Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/0w32XR_Opwmwc-B3KR6O0GBUfiI.roa
File: 0w32XR_Opwmwc-B3KR6O0GBUfiI.roa (raw, json)
Hash identifier: 5LIZz/YDwPYOJxLtMsIUY3wke2X4ACx/fLgXFAgjoFw=
Subject key identifier: D3:0D:F6:5D:1F:CE:A7:09:B0:73:E0:77:29:1E:8E:D0:60:54:7E:22
Certificate issuer: /CN=b862b85a1d2c51d99069ca3a5aff52ecc6a9aab4
Certificate serial: 018708451A3651F2257228183A5C196CCD3D
Authority key identifier: B8:62:B8:5A:1D:2C:51:D9:90:69:CA:3A:5A:FF:52:EC:C6:A9:AA:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/0w32XR_Opwmwc-B3KR6O0GBUfiI.roa
Signing time: Wed 22 Mar 2023 07:42:39 +0000
ROA not before: Wed 22 Mar 2023 07:42:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29404
IP address blocks: 217.73.144.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:45:1a:36:51:f2:25:72:28:18:3a:5c:19:6c:cd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b862b85a1d2c51d99069ca3a5aff52ecc6a9aab4
Validity
Not Before: Mar 22 07:42:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d30df65d1fcea709b073e077291e8ed060547e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f2:41:a9:67:1e:34:02:81:04:d1:1c:d3:e3:
15:58:3a:5d:53:76:67:72:e5:06:81:89:9d:00:dd:
b9:3d:34:b2:e4:33:91:48:1a:43:a6:09:0d:10:fe:
da:fc:9b:7a:5f:d9:f0:95:ba:d7:5d:29:9a:63:8c:
cf:5a:b2:f1:63:c7:34:1f:41:cd:61:84:61:d9:59:
6b:b4:fe:68:26:68:38:c5:91:b4:0e:f8:ee:00:79:
45:0c:0e:0f:4c:14:97:ff:bf:a0:4c:ac:69:8c:63:
ef:f2:7e:a7:30:80:12:a7:75:52:c8:4e:78:b2:3a:
3b:78:ce:b2:0f:04:09:61:0b:6e:7e:1f:14:cb:a9:
14:12:b4:48:61:e0:2b:74:7a:d2:4c:7e:77:bb:d6:
b4:9a:79:72:44:e0:5d:a7:e0:ab:51:7a:3e:14:e1:
ea:06:61:a8:5b:b1:14:d2:05:7e:60:f0:ab:80:d9:
af:24:f4:85:30:1b:a3:73:7b:df:2f:f5:e5:b9:4c:
ac:c7:91:74:07:f7:95:91:ec:12:25:ca:d9:c2:f4:
22:fa:4b:bc:5e:e5:d7:80:82:33:e2:d6:82:83:3d:
53:59:8a:b3:52:ff:75:a6:3d:ff:5e:a8:1c:50:a1:
fa:85:bb:26:18:6a:de:a4:27:22:8f:84:88:fa:4e:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0D:F6:5D:1F:CE:A7:09:B0:73:E0:77:29:1E:8E:D0:60:54:7E:22
X509v3 Authority Key Identifier:
keyid:B8:62:B8:5A:1D:2C:51:D9:90:69:CA:3A:5A:FF:52:EC:C6:A9:AA:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/0w32XR_Opwmwc-B3KR6O0GBUfiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb220f-1a3a-4cba-82cf-278fd475f3fb/1/uGK4Wh0sUdmQaco6Wv9S7MapqrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.144.0/21
Signature Algorithm: sha256WithRSAEncryption
c9:c3:b7:3e:6a:d4:69:e6:e5:78:db:11:bb:63:a8:d4:17:92:
