Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/oVMYROjnWIFk_lfI0Ee5BGB8BS4.roa
File: oVMYROjnWIFk_lfI0Ee5BGB8BS4.roa (raw, json)
Hash identifier: nCdbJ3NSUoQlQpE3sIR0ORYUWpBguuYAQ9k3cFv3NVM=
Subject key identifier: A1:53:18:44:E8:E7:58:81:64:FE:57:C8:D0:47:B9:04:60:7C:05:2E
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 019421B18961CF98F57261A8C08F7D77695D
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/oVMYROjnWIFk_lfI0Ee5BGB8BS4.roa
Signing time: Wed 01 Jan 2025 11:47:50 +0000
ROA not before: Wed 01 Jan 2025 11:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.84.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:89:61:cf:98:f5:72:61:a8:c0:8f:7d:77:69:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jan 1 11:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1531844e8e7588164fe57c8d047b904607c052e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:56:8a:8b:4a:9d:1c:15:2f:b8:ee:67:ff:98:
6e:42:c6:99:6d:27:ad:5c:3a:17:fb:bb:73:75:f1:
72:59:22:7c:14:65:8c:fd:30:47:bd:e8:eb:87:9c:
df:08:2b:4d:92:ad:ae:e8:9d:97:b1:f3:7e:a4:09:
3d:f6:56:51:16:cc:dc:2e:61:02:af:fb:24:25:b8:
f6:4b:17:a0:fa:bf:c2:82:1c:64:7c:50:8f:8a:7d:
a7:72:ba:33:56:88:ad:b8:20:e1:af:cb:71:ba:11:
f2:d1:21:a7:b8:e7:af:8b:8c:f3:f2:42:09:d1:ae:
80:ae:4c:39:78:65:4b:2e:e4:7e:f4:23:01:d5:23:
d6:02:a7:95:9a:5c:44:98:03:05:ee:8d:c2:c6:5e:
d5:22:5e:28:a2:f1:6f:1b:c8:02:f9:4d:73:5a:49:
4b:45:31:f3:15:94:0c:a7:a9:13:a2:0c:76:53:ec:
5a:9c:9e:fe:4b:e3:13:84:68:c8:c5:aa:1e:dc:07:
a0:28:ff:ff:72:3f:e7:4f:86:21:40:2f:90:5f:f1:
77:50:19:1a:56:07:21:74:a8:b1:1e:c3:83:ac:6e:
cd:4b:94:fe:f4:56:d2:08:a6:20:61:ce:16:12:70:
ab:59:6e:6d:5b:b7:2a:2e:06:88:3c:96:44:be:30:
ca:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:53:18:44:E8:E7:58:81:64:FE:57:C8:D0:47:B9:04:60:7C:05:2E
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/oVMYROjnWIFk_lfI0Ee5BGB8BS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.84.0/22
Signature Algorithm: sha256WithRSAEncryption
52:be:28:44:5b:90:05:f3:56:22:cf:ff:84:13:99:bd:9e:b5:
45:59:95:9e:aa:79:99:f8:fd:86:1f:0f:e6:8f:26:47:15:74:
55:6b:ce:a3:04:2e:f6:4c:15:a8:31:37:a1:66:12:3f:c7:c4:
08:e3:08:23:f0:9e:8b:2d:93:e7:24:a0:02:23:42:e1:48:b8:
70:3e:09:08:54:f2:41:94:e0:63:45:e1:ff:26:c6:18:0e:bb:
ae:d3:79:e8:0d:61:a9:33:b0:f1:3b:29:9c:a9:d4:fd:8a:6d:
7a:ad:1a:a4:97:ba:71:8d:c9:45:3d:23:b0:d4:a3:9c:32:40:
db:5d:fe:fd:0e:94:06:07:4a:67:01:b2:4a:39:fa:c8:85:d6:
02:ed:f3:44:ea:f8:b7:7f:29:a2:98:ae:51:7a:9e:3d:e2:ce:
68:ff:4b:eb:f2:3f:4f:fd:86:ca:64:9f:42:0e:e2:90:da:03:
bc:44:f1:02:62:23:a1:b0:bd:d1:26:23:b7:56:59:f0:9a:8a:
b8:47:8e:f5:2e:a2:8c:78:40:fd:3d:22:0e:38:88:d3:02:c6:
b1:8a:f9:e4:89:c2:8b:93:30:73:20:df:e7:dd:9c:b3:3d:1f:
44:16:95:ee:ea:18:a3:5f:77:94:1d:57:b9:0a:45:53:fa:51:
da:d3:ea:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsYlhz5j1cmGowI99d2ldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjUwMTAxMTE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTUzMTg0NGU4ZTc1ODgxNjRmZTU3YzhkMDQ3YjkwNDYwN2MwNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFaKi0qdHBUvuO5n/5huQsaZbSet
XDoX+7tzdfFyWSJ8FGWM/TBHvejrh5zfCCtNkq2u6J2XsfN+pAk99lZRFszcLmEC
r/skJbj2Sxeg+r/CghxkfFCPin2ncrozVoituCDhr8txuhHy0SGnuOevi4zz8kIJ
0a6Arkw5eGVLLuR+9CMB1SPWAqeVmlxEmAMF7o3Cxl7VIl4oovFvG8gC+U1zWklL
RTHzFZQMp6kTogx2U+xanJ7+S+MThGjIxaoe3AegKP//cj/nT4YhQC+QX/F3UBka
VgchdKixHsODrG7NS5T+9FbSCKYgYc4WEnCrWW5tW7cqLgaIPJZEvjDKUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFTGETo51iBZP5XyNBHuQRgfAUuMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvb1ZNWVJPam5XSUZrX2xmSTBFZTVCR0I4QlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHVUMA0G
CSqGSIb3DQEBCwUAA4IBAQBSvihEW5AF81Yiz/+EE5m9nrVFWZWeqnmZ+P2GHw/m
jyZHFXRVa86jBC72TBWoMTehZhI/x8QI4wgj8J6LLZPnJKACI0LhSLhwPgkIVPJB
lOBjReH/JsYYDruu03noDWGpM7DxOymcqdT9im16rRqkl7pxjclFPSOw1KOcMkDb
Xf79DpQGB0pnAbJKOfrIhdYC7fNE6vi3fymimK5Rep494s5o/0vr8j9P/YbKZJ9C
DuKQ2gO8RPECYiOhsL3RJiO3Vlnwmoq4R471LqKMeED9PSIOOIjTAsaxivnkicKL
kzBzIN/n3ZyzPR9EFpXu6hijX3eUHVe5CkVT+lHa0+rC
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:28 2025 by rpki-client