Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Oea0KuTnCrMvmpwqhQKaNcbPkzo.roa
File: Oea0KuTnCrMvmpwqhQKaNcbPkzo.roa (raw, json)
Hash identifier: k75nG2rh+2nZHPHr4XfNm9HbwY9YvVhZJ+QO6r2cgVw=
Subject key identifier: 39:E6:B4:2A:E4:E7:0A:B3:2F:9A:9C:2A:85:02:9A:35:C6:CF:93:3A
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 01857169AB78135F3FF8FE5A32FBB2A46400
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Oea0KuTnCrMvmpwqhQKaNcbPkzo.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211612
IP address blocks: 188.72.9.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ab:78:13:5f:3f:f8:fe:5a:32:fb:b2:a4:64:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e6b42ae4e70ab32f9a9c2a85029a35c6cf933a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:f3:0c:7c:af:33:d7:8c:db:0e:bd:50:da:
43:3c:43:47:94:47:81:e6:d7:8f:a9:7b:4d:d7:d8:
29:e4:fc:81:f3:a6:5c:26:c3:84:d9:d2:ed:60:2b:
c3:db:fa:25:14:27:a2:33:44:54:72:be:da:da:da:
f6:3e:82:c2:68:f6:16:d5:d9:44:02:91:0c:ef:9a:
09:21:e5:93:35:ee:0e:7b:71:95:df:e0:11:af:78:
2f:23:96:c4:16:a7:26:c1:85:fe:24:17:7d:97:c3:
b9:5e:39:43:2f:26:db:83:6b:32:47:a3:91:59:73:
f3:57:57:51:70:30:90:6f:5b:fb:ad:66:19:3a:73:
1d:ee:ac:de:99:5c:36:b5:ec:89:25:99:4c:5a:a3:
1b:25:a2:3a:ce:96:10:ba:8c:e1:d4:7f:1a:97:03:
de:f0:fe:b1:ea:e4:1c:a2:22:aa:08:1f:36:d7:98:
d8:f6:0f:89:a9:8a:a8:d7:10:cc:0c:c9:b8:b6:a3:
aa:24:cb:50:9b:f1:a5:d5:84:67:f3:32:94:13:d1:
0e:e7:e5:59:fa:ef:ad:e0:4c:ed:5c:92:21:78:a0:
27:53:63:db:bc:00:3c:42:ea:6a:93:c6:5e:e1:b9:
de:b8:e4:b1:5c:61:3f:0a:f6:80:e2:6e:dc:ad:6f:
93:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E6:B4:2A:E4:E7:0A:B3:2F:9A:9C:2A:85:02:9A:35:C6:CF:93:3A
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Oea0KuTnCrMvmpwqhQKaNcbPkzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.9.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e9:b9:43:bc:a7:3d:78:e3:a2:b6:79:55:44:04:6d:44:50:
fa:a9:bf:90:7a:e4:0c:21:ce:06:36:5e:fc:4f:af:b4:ca:65:
1e:a6:4c:5f:83:0b:81:eb:a9:8b:7b:18:7f:7e:10:4a:f0:e2:
f8:ca:61:08:7b:37:38:0b:79:97:33:cb:2f:a4:5b:bf:bf:a3:
60:55:4a:ad:25:ba:4b:41:71:95:ea:72:47:f8:3f:f5:73:e5:
22:8c:51:6a:95:53:cf:da:f3:89:4e:13:ed:d2:e1:9b:cc:f8:
72:74:9b:2e:4e:dc:7b:db:93:6a:73:78:d8:fb:2b:22:ef:8c:
a4:c3:19:91:fd:53:51:76:f3:93:be:7e:19:e6:8a:d2:24:f1:
03:fe:44:65:fa:a1:00:34:38:c7:a1:8f:da:47:21:3f:f0:88:
76:45:f7:ab:a5:ff:85:62:82:15:46:e8:1c:57:4a:6f:69:14:
ff:28:bf:43:df:40:2e:f7:63:46:60:ad:52:c3:5f:bc:e3:54:
d6:ee:5b:39:c5:bf:86:97:44:21:e2:53:55:9d:9c:b9:44:5d:
05:c3:ac:1e:e3:cc:0f:be:af:60:9f:84:65:65:2b:e0:9a:50:
4b:54:1d:53:e3:b4:d5:45:28:4b:87:32:5a:22:59:69:60:61:
b5:a4:91:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxaat4E18/+P5aMvuypGQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU2YjQyYWU0ZTcwYWIzMmY5YTljMmE4NTAyOWEzNWM2Y2Y5MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/PzDHyvM9eM2w69UNpDPENHlEeB
5tePqXtN19gp5PyB86ZcJsOE2dLtYCvD2/olFCeiM0RUcr7a2tr2PoLCaPYW1dlE
ApEM75oJIeWTNe4Oe3GV3+ARr3gvI5bEFqcmwYX+JBd9l8O5XjlDLybbg2syR6OR
WXPzV1dRcDCQb1v7rWYZOnMd7qzemVw2teyJJZlMWqMbJaI6zpYQuozh1H8alwPe
8P6x6uQcoiKqCB8215jY9g+JqYqo1xDMDMm4tqOqJMtQm/Gl1YRn8zKUE9EO5+VZ
+u+t4EztXJIheKAnU2PbvAA8Qupqk8Ze4bneuOSxXGE/CvaA4m7crW+TiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnmtCrk5wqzL5qcKoUCmjXGz5M6MB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvT2VhMEt1VG5Dck12bXB3cWhRS2FOY2JQa3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgJMA0G
CSqGSIb3DQEBCwUAA4IBAQBG6blDvKc9eOOitnlVRARtRFD6qb+QeuQMIc4GNl78
T6+0ymUepkxfgwuB66mLexh/fhBK8OL4ymEIezc4C3mXM8svpFu/v6NgVUqtJbpL
QXGV6nJH+D/1c+UijFFqlVPP2vOJThPt0uGbzPhydJsuTtx725Nqc3jY+ysi74yk
wxmR/VNRdvOTvn4Z5orSJPED/kRl+qEANDjHoY/aRyE/8Ih2Rferpf+FYoIVRugc
V0pvaRT/KL9D30Au92NGYK1Sw1+841TW7ls5xb+Gl0Qh4lNVnZy5RF0Fw6we48wP
vq9gn4RlZSvgmlBLVB1T47TVRShLhzJaIllpYGG1pJGW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:34 2023 by rpki-client on console-ams.rpki-client.org