Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Oge8B3y8lhSpgC2uUSO2QY2ACvo.roa
File: Oge8B3y8lhSpgC2uUSO2QY2ACvo.roa (raw, json)
Hash identifier: isnPlGQGEfDh3PY/hBwBH+DWx9tWaP4GRQjw0rmgYLg=
Subject key identifier: 3A:07:BC:07:7C:BC:96:14:A9:80:2D:AE:51:23:B6:41:8D:80:0A:FA
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0188874516E98C8BDDBE16C8E9B26CFFD08A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Oge8B3y8lhSpgC2uUSO2QY2ACvo.roa
Signing time: Sun 04 Jun 2023 16:37:11 +0000
ROA not before: Sun 04 Jun 2023 16:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31732
IP address blocks: 185.220.236.0/22 maxlen: 24
188.209.155.0/24 maxlen: 24
45.137.180.0/22 maxlen: 24
82.115.12.0/23 maxlen: 24
185.129.108.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:87:45:16:e9:8c:8b:dd:be:16:c8:e9:b2:6c:ff:d0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 4 16:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a07bc077cbc9614a9802dae5123b6418d800afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:e5:2a:65:f6:04:cc:7e:e4:91:65:f0:61:
92:c0:76:cf:43:e6:32:01:b1:6f:0f:05:27:af:dd:
b0:9a:2f:ff:0f:33:89:e2:fe:78:e3:31:aa:d0:42:
fa:2d:73:8f:32:03:13:b4:53:16:51:32:38:8d:bc:
2a:35:41:fa:0b:b5:e2:fa:36:4b:8c:cf:69:31:24:
35:df:1d:32:63:8e:c4:02:02:e5:82:93:44:50:71:
4a:26:b9:74:ba:2b:36:2e:78:2f:ea:f5:b6:87:a5:
aa:e3:db:10:9b:f1:a2:c1:97:2b:cd:8e:ec:3a:0f:
5d:78:83:2f:b4:b1:e0:d6:cf:42:c1:d8:51:41:b6:
39:51:d1:4a:7d:de:fc:35:0b:00:63:c2:28:d3:16:
5f:5d:bf:32:07:80:a3:1c:c1:9f:61:1d:d0:ec:e2:
61:f4:c3:a7:93:1c:db:7c:22:c3:0c:25:9a:3a:91:
81:75:23:84:eb:a4:93:ba:6a:e3:c7:23:e1:c7:22:
aa:a8:ba:ef:0d:2a:0d:cc:3d:17:f1:2b:bc:e0:73:
9b:74:65:cd:e3:66:67:e3:5c:ce:76:ec:92:b0:e0:
8a:98:4a:7d:73:d1:c9:00:99:68:13:32:00:90:80:
02:0e:5a:5d:17:1e:6d:47:de:07:bc:b4:2f:e2:42:
b2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:07:BC:07:7C:BC:96:14:A9:80:2D:AE:51:23:B6:41:8D:80:0A:FA
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Oge8B3y8lhSpgC2uUSO2QY2ACvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.180.0/22
82.115.12.0/23
185.129.108.0/22
185.220.236.0/22
188.209.155.0/24
Signature Algorithm: sha256WithRSAEncryption
41:34:a3:07:12:76:a6:5d:bb:55:ba:e9:28:97:ad:05:69:5d:
6f:32:77:48:3e:9f:35:fa:03:b8:a7:94:12:d5:55:03:0e:6f:
f1:43:ff:c9:31:79:ed:b2:3a:cf:7c:b3:f3:27:ff:e2:6d:19:
12:8b:49:c0:06:da:e1:bf:b6:a1:71:e7:c4:ef:54:6d:82:40:
9b:e3:b3:54:31:00:35:36:e6:13:b6:93:af:4d:1e:f4:ec:9b:
52:86:7b:0f:9c:3a:f2:aa:69:9c:a3:85:49:44:4e:27:ac:8f:
e4:c0:4c:2c:d0:14:1d:48:83:f9:ec:01:1b:6f:61:aa:18:80:
0d:bc:bd:ec:0c:fe:9f:d2:b3:bc:30:17:64:ca:76:af:96:1c:
12:2f:88:b4:5b:da:33:cd:d8:cc:27:c9:04:09:f6:af:72:16:
eb:54:e3:3c:7e:97:22:96:cc:51:9d:8a:49:1a:0c:3c:35:6d:
f6:f5:e1:f0:fd:8a:9c:ac:24:a2:19:82:db:a6:57:f3:2d:c7:
1b:36:b1:b5:7f:12:60:21:07:ec:d7:20:aa:ac:f9:0e:80:c4:
fa:dd:bd:83:83:90:9e:f2:76:fc:fb:4f:89:e6:7e:ed:04:5a:
20:bc:a6:40:e8:d9:f2:70:dc:2c:a3:8d:7c:2e:5a:62:4c:14:
f2:ec:83:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiHRRbpjIvdvhbI6bJs/9CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNjA0MTYzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA3YmMwNzdjYmM5NjE0YTk4MDJkYWU1MTIzYjY0MThkODAwYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIHlKmX2BMx+5JFl8GGSwHbPQ+Yy
AbFvDwUnr92wmi//DzOJ4v544zGq0EL6LXOPMgMTtFMWUTI4jbwqNUH6C7Xi+jZL
jM9pMSQ13x0yY47EAgLlgpNEUHFKJrl0uis2Lngv6vW2h6Wq49sQm/GiwZcrzY7s
Og9deIMvtLHg1s9CwdhRQbY5UdFKfd78NQsAY8Io0xZfXb8yB4CjHMGfYR3Q7OJh
9MOnkxzbfCLDDCWaOpGBdSOE66STumrjxyPhxyKqqLrvDSoNzD0X8Su84HObdGXN
42Zn41zOduySsOCKmEp9c9HJAJloEzIAkIACDlpdFx5tR94HvLQv4kKyuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDoHvAd8vJYUqYAtrlEjtkGNgAr6MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvT2dlOEIzeThsaFNwZ0MydVVTTzJRWTJBQ3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYm0AwQB
UnMMAwQCuYFsAwQCudzsAwQAvNGbMA0GCSqGSIb3DQEBCwUAA4IBAQBBNKMHEnam
XbtVuukol60FaV1vMndIPp81+gO4p5QS1VUDDm/xQ//JMXntsjrPfLPzJ//ibRkS
i0nABtrhv7ahcefE71RtgkCb47NUMQA1NuYTtpOvTR707JtShnsPnDryqmmco4VJ
RE4nrI/kwEws0BQdSIP57AEbb2GqGIANvL3sDP6f0rO8MBdkynavlhwSL4i0W9oz
zdjMJ8kECfavchbrVOM8fpcilsxRnYpJGgw8NW329eHw/YqcrCSiGYLbplfzLccb
NrG1fxJgIQfs1yCqrPkOgMT63b2Dg5Ce8nb8+0+J5n7tBFogvKZA6NnycNwso418
LlpiTBTy7IOP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org