3f:eb:ea:4e:03:ab:4f:14:c8:f0:2d:b4:7d:31:aa:
82:8b:a3:8a:c8:20:b4:50:73:a4:1e:cb:b5:f2:3c:
05:96:2a:1b:a3:e1:21:e8:ae:4b:da:92:40:47:57:
fd:4c:db:bc:10:bd:68:83:4c:9c:c1:f0:ae:a6:36:
99:10:a0:2b:5b:ed:d9:37:68:c6:52:a3:4e:3a:39:
ec:93:31:7a:84:b1:d0:4e:b3:f3:63:59:35:c8:57:
23:f0:69:47:c9:cb:89:73:ec:37:40:2f:8c:69:87:
5b:c1:03:55:d5:97:6e:50:aa:22:24:6c:7e:04:f6:
22:b7:5a:19:54:c9:40:8c:bf:e2:f9:be:92:c5:ea:
b0:8f:8b:a1:84:4c:dc:87:a1:5a:65:ed:cb:33:a1:
eb:5b:de:61:c1:c1:f3:80:fd:67:08:70:47:d0:be:
2c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3E:87:E1:45:3A:7B:55:AD:2D:2E:0C:38:70:5C:0C:58:F1:BC:34
X509v3 Authority Key Identifier:
keyid:92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/oT6H4UU6e1WtLS4MOHBcDFjxvDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/khPywtBsZLiVRXq1D8SSAoOknMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.218.0/24
194.1.244.0/24
Signature Algorithm: sha256WithRSAEncryption
95:53:1d:86:da:78:ef:4e:5f:57:a1:71:7f:f9:d3:3f:6a:8e:
c5:15:2c:55:00:0a:89:df:72:4a:ae:0a:d4:a9:83:b3:fa:74:
6b:ac:32:69:b7:87:36:ea:55:8d:ce:66:f0:f1:e3:ae:54:be:
8c:01:be:9d:73:3e:28:8f:1e:98:88:90:bd:07:f3:68:ba:b8:
fd:23:23:51:0d:97:af:d5:bf:09:d6:92:e1:e9:36:99:ef:16:
e2:80:c4:5e:b7:db:f4:3a:ca:2a:af:b1:7b:4a:b6:b0:60:92:
ad:50:70:ee:d0:25:f7:76:48:e6:98:89:30:71:b3:e3:fd:95:
e9:ff:10:c2:a0:01:1e:64:b7:b6:64:93:6c:01:80:6d:5f:07:
58:9e:f2:d1:ff:dd:63:f4:73:68:c8:1e:82:38:c8:d1:99:d5:
15:76:17:82:e2:64:17:61:59:3b:ff:2f:11:64:60:7b:97:db:
85:e4:20:0b:cd:ce:0f:c4:90:12:23:57:30:56:d6:5f:4d:ae:
8b:f1:01:2a:ff:78:0a:df:ca:20:6c:b1:be:2b:93:bc:bc:24:
f5:d7:d2:93:b9:0c:15:be:ee:5b:93:70:f9:16:8d:7a:01:17:
a2:77:a5:95:35:6e:33:a5:34:56:b8:c6:d0:93:c9:61:e0:aa:
65:e0:21:3f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBt7E4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjEzZjJjMmQwNmM2NGI4OTU0NTdhYjUwZmM0OTIwMjgzYTQ5Y2M3MB4XDTIyMDEw
MTA5MDYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEzZTg3ZTE0NTNh
N2I1NWFkMmQyZTBjMzg3MDVjMGM1OGYxYmMzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYeGCeuGlCZLX1zoOe1575ODc+YgFaSV+1J0KJqAvGJago/
nhOGBjYNYT48TvXvqdC6ZHvw1zD74mz+SgP9XpuPsrQzQG7ByjsZ8F8473xwCVA0
9TY+RWw0P+vqTgOrTxTI8C20fTGqgoujisggtFBzpB7LtfI8BZYqG6PhIeiuS9qS
QEdX/UzbvBC9aINMnMHwrqY2mRCgK1vt2TdoxlKjTjo57JMxeoSx0E6z82NZNchX
I/BpR8nLiXPsN0AvjGmHW8EDVdWXblCqIiRsfgT2IrdaGVTJQIy/4vm+ksXqsI+L
oYRM3IehWmXtyzOh61veYcHB84D9ZwhwR9C+LGECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBShPofhRTp7Va0tLgw4cFwMWPG8NDAfBgNVHSMEGDAWgBSSE/LC0GxkuJVF
erUPxJICg6ScxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2toUHl3dEJzWkxpVlJYcTFEOFNTQW9Pa25NYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvMzFhNmE0LThhOWQtNDdhMi04ZmJiLWI5ZGZmM2U3YTMyZS8x
L29UNkg0VVU2ZTFXdExTNE1PSEJjREZqeHZEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
MzFhNmE0LThhOWQtNDdhMi04ZmJiLWI5ZGZmM2U3YTMyZS8xL2toUHl3dEJzWkxp
VlJYcTFEOFNTQW9Pa25NYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMIB2gMEAMIB9DANBgkqhkiG9w0B
AQsFAAOCAQEAlVMdhtp4705fV6Fxf/nTP2qOxRUsVQAKid9ySq4K1KmDs/p0a6wy
abeHNupVjc5m8PHjrlS+jAG+nXM+KI8emIiQvQfzaLq4/SMjUQ2Xr9W/CdaS4ek2
me8W4oDEXrfb9DrKKq+xe0q2sGCSrVBw7tAl93ZI5piJMHGz4/2V6f8QwqABHmS3
tmSTbAGAbV8HWJ7y0f/dY/RzaMgegjjI0ZnVFXYXguJkF2FZO/8vEWRge5fbheQg
C83OD8SQEiNXMFbWX02ui/EBKv94Ct/KIGyxviuTvLwk9dfSk7kMFb7uW5Nw+RaN
egEXonellTVuM6U0VrjG0JPJYeCqZeAhPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org