Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0z6Hi-VexJYzxi0LkTYFwk3ad8M.roa
File: 0z6Hi-VexJYzxi0LkTYFwk3ad8M.roa (raw, json)
Hash identifier: 5BDJ5Gwv+nizUtZcdDXzE1qjQVyck4NyWqNa1TAr038=
Subject key identifier: D3:3E:87:8B:E5:5E:C4:96:33:C6:2D:0B:91:36:05:C2:4D:DA:77:C3
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018365D914953ADF8B4E0F1A3229CCB45267
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0z6Hi-VexJYzxi0LkTYFwk3ad8M.roa
Signing time: Thu 22 Sep 2022 15:37:48 +0000
ROA not before: Thu 22 Sep 2022 15:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41043
IP address blocks: 86.105.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:d9:14:95:3a:df:8b:4e:0f:1a:32:29:cc:b4:52:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Sep 22 15:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d33e878be55ec49633c62d0b913605c24dda77c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:84:99:cc:cd:0a:4f:27:4e:41:db:72:3a:77:
1f:20:4f:36:b1:cc:d2:71:2d:56:c3:7f:84:54:cf:
a6:e3:e8:b8:f5:94:fa:0d:82:0e:9e:bc:96:fd:b2:
0f:a7:fd:3e:10:f7:93:86:85:36:60:cc:8c:a8:b6:
77:4d:1e:49:99:58:9e:63:a8:7d:92:4d:5a:41:87:
7d:f8:e6:c9:f2:b0:a9:47:c7:c9:2d:79:cb:19:5f:
05:86:86:ea:24:b9:81:fb:f9:d7:e1:f8:fb:08:f2:
39:58:1f:99:38:38:13:b3:88:59:11:78:31:e1:e3:
74:36:47:f7:99:a0:f4:18:02:ea:87:d7:8f:a0:ae:
73:25:b9:a1:eb:a0:ac:7e:3d:10:26:e7:d9:09:b5:
7a:bd:eb:12:2b:c3:bd:03:99:5e:a4:e9:7f:a2:06:
15:c1:2e:e1:7b:4e:7b:89:22:44:40:ea:e4:78:e5:
64:c1:fd:7c:f5:ac:b8:a0:45:3f:29:d3:31:81:55:
8d:e5:6c:25:60:7c:a6:69:da:ea:b7:a2:b5:a7:3e:
74:ad:4c:9a:e3:3f:66:48:2e:01:43:74:3e:53:b2:
fe:c1:b4:26:66:d2:f8:15:65:ed:e8:5f:a9:d4:55:
69:15:db:86:65:1e:48:23:e0:df:31:d0:e1:6b:16:
b7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3E:87:8B:E5:5E:C4:96:33:C6:2D:0B:91:36:05:C2:4D:DA:77:C3
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/0z6Hi-VexJYzxi0LkTYFwk3ad8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.4.0/24
Signature Algorithm: sha256WithRSAEncryption
94:1f:cd:c3:de:ba:7c:38:7f:ca:dc:73:48:81:86:9a:d3:7d:
08:4d:a8:8c:2b:22:d4:49:95:e7:d0:9e:9f:e6:8d:00:76:f1:
df:6b:8b:0a:4b:ff:6a:29:d0:d3:03:51:ea:7c:42:ae:68:53:
a2:ce:57:bc:b8:0a:e1:a6:ea:58:d4:14:5e:9e:61:e4:63:5f:
9f:0e:24:ea:52:83:b6:2c:88:65:e8:0d:da:ef:90:a2:7a:95:
16:bb:92:ec:6b:8c:86:1b:97:76:e2:1a:05:77:f0:c4:2a:ad:
28:56:76:b6:06:c3:32:84:42:34:f1:6c:38:df:34:e1:73:3e:
09:61:1e:a7:a2:c6:3d:cf:fe:65:15:37:be:09:40:9a:99:65:
7a:88:05:6e:0f:d6:7c:b8:a8:45:44:2f:f2:b3:8c:47:ed:46:
ea:d1:27:89:1e:2d:b6:76:aa:2c:98:c2:13:53:ce:6f:b5:73:
3c:3a:87:78:64:fd:a7:55:4e:2d:1d:99:f9:c6:6d:33:42:d3:
fb:a2:eb:4d:25:9d:48:cb:a4:ea:56:dc:cc:b4:81:43:56:e6:
99:2b:19:7d:d8:42:ac:ab:d9:18:67:55:6d:35:0e:0c:b7:e4:
88:ca:8c:d0:04:17:67:c7:20:85:28:1d:89:18:fc:49:79:59:
e7:b7:b8:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYNl2RSVOt+LTg8aMinMtFJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIwOTIyMTUzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNlODc4YmU1NWVjNDk2MzNjNjJkMGI5MTM2MDVjMjRkZGE3N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYSZzM0KTydOQdtyOncfIE82sczS
cS1Ww3+EVM+m4+i49ZT6DYIOnryW/bIPp/0+EPeThoU2YMyMqLZ3TR5JmVieY6h9
kk1aQYd9+ObJ8rCpR8fJLXnLGV8FhobqJLmB+/nX4fj7CPI5WB+ZODgTs4hZEXgx
4eN0Nkf3maD0GALqh9ePoK5zJbmh66Csfj0QJufZCbV6vesSK8O9A5lepOl/ogYV
wS7he057iSJEQOrkeOVkwf189ay4oEU/KdMxgVWN5WwlYHymadrqt6K1pz50rUya
4z9mSC4BQ3Q+U7L+wbQmZtL4FWXt6F+p1FVpFduGZR5II+DfMdDhaxa32QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNM+h4vlXsSWM8YtC5E2BcJN2nfDMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzB6NkhpLVZleEpZenhpMExrVFlGd2szYWQ4TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWaQQw
DQYJKoZIhvcNAQELBQADggEBAJQfzcPeunw4f8rcc0iBhprTfQhNqIwrItRJlefQ
np/mjQB28d9riwpL/2op0NMDUep8Qq5oU6LOV7y4CuGm6ljUFF6eYeRjX58OJOpS
g7YsiGXoDdrvkKJ6lRa7kuxrjIYbl3biGgV38MQqrShWdrYGwzKEQjTxbDjfNOFz
PglhHqeixj3P/mUVN74JQJqZZXqIBW4P1ny4qEVEL/KzjEftRurRJ4keLbZ2qiyY
whNTzm+1czw6h3hk/adVTi0dmfnGbTNC0/ui600lnUjLpOpW3My0gUNW5pkrGX3Y
Qqyr2RhnVW01Dgy35IjKjNAEF2fHIIUoHYkY/El5Wee3uLI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org