Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/OOcwnHgYnQRQ0X8jqtq7oO66Klc.roa
File: OOcwnHgYnQRQ0X8jqtq7oO66Klc.roa (raw, json)
Hash identifier: GUx0Qe83LR9tvxOdfMw77tjdqVQXMqL7kVecP+Z5n9s=
Subject key identifier: 38:E7:30:9C:78:18:9D:04:50:D1:7F:23:AA:DA:BB:A0:EE:BA:2A:57
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 018CC5DC24265E48E67E9369FFD185362D51
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/OOcwnHgYnQRQ0X8jqtq7oO66Klc.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141193
IP address blocks: 2001:b18:1015::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:24:26:5e:48:e6:7e:93:69:ff:d1:85:36:2d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e7309c78189d0450d17f23aadabba0eeba2a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:ca:df:3f:9a:37:51:65:2c:29:8c:44:68:
12:f5:9c:a0:fc:ab:66:ab:3a:98:3a:ec:a7:84:0d:
b4:83:f6:38:9f:eb:fa:1a:03:55:a7:87:7b:82:f6:
d6:ad:04:86:a1:3d:69:ee:ac:f6:e0:7b:59:5d:36:
2c:78:b7:9f:9a:28:1b:28:9d:7b:34:a4:13:24:26:
9a:dd:e4:8f:e0:2f:aa:82:a1:4d:df:75:d3:10:65:
93:5e:60:17:3f:d9:19:38:f2:d8:0c:68:1d:9a:02:
84:af:c3:b8:ce:2c:61:7f:48:f7:a3:28:eb:33:04:
2a:b9:1d:42:72:48:bc:b8:c7:fb:d8:36:24:fa:68:
28:16:51:d6:7f:1c:0b:4e:d1:99:a1:2a:25:da:f3:
02:dd:6c:ba:b2:a8:b2:59:a5:4e:57:8e:08:e7:97:
41:32:35:fa:4f:47:c9:36:1d:6a:1a:51:52:ac:e7:
59:3c:5e:cc:a4:77:de:07:23:c7:a6:12:fc:b4:18:
c7:1e:fa:38:b2:09:68:08:4e:e3:f3:ac:14:63:9f:
ec:76:9f:9d:e7:91:4a:b6:e5:8c:d1:bf:57:37:cf:
ac:9f:89:41:93:1d:6c:ed:e3:a2:be:fd:5a:47:a6:
35:09:6e:d6:ba:70:76:09:1a:b4:c9:7f:b6:2f:76:
51:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E7:30:9C:78:18:9D:04:50:D1:7F:23:AA:DA:BB:A0:EE:BA:2A:57
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/OOcwnHgYnQRQ0X8jqtq7oO66Klc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18:1015::/48
Signature Algorithm: sha256WithRSAEncryption
46:ab:3a:ae:0d:de:ea:10:fe:d0:b8:68:ef:98:d8:37:3a:92:
47:dd:e9:11:1b:e5:58:60:ea:4d:5c:c6:88:9f:9a:b7:5b:9d:
75:d1:b8:88:cc:03:d7:0e:44:6e:af:53:a9:c4:3c:eb:63:e8:
6d:79:aa:b3:60:cd:ab:5a:30:d1:51:dc:0c:6a:71:e9:86:43:
b3:57:e3:dc:78:ff:3d:e6:66:e7:23:d5:69:0f:1c:ce:46:83:
c0:e1:76:57:b0:cb:3b:6f:21:68:94:ec:b8:7c:93:41:94:31:
dd:33:05:f6:01:35:5c:4d:b7:8d:db:42:d3:c5:29:5b:e5:e7:
ea:f9:2d:f0:6c:5a:b8:2f:ee:f3:b3:51:e7:ed:ad:5e:28:ef:
0d:a1:8f:08:b6:d1:c3:5d:54:cc:68:2c:5a:b6:e5:38:ea:5b:
d3:c6:7c:bc:28:a1:da:5f:cd:b6:50:69:26:33:97:f8:b6:bc:
b6:ca:cf:a0:5c:d1:6b:7b:2c:a0:39:53:45:3b:be:f1:3e:7e:
bd:ba:9a:60:9f:47:44:a5:9c:52:49:d9:a7:0c:7a:44:ff:b4:
78:75:8a:49:62:04:6e:01:e0:8a:95:42:8b:05:d5:73:f1:a8:
67:06:89:f4:5b:af:89:19:a8:af:5a:b3:3a:2f:b7:8b:fa:34:
ee:30:4e:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3CQmXkjmfpNp/9GFNi1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU3MzA5Yzc4MTg5ZDA0NTBkMTdmMjNhYWRhYmJhMGVlYmEyYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSDK3z+aN1FlLCmMRGgS9Zyg/Ktm
qzqYOuynhA20g/Y4n+v6GgNVp4d7gvbWrQSGoT1p7qz24HtZXTYseLefmigbKJ17
NKQTJCaa3eSP4C+qgqFN33XTEGWTXmAXP9kZOPLYDGgdmgKEr8O4zixhf0j3oyjr
MwQquR1Ccki8uMf72DYk+mgoFlHWfxwLTtGZoSol2vMC3Wy6sqiyWaVOV44I55dB
MjX6T0fJNh1qGlFSrOdZPF7MpHfeByPHphL8tBjHHvo4sgloCE7j86wUY5/sdp+d
55FKtuWM0b9XN8+sn4lBkx1s7eOivv1aR6Y1CW7WunB2CRq0yX+2L3ZRnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDjnMJx4GJ0EUNF/I6rau6DuuipXMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvT09jd25IZ1luUVJRMFg4anF0cTdvTzY2S2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAELGBAV
MA0GCSqGSIb3DQEBCwUAA4IBAQBGqzquDd7qEP7QuGjvmNg3OpJH3ekRG+VYYOpN
XMaIn5q3W5110biIzAPXDkRur1OpxDzrY+hteaqzYM2rWjDRUdwManHphkOzV+Pc
eP895mbnI9VpDxzORoPA4XZXsMs7byFolOy4fJNBlDHdMwX2ATVcTbeN20LTxSlb
5efq+S3wbFq4L+7zs1Hn7a1eKO8NoY8IttHDXVTMaCxatuU46lvTxny8KKHaX822
UGkmM5f4try2ys+gXNFreyygOVNFO77xPn69uppgn0dEpZxSSdmnDHpE/7R4dYpJ
YgRuAeCKlUKLBdVz8ahnBon0W6+JGaivWrM6L7eL+jTuME4h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org