Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/oMHC4YjtPmuer7ATzWCcQRlsNeI.roa
File: oMHC4YjtPmuer7ATzWCcQRlsNeI.roa (raw, json)
Hash identifier: VY1kNud+7Kbj4btYYwzLE1HmPbPT1K/HpCvyNgsMMQU=
Subject key identifier: A0:C1:C2:E1:88:ED:3E:6B:9E:AF:B0:13:CD:60:9C:41:19:6C:35:E2
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 0185078BAFBC102480F7DFC4E6037B4A3451
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/oMHC4YjtPmuer7ATzWCcQRlsNeI.roa
Signing time: Mon 12 Dec 2022 18:14:33 +0000
ROA not before: Mon 12 Dec 2022 18:14:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 178.130.136.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:8b:af:bc:10:24:80:f7:df:c4:e6:03:7b:4a:34:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Dec 12 18:14:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0c1c2e188ed3e6b9eafb013cd609c41196c35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:6e:ff:d2:6b:d9:98:3c:7b:1e:6c:56:1d:
66:b6:3d:7c:2e:a4:19:79:d9:c5:61:84:77:0d:56:
c2:1c:6a:65:c6:6a:56:22:a3:32:b9:c5:4c:41:85:
77:bb:f8:7b:cf:81:df:04:39:b7:a6:df:65:2a:0d:
95:6a:bd:0d:36:51:d3:bf:78:e1:79:da:28:2e:fa:
ca:a3:51:5d:32:c4:f7:7c:3f:9e:79:30:0c:61:63:
c7:85:14:84:92:c2:9d:cf:51:d8:42:28:90:ea:5e:
3c:36:05:90:8d:ee:e8:11:da:49:7b:2f:9a:28:60:
c6:ab:d2:24:57:3c:df:3a:f6:67:0d:01:fc:70:15:
9d:3e:52:d3:6e:6d:1b:2b:dd:20:5f:d5:68:c7:ed:
8f:4f:82:91:ff:0a:8a:08:9c:c2:da:38:39:d8:db:
ad:3b:32:58:1c:48:9d:93:62:8b:db:17:eb:92:49:
4b:06:0e:58:8e:ba:dd:f5:2b:84:28:d3:22:ae:ee:
b4:95:13:20:86:02:02:c8:10:88:99:5a:58:84:00:
23:df:ac:29:71:c1:10:28:67:a5:8d:8b:1e:59:d0:
75:88:43:21:0a:4b:40:22:93:6c:41:b7:99:94:9b:
40:6c:8f:03:9f:42:4b:04:b2:2c:09:db:c3:9d:ca:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C1:C2:E1:88:ED:3E:6B:9E:AF:B0:13:CD:60:9C:41:19:6C:35:E2
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/oMHC4YjtPmuer7ATzWCcQRlsNeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.136.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:08:5f:a2:23:7b:e8:e1:b0:be:d7:59:3d:2f:d9:0d:fc:76:
33:69:a4:b3:22:bd:e1:0b:ae:08:9e:a5:31:51:82:74:6f:76:
5a:a9:c1:3d:05:5b:91:80:bc:d0:19:f4:0c:37:8b:7b:99:2d:
67:2c:9e:73:b2:5e:b4:29:87:5d:77:cf:bd:a3:57:a5:9d:70:
cf:e3:62:c5:0d:a2:2d:58:85:5e:33:64:c8:ba:ff:22:31:7b:
21:d5:e7:6e:33:1c:76:da:ae:24:e8:e5:bb:55:50:ac:05:69:
71:91:e2:8c:6c:1d:ad:40:57:1a:cf:db:49:b5:53:c0:4a:86:
0e:5d:50:85:e8:27:3b:6b:2c:1d:b6:db:8a:47:3c:0b:a8:9c:
a6:c0:24:8c:f1:cd:f1:c5:7a:2b:d3:43:74:fa:9d:68:63:19:
fc:42:ba:bb:d2:ff:e6:b5:fa:a9:d9:ef:4a:26:92:62:c2:a7:
fa:85:05:1a:f7:be:df:37:d3:74:42:2c:76:fd:56:8f:c2:04:
6c:f5:ef:58:5d:0c:3b:09:ea:c9:92:62:3b:00:29:cc:ee:19:
0d:4b:85:45:30:91:76:c3:2f:52:02:df:1d:e9:5b:1d:46:f1:
81:68:d8:8d:ef:67:1a:db:45:b7:b7:da:59:89:35:c1:1b:97:
d2:54:5e:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUHi6+8ECSA99/E5gN7SjRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjIxMjEyMTgxNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGMxYzJlMTg4ZWQzZTZiOWVhZmIwMTNjZDYwOWM0MTE5NmMzNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxNu/9Jr2Zg8ex5sVh1mtj18LqQZ
ednFYYR3DVbCHGplxmpWIqMyucVMQYV3u/h7z4HfBDm3pt9lKg2Var0NNlHTv3jh
edooLvrKo1FdMsT3fD+eeTAMYWPHhRSEksKdz1HYQiiQ6l48NgWQje7oEdpJey+a
KGDGq9IkVzzfOvZnDQH8cBWdPlLTbm0bK90gX9Vox+2PT4KR/wqKCJzC2jg52Nut
OzJYHEidk2KL2xfrkklLBg5Yjrrd9SuEKNMiru60lRMghgICyBCImVpYhAAj36wp
ccEQKGeljYseWdB1iEMhCktAIpNsQbeZlJtAbI8Dn0JLBLIsCdvDncrr8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDBwuGI7T5rnq+wE81gnEEZbDXiMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvb01IQzRZanRQbXVlcjdBVHpXQ2NRUmxzTmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsoKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCbCF+iI3vo4bC+11k9L9kN/HYzaaSzIr3hC64InqUx
UYJ0b3ZaqcE9BVuRgLzQGfQMN4t7mS1nLJ5zsl60KYddd8+9o1elnXDP42LFDaIt
WIVeM2TIuv8iMXsh1eduMxx22q4k6OW7VVCsBWlxkeKMbB2tQFcaz9tJtVPASoYO
XVCF6Cc7aywdttuKRzwLqJymwCSM8c3xxXor00N0+p1oYxn8Qrq70v/mtfqp2e9K
JpJiwqf6hQUa977fN9N0Qix2/VaPwgRs9e9YXQw7CerJkmI7ACnM7hkNS4VFMJF2
wy9SAt8d6VsdRvGBaNiN72ca20W3t9pZiTXBG5fSVF4E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org