Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/o1hc9uQ_FIKLftW150VIX_3UqsQ.roa
File: o1hc9uQ_FIKLftW150VIX_3UqsQ.roa (raw, json)
Hash identifier: KmGvLDxi3FAPN0Sep37zeTrSVSZ6hBhHK/nIwX4gG0Q=
Subject key identifier: A3:58:5C:F6:E4:3F:14:82:8B:7E:D5:B5:E7:45:48:5F:FD:D4:AA:C4
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 44BFF054
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/o1hc9uQ_FIKLftW150VIX_3UqsQ.roa
Signing time: Thu 02 Jun 2022 06:25:20 +0000
ROA not before: Thu 02 Jun 2022 06:25:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8849
IP address blocks: 95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1153429588 (0x44bff054)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jun 2 06:25:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3585cf6e43f14828b7ed5b5e745485ffdd4aac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:12:66:73:21:ab:cc:5b:e7:55:ea:0c:e3:
9a:59:9d:27:ce:19:da:b9:dc:4a:2e:19:fa:5c:55:
dd:18:dc:a1:57:89:cb:a4:04:1d:69:0d:c2:3f:3f:
a7:dc:68:bd:43:ab:c3:e2:f7:55:1a:8a:10:06:5d:
38:38:c8:10:f0:8a:e4:7e:79:96:fe:94:da:58:42:
68:da:c6:a8:95:46:ed:f0:e3:e0:8a:b6:f2:1d:d3:
ac:75:5c:18:1a:78:bc:58:0f:31:61:ac:10:c0:ac:
db:0c:e3:c3:49:39:2a:6e:2b:0b:d5:40:80:89:0f:
c9:78:1c:77:c2:36:98:75:af:fa:a6:c6:a5:20:c6:
7f:7a:0b:56:84:1f:e8:82:3d:ff:c1:44:4b:b3:b8:
68:c3:e5:89:c5:8f:e7:7a:69:f8:cd:ee:c9:28:1e:
fe:ec:95:a3:18:9c:2e:91:97:75:67:77:dc:25:41:
68:cc:6d:9a:a8:da:a7:4b:db:bd:56:0e:df:37:32:
9a:43:a1:cc:da:1c:75:f6:1c:26:7e:84:0d:e9:ab:
08:95:5d:f5:f9:98:55:5e:2c:18:cb:88:2b:36:db:
99:1e:f1:b5:84:45:51:04:05:43:71:c6:db:6e:1f:
d3:09:0a:49:4f:9e:4d:71:e4:82:fa:55:8f:78:7e:
15:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:58:5C:F6:E4:3F:14:82:8B:7E:D5:B5:E7:45:48:5F:FD:D4:AA:C4
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/o1hc9uQ_FIKLftW150VIX_3UqsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.174.68.0-95.174.70.255
Signature Algorithm: sha256WithRSAEncryption
30:0a:bf:42:85:d7:5c:57:06:17:09:2f:fc:68:84:c7:51:a8:
5b:22:40:8e:80:3e:53:22:b8:0f:e1:b6:8c:a6:48:fa:67:f8:
ab:b1:7e:c0:6e:c6:2a:cd:c2:8c:10:c5:cb:89:9f:1d:a7:fe:
38:11:39:2a:a5:50:c8:ae:6d:48:5a:09:c8:1a:00:9c:56:03:
9c:1a:97:87:db:ab:dd:97:93:99:91:0f:76:90:cd:67:e3:f6:
4f:50:4e:9e:98:ed:b3:ed:e8:63:a1:c4:1f:f5:2d:6d:81:30:
c7:8a:26:4d:1a:62:72:7d:01:fd:ed:ff:d5:60:47:e4:32:0f:
33:08:af:ac:7b:9c:cc:da:2f:34:4f:b7:74:f5:e2:12:9c:e7:
9f:d5:b5:be:b6:3d:5b:71:4a:dd:46:68:00:8d:26:94:01:6d:
8b:73:92:83:e0:6e:1e:da:9e:91:59:c9:db:a0:46:1f:87:2a:
d9:04:a4:4f:aa:24:db:d5:b2:18:45:4d:fa:0e:ce:79:74:2a:
d1:21:0f:c3:df:e2:f9:da:b8:51:34:ac:23:00:ba:6f:97:48:
1a:3f:57:c2:c1:35:de:6d:4f:2d:5e:53:8a:7c:b3:d5:b5:da:
dd:ef:40:b3:09:e5:d0:49:72:4d:d6:0f:19:1d:4c:ca:03:bc:
d3:72:4c:3d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIERL/wVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDYw
MjA2MjUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1ODVjZjZlNDNm
MTQ4MjhiN2VkNWI1ZTc0NTQ4NWZmZGQ0YWFjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8IEmZzIavMW+dV6gzjmlmdJ84Z2rncSi4Z+lxV3RjcoVeJ
y6QEHWkNwj8/p9xovUOrw+L3VRqKEAZdODjIEPCK5H55lv6U2lhCaNrGqJVG7fDj
4Iq28h3TrHVcGBp4vFgPMWGsEMCs2wzjw0k5Km4rC9VAgIkPyXgcd8I2mHWv+qbG
pSDGf3oLVoQf6II9/8FES7O4aMPlicWP53pp+M3uySge/uyVoxicLpGXdWd33CVB
aMxtmqjap0vbvVYO3zcymkOhzNocdfYcJn6EDemrCJVd9fmYVV4sGMuIKzbbmR7x
tYRFUQQFQ3HG224f0wkKSU+eTXHkgvpVj3h+FVcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSjWFz25D8Ugot+1bXnRUhf/dSqxDAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L28xaGM5dVFfRklLTGZ0VzE1MFZJWF8zVXFzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCX65EAwQAX65GMA0GCSqGSIb3
DQEBCwUAA4IBAQAwCr9ChddcVwYXCS/8aITHUahbIkCOgD5TIrgP4baMpkj6Z/ir
sX7AbsYqzcKMEMXLiZ8dp/44ETkqpVDIrm1IWgnIGgCcVgOcGpeH26vdl5OZkQ92
kM1n4/ZPUE6emO2z7ehjocQf9S1tgTDHiiZNGmJyfQH97f/VYEfkMg8zCK+se5zM
2i80T7d09eISnOef1bW+tj1bcUrdRmgAjSaUAW2Lc5KD4G4e2p6RWcnboEYfhyrZ
BKRPqiTb1bIYRU36Ds55dCrRIQ/D3+L52rhRNKwjALpvl0gaP1fCwTXebU8tXlOK
fLPVtdrd70CzCeXQSXJN1g8ZHUzKA7zTckw9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org