fc:8d:01:3f:eb:c9:fe:30:d0:45:b1:9f:ca:69:e3:b1:54:6c:
8d:f5:57:13:76:36:99:a8:87:6e:77:e4:54:ed:9c:60:2b:3a:
e6:33:ec:59:20:70:d6:a3:65:60:b3:ae:ab:3d:1e:bd:b9:50:
3a:9d:ff:12:7d:80:03:36:b4:a7:15:6b:b1:ef:a6:4f:2b:53:
ce:eb:0a:cf:d9:52:c9:fb:3a:f9:e1:56:ca:c9:d4:ab:0f:c7:
b2:a6:2a:60:d9:9c:f5:b8:3e:b1:22:ea:bf:79:d3:6b:76:7e:
2f:af:09:c0:0d:99:3a:eb:ed:17:cb:53:0b:4c:28:21:23:a2:
3e:3f:77:82:db:37:de:09:e9:43:d8:2e:35:ef:21:09:9f:4b:
63:11:17:67:2c:1d:f3:e6:83:f9:52:33:be:2a:d4:e7:af:72:
bc:31:00:bd:b2:ec:b2:77:a4:15:91:42:6e:e4:3f:9e:cc:c8:
56:d1:c8:ce:51:25:dc:22:ce:65:58:09:af:64:cd:0e:e4:15:
a8:90:f2:48:a2:a8:91:3e:20:b3:d6:9c:f8:80:d3:d3:23:47:
43:f1:30:16:d1:c8:b1:7d:09:2c:ae:11:11:2b:e3:a5:79:66:
95:f6:c0:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcIRRo2UfIlcigYOlwZbM09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjJiODVhMWQyYzUxZDk5MDY5Y2EzYTVhZmY1MmVjYzZh
OWFhYjQwHhcNMjMwMzIyMDc0MjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzBkZjY1ZDFmY2VhNzA5YjA3M2UwNzcyOTFlOGVkMDYwNTQ3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfJBqWceNAKBBNEc0+MVWDpdU3Zn
cuUGgYmdAN25PTSy5DORSBpDpgkNEP7a/Jt6X9nwlbrXXSmaY4zPWrLxY8c0H0HN
YYRh2VlrtP5oJmg4xZG0DvjuAHlFDA4PTBSX/7+gTKxpjGPv8n6nMIASp3VSyE54
sjo7eM6yDwQJYQtufh8Uy6kUErRIYeArdHrSTH53u9a0mnlyROBdp+CrUXo+FOHq
BmGoW7EU0gV+YPCrgNmvJPSFMBujc3vfL/XluUysx5F0B/eVkewSJcrZwvQi+ku8
XuXXgIIz4taCgz1TWYqzUv91pj3/XqgcUKH6hbsmGGrepCcij4SI+k7CjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMN9l0fzqcJsHPgdykejtBgVH4iMB8GA1UdIwQY
MBaAFLhiuFodLFHZkGnKOlr/UuzGqaq0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdLNFdoMHNVZG1RYWNvNld2OVM3TWFwcXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9jYjIyMGYtMWEzYS00Y2JhLTgyY2Yt
Mjc4ZmQ0NzVmM2ZiLzEvMHczMlhSX09wd213Yy1CM0tSNk8wR0JVZmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9jYjIyMGYtMWEzYS00Y2JhLTgyY2YtMjc4ZmQ0NzVmM2Zi
LzEvdUdLNFdoMHNVZG1RYWNvNld2OVM3TWFwcXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2UmQMA0G
CSqGSIb3DQEBCwUAA4IBAQDJw7c+atRp5uV42xG7Y6jUF5L8jQE/68n+MNBFsZ/K
aeOxVGyN9VcTdjaZqIdud+RU7ZxgKzrmM+xZIHDWo2Vgs66rPR69uVA6nf8SfYAD
NrSnFWux76ZPK1PO6wrP2VLJ+zr54VbKydSrD8eypipg2Zz1uD6xIuq/edNrdn4v
rwnADZk66+0Xy1MLTCghI6I+P3eC2zfeCelD2C417yEJn0tjERdnLB3z5oP5UjO+
KtTnr3K8MQC9suyyd6QVkUJu5D+ezMhW0cjOUSXcIs5lWAmvZM0O5BWokPJIoqiR
PiCz1pz4gNPTI0dD8TAW0cixfQksrhERK+OleWaV9sB1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:20 2024 by rpki-client on console-fra.rpki-client.org