Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/ojyDWRalJBiLPChRTXaBlUQtdYY.roa
File: ojyDWRalJBiLPChRTXaBlUQtdYY.roa (raw, json)
Hash identifier: Rlb7V5pm82ifyetjrEMtYU/LBOS8N4xdV8O84te7U2U=
Subject key identifier: A2:3C:83:59:16:A5:24:18:8B:3C:28:51:4D:76:81:95:44:2D:75:86
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0184480FDCAAE20DF431195F3044F9EDB158
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/ojyDWRalJBiLPChRTXaBlUQtdYY.roa
Signing time: Sat 05 Nov 2022 13:51:49 +0000
ROA not before: Sat 05 Nov 2022 13:51:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50643
IP address blocks: 176.117.80.0/20 maxlen: 20
176.117.64.0/20 maxlen: 20
176.117.64.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:48:0f:dc:aa:e2:0d:f4:31:19:5f:30:44:f9:ed:b1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Nov 5 13:51:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a23c835916a524188b3c28514d768195442d7586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:76:6d:c7:4d:ce:39:29:52:3b:64:21:37:0b:
09:6e:d4:62:b1:fe:89:e6:92:0d:d6:24:ea:bd:dd:
2b:4c:7c:c7:16:0c:ce:89:18:be:06:5a:f3:f5:5c:
4b:10:e3:58:cb:91:2a:e1:0b:23:be:b3:17:b9:e9:
a1:bc:1d:3c:a6:bb:0d:85:51:64:7a:05:56:85:f4:
8c:13:3d:81:33:09:d6:e8:a1:68:ac:c4:e2:be:05:
19:10:d1:a7:89:b7:32:bc:68:23:2b:8b:4c:91:a1:
e0:61:77:57:e1:79:81:f4:81:5d:3d:a4:2d:20:28:
94:a7:67:72:56:73:dc:66:6b:3e:db:da:63:a8:11:
d5:0c:11:25:7a:2b:80:93:c6:2a:98:15:73:24:0f:
a1:39:2e:b8:a5:6d:60:08:74:c2:16:ad:65:4a:77:
aa:ce:81:7c:b9:cd:78:21:2b:ab:39:56:cf:28:82:
1d:d3:7c:e7:da:9b:d4:54:db:56:0b:55:60:88:ca:
54:7b:04:55:01:b7:20:a6:9c:68:0d:92:74:29:55:
b2:db:35:52:2b:f2:8b:d9:c6:71:5a:77:9e:0b:5f:
8a:00:be:98:5f:44:03:df:2c:e8:f9:c5:8e:82:bf:
75:43:35:e0:cd:1d:79:d6:4a:7b:b5:c6:b7:d8:84:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3C:83:59:16:A5:24:18:8B:3C:28:51:4D:76:81:95:44:2D:75:86
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/ojyDWRalJBiLPChRTXaBlUQtdYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/19
Signature Algorithm: sha256WithRSAEncryption
79:3c:57:ac:6a:a3:fd:43:09:d7:58:83:d0:5e:f4:df:0c:06:
62:a1:49:43:cb:4e:bf:bb:e4:2d:70:40:f2:a3:10:27:23:fa:
0d:1a:af:47:0d:a8:a9:92:cd:04:eb:b4:38:77:35:9b:98:6e:
04:9a:ec:85:75:27:35:2d:18:4c:bf:03:b8:1d:1e:78:42:4c:
41:9f:23:05:0c:df:4a:89:bc:c3:14:0e:83:d3:e5:43:10:08:
57:c2:14:e6:1f:83:fb:f9:a3:5c:55:8d:28:d1:90:2b:dd:68:
fe:d5:35:db:39:81:9e:b8:67:79:57:30:c6:96:8a:77:66:b3:
ba:b5:5d:ab:d3:98:c9:2a:12:10:1b:7e:54:1e:31:d9:eb:5f:
66:88:65:bc:2e:da:89:78:fb:f6:ad:cf:33:8e:0c:c5:d8:5a:
da:16:e6:59:9d:d9:93:dd:eb:85:50:49:51:88:a9:59:48:c0:
c4:17:45:da:d4:80:a6:e6:d4:40:1f:00:13:ab:f7:9a:b6:e3:
4a:3c:1f:41:7d:5e:d1:0f:d9:d6:e3:bd:79:0a:cc:92:fa:34:
a4:e1:d1:40:be:92:da:e4:0f:d0:d3:77:07:ab:cf:35:a3:4c:
4d:87:4a:77:08:32:4b:03:d3:bf:c9:b9:74:d5:34:4c:7c:a7:
14:43:4b:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRID9yq4g30MRlfMET57bFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjIxMTA1MTM1MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNjODM1OTE2YTUyNDE4OGIzYzI4NTE0ZDc2ODE5NTQ0MmQ3NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13Ztx03OOSlSO2QhNwsJbtRisf6J
5pIN1iTqvd0rTHzHFgzOiRi+Blrz9VxLEONYy5Eq4QsjvrMXuemhvB08prsNhVFk
egVWhfSMEz2BMwnW6KForMTivgUZENGnibcyvGgjK4tMkaHgYXdX4XmB9IFdPaQt
ICiUp2dyVnPcZms+29pjqBHVDBEleiuAk8YqmBVzJA+hOS64pW1gCHTCFq1lSneq
zoF8uc14ISurOVbPKIId03zn2pvUVNtWC1VgiMpUewRVAbcgppxoDZJ0KVWy2zVS
K/KL2cZxWneeC1+KAL6YX0QD3yzo+cWOgr91QzXgzR151kp7tca32IQ0TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI8g1kWpSQYizwoUU12gZVELXWGMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvb2p5RFdSYWxKQmlMUENoUlRYYUJsVVF0ZFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsHVAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5PFesaqP9QwnXWIPQXvTfDAZioUlDy06/u+QtcEDy
oxAnI/oNGq9HDaipks0E67Q4dzWbmG4EmuyFdSc1LRhMvwO4HR54QkxBnyMFDN9K
ibzDFA6D0+VDEAhXwhTmH4P7+aNcVY0o0ZAr3Wj+1TXbOYGeuGd5VzDGlop3ZrO6
tV2r05jJKhIQG35UHjHZ619miGW8LtqJePv2rc8zjgzF2FraFuZZndmT3euFUElR
iKlZSMDEF0Xa1ICm5tRAHwATq/eatuNKPB9BfV7RD9nW4715CsyS+jSk4dFAvpLa
5A/Q03cHq881o0xNh0p3CDJLA9O/ybl01TRMfKcUQ0t4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org