Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/oMoTFe8vd_tXxtImkNqKCFeehsI.roa
File: oMoTFe8vd_tXxtImkNqKCFeehsI.roa (raw, json)
Hash identifier: fYt1EmhdoTKjTUHeVJuDSbojZ0IyVHGAmGiUAJI424U=
Subject key identifier: A0:CA:13:15:EF:2F:77:FB:57:C6:D2:26:90:DA:8A:08:57:9E:86:C2
Certificate issuer: /CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Certificate serial: 8A70FA
Authority key identifier: D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/oMoTFe8vd_tXxtImkNqKCFeehsI.roa
Signing time: Wed 18 May 2022 12:16:17 +0000
ROA not before: Wed 18 May 2022 12:16:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39611
IP address blocks: 185.49.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9072890 (0x8a70fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Validity
Not Before: May 18 12:16:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0ca1315ef2f77fb57c6d22690da8a08579e86c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9b:dc:a6:9c:c1:db:98:83:ba:c1:a9:18:e9:
ce:03:cd:1b:a0:07:0e:7a:b9:8b:8e:b2:c1:10:ca:
38:8d:80:71:e5:93:cc:cd:eb:01:bc:3d:f2:a4:e0:
3e:45:aa:5c:c4:5c:c2:ac:b5:04:fa:bd:3a:d2:cd:
79:8e:7c:e6:35:6e:93:f5:a1:b3:7c:8e:58:dc:5f:
2f:0b:9b:69:e8:14:c6:e0:7a:10:49:ae:ca:f2:9a:
f3:6a:75:ad:75:4a:c2:7d:5f:34:3a:f8:06:cb:03:
68:6e:e8:02:2b:0e:82:09:48:b1:04:b7:26:fd:05:
ae:46:45:a9:8d:47:0b:b4:f2:83:fb:2c:3f:89:29:
16:d8:5b:40:fe:89:0d:c0:f0:65:eb:83:97:c5:a3:
81:48:da:12:e4:dc:ae:df:f1:9f:1a:6a:92:4f:91:
53:56:03:5b:79:b9:a9:15:67:5a:5d:06:1a:1d:3c:
c1:e6:8a:b7:b0:74:30:72:2c:9d:3b:fa:a0:04:31:
c3:58:18:d9:a1:50:93:1d:90:30:62:d5:d9:b0:0f:
d1:02:95:b4:a3:91:25:05:57:48:91:f7:91:02:64:
2a:0c:e2:ae:e7:61:fc:25:db:96:c8:a4:6f:63:bc:
48:e3:66:a9:43:07:d3:12:49:c6:c4:bb:63:1c:59:
09:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CA:13:15:EF:2F:77:FB:57:C6:D2:26:90:DA:8A:08:57:9E:86:C2
X509v3 Authority Key Identifier:
keyid:D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/oMoTFe8vd_tXxtImkNqKCFeehsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/0OMaFJwuaumsxynPesFwbePec5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.27.0/24
Signature Algorithm: sha256WithRSAEncryption
88:85:9f:2d:eb:e7:63:be:71:5c:23:69:53:29:cd:4f:16:31:
15:5e:a1:1f:0b:2e:c3:93:f9:10:9a:12:c9:37:f4:1e:c9:99:
12:7f:41:ca:fd:7a:22:1a:e2:83:e2:64:fc:d7:57:d7:c8:0f:
6a:c3:d0:d2:41:d5:41:3d:24:fc:b8:53:2e:87:c7:32:de:0a:
70:0c:eb:bf:d4:61:7f:89:f6:1f:22:e0:0e:16:06:c2:ee:bc:
0b:86:d4:2f:bf:3d:73:e8:86:cf:b4:28:58:a6:b9:8f:b9:e4:
d4:b4:a7:67:dc:d1:26:6a:34:25:a1:1d:9d:8b:c7:94:29:9d:
68:7e:77:df:3c:2b:2b:11:c4:c5:70:e1:a5:02:d6:e8:7d:b0:
db:b5:2f:1e:f1:0f:69:11:07:bb:52:c8:4d:d5:60:45:dc:d5:
ae:d5:48:5e:98:01:17:d9:ba:20:c7:f5:67:70:37:59:02:d7:
0f:41:1e:c5:5a:1b:ed:8b:98:d9:cd:01:e5:94:6c:82:a7:63:
b7:d2:36:33:f1:ef:e7:bf:ec:b5:ff:60:ef:bf:fc:74:f2:57:
74:8e:76:5b:19:a4:e3:44:05:ff:80:b6:b0:48:30:f7:81:b5:
0d:de:6b:f5:10:64:08:15:ab:e4:ce:b5:ce:3e:37:98:9c:ac:
60:73:38:08
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIpw+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGUzMWExNDljMmU2YWU5YWNjNzI5Y2Y3YWMxNzA2ZGUzZGU3MzliMB4XDTIyMDUx
ODEyMTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBjYTEzMTVlZjJm
NzdmYjU3YzZkMjI2OTBkYThhMDg1NzllODZjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWb3KacwduYg7rBqRjpzgPNG6AHDnq5i46ywRDKOI2AceWT
zM3rAbw98qTgPkWqXMRcwqy1BPq9OtLNeY585jVuk/Whs3yOWNxfLwubaegUxuB6
EEmuyvKa82p1rXVKwn1fNDr4BssDaG7oAisOgglIsQS3Jv0FrkZFqY1HC7Tyg/ss
P4kpFthbQP6JDcDwZeuDl8WjgUjaEuTcrt/xnxpqkk+RU1YDW3m5qRVnWl0GGh08
weaKt7B0MHIsnTv6oAQxw1gY2aFQkx2QMGLV2bAP0QKVtKORJQVXSJH3kQJkKgzi
rudh/CXblsikb2O8SONmqUMH0xJJxsS7YxxZCXkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgyhMV7y93+1fG0iaQ2ooIV56GwjAfBgNVHSMEGDAWgBTQ4xoUnC5q6azH
Kc96wXBt495zmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBPTWFGSnd1YXVtc3h5blBlc0Z3YmVQZWM1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvZDQ2ZTJiLWRlNGQtNGI2Zi04ZGQ3LTY5NjI5YzUwMTk0My8x
L29Nb1RGZTh2ZF90WHh0SW1rTnFLQ0ZlZWhzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
ZDQ2ZTJiLWRlNGQtNGI2Zi04ZGQ3LTY5NjI5YzUwMTk0My8xLzBPTWFGSnd1YXVt
c3h5blBlc0Z3YmVQZWM1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkxGzANBgkqhkiG9w0BAQsFAAOC
AQEAiIWfLevnY75xXCNpUynNTxYxFV6hHwsuw5P5EJoSyTf0HsmZEn9Byv16Ihri
g+Jk/NdX18gPasPQ0kHVQT0k/LhTLofHMt4KcAzrv9Rhf4n2HyLgDhYGwu68C4bU
L789c+iGz7QoWKa5j7nk1LSnZ9zRJmo0JaEdnYvHlCmdaH533zwrKxHExXDhpQLW
6H2w27UvHvEPaREHu1LITdVgRdzVrtVIXpgBF9m6IMf1Z3A3WQLXD0EexVob7YuY
2c0B5ZRsgqdjt9I2M/Hv57/stf9g77/8dPJXdI52Wxmk40QF/4C2sEgw94G1Dd5r
9RBkCBWr5M61zj43mJysYHM4CA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:46 2024 by rpki-client on console-ams.rpki-client.org