Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OM3PwbJs4Uf2K7QXYqresCcDq4U.roa
File: OM3PwbJs4Uf2K7QXYqresCcDq4U.roa (raw, json)
Hash identifier: 5mmIcvu2g/SL9ztzYzxNQk5JCuHvbHFv23WqQm6TmXM=
Subject key identifier: 38:CD:CF:C1:B2:6C:E1:47:F6:2B:B4:17:62:AA:DE:B0:27:03:AB:85
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01870D95B235E44B559557D1E83FE383E506
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OM3PwbJs4Uf2K7QXYqresCcDq4U.roa
Signing time: Thu 23 Mar 2023 08:28:46 +0000
ROA not before: Thu 23 Mar 2023 08:28:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43146
IP address blocks: 194.116.163.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
77.220.205.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:95:b2:35:e4:4b:55:95:57:d1:e8:3f:e3:83:e5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 23 08:28:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38cdcfc1b26ce147f62bb41762aadeb02703ab85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dc:e7:9b:d6:9a:a6:8c:cd:3a:f3:af:5a:ec:
aa:f0:27:4c:c7:c4:4e:28:ee:64:0c:37:a3:d0:59:
21:83:2f:5a:e1:3f:91:2d:3c:91:61:b7:f2:5e:20:
81:c8:6e:f7:e6:f3:07:a9:21:cc:b3:41:96:d6:52:
30:f0:ea:35:84:56:4c:de:a7:7f:dd:d7:26:42:0e:
8b:c8:23:09:b1:97:dc:2f:f4:03:e3:87:cb:95:19:
4c:ac:89:e8:30:ba:91:be:be:4e:18:81:4e:6e:4b:
6c:34:5d:c6:a7:ff:fd:5e:02:59:f6:3a:99:1d:9b:
be:0a:79:67:1a:ad:bf:a8:99:93:dd:9c:a1:a1:5b:
48:b6:94:29:55:37:be:13:c0:6a:1e:86:87:43:8b:
d5:1d:3f:2e:9c:f8:39:f7:7d:52:34:6f:38:08:5d:
98:a0:4b:7e:41:95:33:e4:c1:43:5b:b0:71:a1:fd:
c5:78:df:ad:42:1e:a7:a3:98:63:1f:92:c4:a1:79:
89:c8:fa:54:e6:a5:6b:c9:11:48:50:cd:71:47:ff:
b2:64:74:d4:ef:87:79:8a:a4:06:9f:05:2f:52:cf:
61:2d:ed:8c:e1:30:ec:7b:dc:02:70:cc:b2:23:62:
c1:c2:7e:bf:44:c4:57:c2:78:47:97:fd:bc:42:92:
f4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CD:CF:C1:B2:6C:E1:47:F6:2B:B4:17:62:AA:DE:B0:27:03:AB:85
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/OM3PwbJs4Uf2K7QXYqresCcDq4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.205.0/24
194.116.162.0/23
Signature Algorithm: sha256WithRSAEncryption
91:c0:02:24:b4:64:47:34:9e:d2:c9:81:3c:01:3f:42:25:0e:
7f:3c:a5:98:16:e7:e2:86:c0:8f:48:06:56:70:de:b4:75:be:
e2:b3:9f:48:b4:66:a9:84:07:4a:2d:09:5d:0a:fe:fc:02:74:
6f:36:40:b5:ce:eb:fc:45:51:d0:47:ff:5e:79:1d:4a:65:cf:
40:7f:52:a2:dc:8e:15:54:66:1e:b2:13:1c:bd:76:78:69:dc:
ca:50:c2:ed:07:de:88:ad:b8:c9:b5:f2:94:be:79:56:93:f5:
5d:0b:01:4c:12:69:4f:bc:81:e8:4d:4a:fa:8b:df:13:66:de:
38:e0:a4:f0:9c:93:44:87:20:65:05:61:5b:45:fd:c6:17:64:
b9:bf:78:11:09:41:a0:c0:c6:3c:9f:4b:59:6a:8d:38:65:95:
ba:5a:b8:3e:20:bd:32:77:3d:9f:10:fc:cc:4f:d1:32:56:05:
fe:98:f1:16:39:26:06:fb:63:6a:85:b0:d2:5e:fa:aa:e5:13:
9f:49:a4:54:ca:6f:55:05:c1:7a:16:49:72:37:54:71:0f:19:
5e:f5:12:87:f4:ff:79:09:b6:bd:6a:f4:3c:65:a8:20:eb:fa:
6c:ec:25:58:4c:1d:2b:33:32:2a:fb:47:c3:c2:f3:a1:b6:db:
21:50:25:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcNlbI15EtVlVfR6D/jg+UGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzIzMDgyODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkY2ZjMWIyNmNlMTQ3ZjYyYmI0MTc2MmFhZGViMDI3MDNhYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdznm9aapozNOvOvWuyq8CdMx8RO
KO5kDDej0Fkhgy9a4T+RLTyRYbfyXiCByG735vMHqSHMs0GW1lIw8Oo1hFZM3qd/
3dcmQg6LyCMJsZfcL/QD44fLlRlMrInoMLqRvr5OGIFObktsNF3Gp//9XgJZ9jqZ
HZu+CnlnGq2/qJmT3ZyhoVtItpQpVTe+E8BqHoaHQ4vVHT8unPg5931SNG84CF2Y
oEt+QZUz5MFDW7Bxof3FeN+tQh6no5hjH5LEoXmJyPpU5qVryRFIUM1xR/+yZHTU
74d5iqQGnwUvUs9hLe2M4TDse9wCcMyyI2LBwn6/RMRXwnhHl/28QpL0GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjNz8GybOFH9iu0F2Kq3rAnA6uFMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvT00zUHdiSnM0VWYySzdRWFlxcmVzQ2NEcTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATdzNAwQB
wnSiMA0GCSqGSIb3DQEBCwUAA4IBAQCRwAIktGRHNJ7SyYE8AT9CJQ5/PKWYFufi
hsCPSAZWcN60db7is59ItGaphAdKLQldCv78AnRvNkC1zuv8RVHQR/9eeR1KZc9A
f1Ki3I4VVGYeshMcvXZ4adzKUMLtB96IrbjJtfKUvnlWk/VdCwFMEmlPvIHoTUr6
i98TZt444KTwnJNEhyBlBWFbRf3GF2S5v3gRCUGgwMY8n0tZao04ZZW6Wrg+IL0y
dz2fEPzMT9EyVgX+mPEWOSYG+2NqhbDSXvqq5ROfSaRUym9VBcF6FklyN1RxDxle
9RKH9P95Cba9avQ8Zagg6/ps7CVYTB0rMzIq+0fDwvOhttshUCXc
-----END CERTIFICATE-----
Generated at Fri Jul 28 13:37:21 2023 by rpki-client on console-fra.rpki-client.org