Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/O0-INIxhoJTH3SOkekyFC9AgTnk.roa
File: O0-INIxhoJTH3SOkekyFC9AgTnk.roa (raw, json)
Hash identifier: HYEUyRwFlsLDcYyVtRu34nl7Or0BjBRvOT/tsCE+ZHg=
Subject key identifier: 3B:4F:88:34:8C:61:A0:94:C7:DD:23:A4:7A:4C:85:0B:D0:20:4E:79
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018E9F1DA65358241099911035553280D058
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/O0-INIxhoJTH3SOkekyFC9AgTnk.roa
Signing time: Tue 02 Apr 2024 14:01:44 +0000
ROA not before: Tue 02 Apr 2024 14:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 84.246.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a6:53:58:24:10:99:91:10:35:55:32:80:d0:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b4f88348c61a094c7dd23a47a4c850bd0204e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:b4:05:73:73:86:79:7f:84:0d:49:77:4f:
a4:4c:2b:2c:7f:17:5a:5d:6e:a4:cf:8f:a7:88:27:
a4:98:47:51:61:fe:40:61:0d:99:f0:b7:35:22:94:
96:6f:7a:24:c9:ea:30:19:a7:2c:5a:86:25:53:74:
ce:1b:0c:9e:be:ee:e4:01:3b:f2:e0:e1:f0:76:e5:
36:13:8e:0f:65:11:3c:3a:be:31:29:d6:b8:cf:45:
04:10:ed:12:1c:b6:e9:9a:90:d0:24:6e:1b:ca:74:
67:09:5b:b4:0a:0c:dd:e7:28:7d:f6:27:dc:2c:c6:
f7:09:12:4a:1b:71:2f:b3:e8:a9:09:43:99:b1:18:
df:7a:d7:7a:a6:62:3e:3d:16:fb:35:41:06:1a:3d:
f5:b6:13:4c:de:a0:3f:23:a8:a7:cb:46:51:49:c1:
5b:e0:f8:a3:b9:04:38:d5:22:43:e2:42:ce:a4:cb:
f8:d7:dd:ef:09:22:06:4c:99:67:ad:26:a8:7b:80:
0b:04:44:2a:73:71:ef:6b:90:08:54:dd:9d:34:74:
28:3f:ce:af:4b:e0:3b:45:b1:2e:38:0e:39:96:22:
21:60:ac:8c:b7:40:49:1a:dd:70:c9:59:e6:e4:96:
20:58:cd:95:57:67:ef:56:fe:7e:63:d9:48:a6:28:
0d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4F:88:34:8C:61:A0:94:C7:DD:23:A4:7A:4C:85:0B:D0:20:4E:79
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/O0-INIxhoJTH3SOkekyFC9AgTnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.110.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:2c:a9:f0:ff:a1:ff:5b:0a:12:87:e7:83:9d:0c:3a:32:9a:
3e:ba:a8:8b:a4:4f:c9:6b:d8:43:e8:11:0f:91:bf:62:d2:90:
ac:dc:0b:c9:12:c0:0c:9b:dd:43:ba:79:26:9a:21:de:72:1c:
35:35:d1:d0:c5:c9:8f:0c:5a:61:d3:e3:1b:dd:f6:c3:ce:66:
7e:63:40:a9:e2:37:6b:e1:db:1b:0b:4b:e7:6e:c1:13:ab:f5:
fa:15:d5:98:67:14:5e:58:dd:6e:49:ba:ad:e9:11:31:d1:12:
df:ed:74:de:76:0a:c5:5f:4a:35:fa:c9:ff:12:58:14:b1:4d:
d9:a7:cd:da:c2:f0:11:9e:96:95:35:98:39:e9:35:b4:57:de:
4d:00:f9:f8:78:ac:65:a7:21:75:48:2f:64:66:e3:fb:8f:90:
59:69:a6:6b:78:dc:1b:0a:97:a1:98:7d:8e:e2:bd:4b:88:3a:
5a:17:b4:44:35:21:9d:96:13:88:38:88:5e:ae:f6:38:a4:0a:
ea:f2:c1:57:8a:0c:8e:22:90:ec:aa:31:6a:12:26:4d:8e:5c:
31:22:d6:c8:cf:08:67:bf:d3:ae:8e:18:2a:25:11:f5:0b:af:
1e:bb:45:72:09:b5:dd:53:db:ad:ab:33:b5:42:78:51:ba:2a:
13:01:09:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6fHaZTWCQQmZEQNVUygNBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRmODgzNDhjNjFhMDk0YzdkZDIzYTQ3YTRjODUwYmQwMjA0ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7e0BXNzhnl/hA1Jd0+kTCssfxda
XW6kz4+niCekmEdRYf5AYQ2Z8Lc1IpSWb3okyeowGacsWoYlU3TOGwyevu7kATvy
4OHwduU2E44PZRE8Or4xKda4z0UEEO0SHLbpmpDQJG4bynRnCVu0Cgzd5yh99ifc
LMb3CRJKG3Evs+ipCUOZsRjfetd6pmI+PRb7NUEGGj31thNM3qA/I6iny0ZRScFb
4PijuQQ41SJD4kLOpMv4193vCSIGTJlnrSaoe4ALBEQqc3Hva5AIVN2dNHQoP86v
S+A7RbEuOA45liIhYKyMt0BJGt1wyVnm5JYgWM2VV2fvVv5+Y9lIpigNRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtPiDSMYaCUx90jpHpMhQvQIE55MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvTzAtSU5JeGhvSlRIM1NPa2VreUZDOUFnVG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPZuMA0G
CSqGSIb3DQEBCwUAA4IBAQCbLKnw/6H/WwoSh+eDnQw6Mpo+uqiLpE/Ja9hD6BEP
kb9i0pCs3AvJEsAMm91DunkmmiHechw1NdHQxcmPDFph0+Mb3fbDzmZ+Y0Cp4jdr
4dsbC0vnbsETq/X6FdWYZxReWN1uSbqt6REx0RLf7XTedgrFX0o1+sn/ElgUsU3Z
p83awvARnpaVNZg56TW0V95NAPn4eKxlpyF1SC9kZuP7j5BZaaZreNwbCpehmH2O
4r1LiDpaF7RENSGdlhOIOIhervY4pArq8sFXigyOIpDsqjFqEiZNjlwxItbIzwhn
v9OujhgqJRH1C68eu0VyCbXdU9utqzO1QnhRuioTAQm8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org