Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/75ynl2Lq_OxihE2Oywp8O3G5ckA.roa
File: 75ynl2Lq_OxihE2Oywp8O3G5ckA.roa (raw, json)
Hash identifier: B3f9Jzl4KGoSGNuIt0vYq/irQ0hYoVCUhaRFQy8CsDE=
Subject key identifier: EF:9C:A7:97:62:EA:FC:EC:62:84:4D:8E:CB:0A:7C:3B:71:B9:72:40
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01860CAC4F08E7E1F69F6E4BFEA156794660
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/75ynl2Lq_OxihE2Oywp8O3G5ckA.roa
Signing time: Wed 01 Feb 2023 11:11:04 +0000
ROA not before: Wed 01 Feb 2023 11:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205516
IP address blocks: 193.106.99.0/24 maxlen: 24
91.198.101.0/24 maxlen: 24
193.43.250.0/24 maxlen: 24
2a0e:6600::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:ac:4f:08:e7:e1:f6:9f:6e:4b:fe:a1:56:79:46:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Feb 1 11:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef9ca79762eafcec62844d8ecb0a7c3b71b97240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:4e:5d:bc:4c:8b:cf:84:d5:2f:13:4a:6c:
80:cf:9c:cb:10:82:35:36:44:cc:52:51:cf:26:9a:
8f:1c:17:8f:5e:0e:94:c8:0b:da:db:d7:ee:98:f6:
4f:1b:3a:86:5d:d7:cd:cc:de:84:ab:bd:00:f8:1a:
1e:a0:e5:f4:12:14:d5:f3:19:2a:b7:21:b9:85:1f:
d8:32:16:68:77:81:4b:c4:1c:d9:20:7c:a4:fe:fa:
7a:20:16:9a:b7:db:c8:d1:21:d0:b0:be:29:3c:8b:
f5:f6:16:50:47:38:78:38:33:02:8a:57:53:0c:ec:
5d:84:fa:9f:32:f9:62:9e:b6:75:9b:b1:01:15:ab:
8d:30:b2:90:32:03:ab:d0:86:6c:cd:f3:06:21:39:
ca:0b:59:d2:9f:93:13:41:88:b1:4f:57:41:01:93:
ff:9f:e9:c3:d5:72:c8:d0:6d:bb:77:97:01:3c:e9:
83:4e:a3:ed:fb:af:3e:12:bf:53:39:c9:01:78:5d:
c2:d6:1c:1c:b3:c3:49:83:bd:22:8a:ab:09:40:e7:
59:cb:f1:f6:bc:ce:c6:fc:6d:e8:3a:3f:f0:f2:9f:
df:65:01:18:84:76:6d:d2:54:64:0a:84:a0:c3:28:
ea:bc:af:7d:8b:97:d8:b1:b0:58:76:25:98:05:3d:
a2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9C:A7:97:62:EA:FC:EC:62:84:4D:8E:CB:0A:7C:3B:71:B9:72:40
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/75ynl2Lq_OxihE2Oywp8O3G5ckA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.101.0/24
193.43.250.0/24
193.106.99.0/24
IPv6:
2a0e:6600::/29
Signature Algorithm: sha256WithRSAEncryption
52:e4:c6:e2:7e:ca:9b:c3:ca:72:e9:4a:c4:e8:62:98:a2:07:
57:ed:6f:d3:68:d8:4e:11:61:72:63:20:ed:6d:f3:29:c8:70:
a9:b9:aa:06:69:b4:a6:5e:ed:ac:ec:25:5b:c5:df:ad:e5:37:
02:9f:63:bc:8e:93:88:d7:be:e1:72:ae:7b:91:86:1e:ea:9b:
e6:47:9b:a6:8e:00:2e:db:d4:46:4f:ae:d1:15:78:7a:60:5d:
c6:e2:59:4f:21:1d:6c:97:be:7c:17:51:2d:0f:26:73:d4:6b:
55:e1:73:dc:ba:e9:2e:42:88:99:5e:8d:e5:65:51:cf:70:93:
5b:55:d6:f0:ee:55:cb:93:04:2e:53:a6:38:35:41:c6:1f:87:
16:20:cf:88:ba:ff:b5:4b:4a:83:f3:e6:88:c9:27:7a:54:60:
ba:4b:5c:8e:28:5d:50:17:d6:e7:3e:c3:52:fa:08:bf:87:e4:
bc:83:8c:e1:8d:60:8d:5c:83:18:ab:4a:f6:48:b7:35:41:51:
4c:33:ff:a9:00:6b:14:5a:be:b8:bd:42:34:5f:7c:55:01:be:
6c:57:d2:98:65:8c:d4:68:fd:14:b2:0d:27:11:48:93:65:52:
e4:36:f9:fb:c6:55:6c:0f:1d:95:9f:50:46:65:6e:48:60:27:
56:46:b9:a6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYYMrE8I5+H2n25L/qFWeUZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwMjAxMTExMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjljYTc5NzYyZWFmY2VjNjI4NDRkOGVjYjBhN2MzYjcxYjk3MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE9OXbxMi8+E1S8TSmyAz5zLEII1
NkTMUlHPJpqPHBePXg6UyAva29fumPZPGzqGXdfNzN6Eq70A+BoeoOX0EhTV8xkq
tyG5hR/YMhZod4FLxBzZIHyk/vp6IBaat9vI0SHQsL4pPIv19hZQRzh4ODMCildT
DOxdhPqfMvlinrZ1m7EBFauNMLKQMgOr0IZszfMGITnKC1nSn5MTQYixT1dBAZP/
n+nD1XLI0G27d5cBPOmDTqPt+68+Er9TOckBeF3C1hwcs8NJg70iiqsJQOdZy/H2
vM7G/G3oOj/w8p/fZQEYhHZt0lRkCoSgwyjqvK99i5fYsbBYdiWYBT2ijwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO+cp5di6vzsYoRNjssKfDtxuXJAMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvNzV5bmwyTHFfT3hpaEUyT3l3cDhPM0c1Y2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW8ZlAwQA
wSv6AwQAwWpjMA0EAgACMAcDBQMqDmYAMA0GCSqGSIb3DQEBCwUAA4IBAQBS5Mbi
fsqbw8py6UrE6GKYogdX7W/TaNhOEWFyYyDtbfMpyHCpuaoGabSmXu2s7CVbxd+t
5TcCn2O8jpOI177hcq57kYYe6pvmR5umjgAu29RGT67RFXh6YF3G4llPIR1sl758
F1EtDyZz1GtV4XPcuukuQoiZXo3lZVHPcJNbVdbw7lXLkwQuU6Y4NUHGH4cWIM+I
uv+1S0qD8+aIySd6VGC6S1yOKF1QF9bnPsNS+gi/h+S8g4zhjWCNXIMYq0r2SLc1
QVFMM/+pAGsUWr64vUI0X3xVAb5sV9KYZYzUaP0Usg0nEUiTZVLkNvn7xlVsDx2V
n1BGZW5IYCdWRrmm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org