Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/OdrxIWTD-6vAWOAp87gLiYR7wCs.roa
File: OdrxIWTD-6vAWOAp87gLiYR7wCs.roa (raw, json)
Hash identifier: 66I58w69oSYFLMqxZfMMJlAZgwopS5BpIzMT+siXYoA=
Subject key identifier: 39:DA:F1:21:64:C3:FB:AB:C0:58:E0:29:F3:B8:0B:89:84:7B:C0:2B
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0186E02F41134427473DA13D55CE3E34D0A0
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/OdrxIWTD-6vAWOAp87gLiYR7wCs.roa
Signing time: Tue 14 Mar 2023 12:53:58 +0000
ROA not before: Tue 14 Mar 2023 12:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205473
IP address blocks: 188.72.0.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:2f:41:13:44:27:47:3d:a1:3d:55:ce:3e:34:d0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Mar 14 12:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39daf12164c3fbabc058e029f3b80b89847bc02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:21:90:50:e2:f3:15:ad:2b:d2:84:c3:b2:
9b:df:34:46:5b:25:5c:65:19:b9:98:a2:95:9c:14:
c6:5c:2b:e8:fa:29:44:84:f0:a9:af:de:0e:68:d8:
ec:f1:3d:0c:1d:b2:b1:6b:2d:c2:cd:dd:32:77:16:
32:f0:a6:04:0c:0f:31:85:93:34:8e:cc:2c:71:96:
3b:78:52:92:f5:20:08:99:95:64:5e:0d:bc:39:42:
ac:0e:82:cd:b8:b4:f6:69:ef:cd:4a:52:8b:b7:b5:
f7:8b:26:20:f0:1d:d2:bd:ac:54:0c:da:2a:4f:80:
a8:dd:e2:4d:26:30:62:46:75:ca:bb:3d:ce:9b:47:
e9:25:a1:58:ef:c5:c0:bc:e9:8d:37:7b:e2:34:d5:
0d:4c:e8:f2:2b:47:0c:3b:2c:5c:f8:b0:da:5d:0d:
bf:2f:e4:cd:d7:71:10:96:59:11:1c:0c:d9:37:06:
aa:85:24:cc:22:e6:32:46:d3:82:b8:29:2e:9f:61:
61:b5:9c:81:06:ba:67:ae:3a:c7:04:b8:3f:64:89:
d1:f7:20:b8:a2:70:0d:39:af:d7:8a:ac:f5:63:bd:
01:93:c6:b3:8d:a0:4b:53:84:cd:fa:26:8d:c9:97:
e9:f4:50:03:ac:14:c6:17:79:ac:71:91:5b:cb:2c:
f7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DA:F1:21:64:C3:FB:AB:C0:58:E0:29:F3:B8:0B:89:84:7B:C0:2B
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/OdrxIWTD-6vAWOAp87gLiYR7wCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:f6:80:a6:8d:69:a0:87:9f:7b:49:e1:5b:85:97:2f:6c:ae:
06:c0:53:d4:a2:7f:07:6e:11:7f:c3:ec:49:ff:7f:4d:9a:48:
90:6d:4b:61:e6:8b:7a:f1:7a:2f:59:26:7d:af:2b:fb:2c:93:
3e:45:8e:f8:e3:26:f5:3e:23:20:3f:96:f2:ae:37:98:59:b1:
58:20:72:be:58:f5:3c:16:94:09:a9:42:0a:c0:a4:31:d4:a6:
e5:c9:59:60:7a:ad:c3:1a:2a:eb:f1:4b:95:3e:2c:1d:cb:34:
3b:1b:23:22:b6:71:1c:35:cc:03:9a:a3:13:82:e7:85:9c:f4:
55:87:94:2d:b3:b4:ec:b8:66:c6:b2:73:19:45:17:78:e7:6a:
4b:47:4d:a2:c5:a5:b9:c2:b3:64:52:33:5d:5b:9d:f0:a4:8b:
b8:7a:c2:fa:1c:d4:a5:a3:22:3f:2b:a4:bd:2c:8e:21:a8:fd:
26:0d:cb:34:f1:73:9d:01:7d:0d:bf:dd:81:4d:81:3a:6b:92:
51:ea:ea:2b:81:ba:52:91:8b:f0:91:28:50:cd:53:2e:b4:54:
6b:6b:75:4d:c3:17:b2:f4:3e:f5:41:42:04:6b:38:a3:44:86:
70:ec:d9:3f:4d:74:85:14:88:be:d9:ce:c4:f1:e3:37:a0:70:
a8:8a:c2:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbgL0ETRCdHPaE9Vc4+NNCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMzE0MTI1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRhZjEyMTY0YzNmYmFiYzA1OGUwMjlmM2I4MGI4OTg0N2JjMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22chkFDi8xWtK9KEw7Kb3zRGWyVc
ZRm5mKKVnBTGXCvo+ilEhPCpr94OaNjs8T0MHbKxay3Czd0ydxYy8KYEDA8xhZM0
jswscZY7eFKS9SAImZVkXg28OUKsDoLNuLT2ae/NSlKLt7X3iyYg8B3SvaxUDNoq
T4Co3eJNJjBiRnXKuz3Om0fpJaFY78XAvOmNN3viNNUNTOjyK0cMOyxc+LDaXQ2/
L+TN13EQllkRHAzZNwaqhSTMIuYyRtOCuCkun2FhtZyBBrpnrjrHBLg/ZInR9yC4
onANOa/Xiqz1Y70Bk8azjaBLU4TN+iaNyZfp9FADrBTGF3mscZFbyyz3zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDna8SFkw/urwFjgKfO4C4mEe8ArMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvT2RyeElXVEQtNnZBV09BcDg3Z0xpWVI3d0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvEgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBu9oCmjWmgh597SeFbhZcvbK4GwFPUon8HbhF/w+xJ
/39NmkiQbUth5ot68XovWSZ9ryv7LJM+RY744yb1PiMgP5byrjeYWbFYIHK+WPU8
FpQJqUIKwKQx1KblyVlgeq3DGirr8UuVPiwdyzQ7GyMitnEcNcwDmqMTgueFnPRV
h5Qts7TsuGbGsnMZRRd452pLR02ixaW5wrNkUjNdW53wpIu4esL6HNSloyI/K6S9
LI4hqP0mDcs08XOdAX0Nv92BTYE6a5JR6uorgbpSkYvwkShQzVMutFRra3VNwxey
9D71QUIEazijRIZw7Nk/TXSFFIi+2c7E8eM3oHCoisKs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:34 2023 by rpki-client on console-ams.rpki-client.org