Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/OcHRp2fdhYeneX21QCMe1gfuIuU.roa
File: OcHRp2fdhYeneX21QCMe1gfuIuU.roa (raw, json)
Hash identifier: 8FpJh7+dvHvztT65iMFXjJX4h975lhS1kfx9cl5AShM=
Subject key identifier: 39:C1:D1:A7:67:DD:85:87:A7:79:7D:B5:40:23:1E:D6:07:EE:22:E5
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 01848503692300E63DC44BF9DF4535A7A81A
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/OcHRp2fdhYeneX21QCMe1gfuIuU.roa
Signing time: Thu 17 Nov 2022 09:55:03 +0000
ROA not before: Thu 17 Nov 2022 09:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29470
IP address blocks: 87.245.192.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:03:69:23:00:e6:3d:c4:4b:f9:df:45:35:a7:a8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 17 09:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39c1d1a767dd8587a7797db540231ed607ee22e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ce:7c:ec:01:82:e0:ee:40:ff:ac:4f:5e:23:
4a:8f:a7:5f:c4:dd:cb:a9:e0:50:5b:d2:99:13:3a:
bd:9b:bd:15:65:6e:6d:64:97:fb:03:f2:62:0d:06:
d8:97:58:7b:1f:03:05:04:57:f0:ca:8a:20:32:7d:
66:c2:9d:1b:9e:1c:44:7a:00:da:69:9c:2d:31:2f:
56:65:b4:b8:49:1a:5c:f9:81:d3:70:5f:bf:33:89:
fa:8c:70:9a:63:34:c7:27:62:50:6f:8d:7c:33:fd:
48:f7:46:e7:fa:4d:1e:11:11:db:38:70:c3:09:1b:
02:00:c6:0a:63:ab:a4:ad:d3:1f:ac:6e:2e:84:b7:
62:26:88:4a:21:b9:39:72:7d:7b:75:9d:20:4f:68:
24:1f:cf:6c:10:f4:35:a4:27:ca:3c:2b:b8:49:18:
00:b0:72:9e:10:79:05:47:5a:92:50:92:73:d9:ac:
f1:04:9b:e2:5a:54:7d:3a:39:51:8f:2c:61:05:5d:
ac:73:2d:e0:ec:01:49:d2:b1:1c:e4:41:71:35:0b:
41:c9:ad:a9:2e:13:03:c9:7b:bd:16:70:5a:58:44:
d5:ff:d2:ac:fc:15:e6:71:23:bb:95:9c:d1:31:fc:
19:ff:07:a8:22:71:06:b4:8b:28:50:4c:12:ae:b9:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C1:D1:A7:67:DD:85:87:A7:79:7D:B5:40:23:1E:D6:07:EE:22:E5
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/OcHRp2fdhYeneX21QCMe1gfuIuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:e9:12:68:35:bf:d7:11:c5:2c:2e:44:a6:5d:ee:cb:32:09:
d1:f7:d9:1d:09:05:0b:31:c8:f6:f6:c0:12:2a:c9:5e:5a:c1:
54:8c:21:a9:d1:fe:16:34:77:f7:c9:ba:48:57:f6:51:a2:52:
b9:8c:ec:42:0a:4c:79:ed:6d:57:9c:2c:a4:13:59:ed:c1:96:
b9:85:53:9d:72:3a:a5:b1:31:c4:62:58:b0:4d:44:a8:54:6c:
c6:72:37:30:ba:73:4c:99:e8:95:b0:13:63:7f:6a:7a:2d:89:
b2:64:93:b0:04:e5:67:d1:58:ed:97:d8:f8:d8:a8:4e:b6:42:
24:7b:12:74:27:ca:7e:37:c0:06:2d:a3:0d:1d:14:29:ea:0d:
c2:7a:c7:55:03:c1:01:80:61:33:3a:86:2b:54:18:cf:1d:79:
70:71:ee:f0:0a:3a:9b:fe:90:2a:5d:75:05:c5:8d:af:a2:d2:
dc:32:af:e5:e0:81:77:02:98:09:31:3a:71:b6:35:d1:ce:55:
ed:58:5b:a1:bf:ed:b1:80:09:e9:8b:71:34:a4:75:3b:ec:f8:
d6:90:3d:e6:d5:0f:45:77:7b:a5:ad:0e:85:f1:b3:e3:b5:2a:
6f:28:55:2c:fa:c4:c6:18:e4:c4:67:c6:d3:34:83:26:fd:54:
61:4e:72:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSFA2kjAOY9xEv530U1p6gaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTE3MDk1NTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWMxZDFhNzY3ZGQ4NTg3YTc3OTdkYjU0MDIzMWVkNjA3ZWUyMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM587AGC4O5A/6xPXiNKj6dfxN3L
qeBQW9KZEzq9m70VZW5tZJf7A/JiDQbYl1h7HwMFBFfwyoogMn1mwp0bnhxEegDa
aZwtMS9WZbS4SRpc+YHTcF+/M4n6jHCaYzTHJ2JQb418M/1I90bn+k0eERHbOHDD
CRsCAMYKY6ukrdMfrG4uhLdiJohKIbk5cn17dZ0gT2gkH89sEPQ1pCfKPCu4SRgA
sHKeEHkFR1qSUJJz2azxBJviWlR9OjlRjyxhBV2scy3g7AFJ0rEc5EFxNQtBya2p
LhMDyXu9FnBaWETV/9Ks/BXmcSO7lZzRMfwZ/weoInEGtIsoUEwSrrlmZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnB0adn3YWHp3l9tUAjHtYH7iLlMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvT2NIUnAyZmRoWWVuZVgyMVFDTWUxZ2Z1SXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEV/XAMA0G
CSqGSIb3DQEBCwUAA4IBAQAf6RJoNb/XEcUsLkSmXe7LMgnR99kdCQULMcj29sAS
KsleWsFUjCGp0f4WNHf3ybpIV/ZRolK5jOxCCkx57W1XnCykE1ntwZa5hVOdcjql
sTHEYliwTUSoVGzGcjcwunNMmeiVsBNjf2p6LYmyZJOwBOVn0Vjtl9j42KhOtkIk
exJ0J8p+N8AGLaMNHRQp6g3CesdVA8EBgGEzOoYrVBjPHXlwce7wCjqb/pAqXXUF
xY2votLcMq/l4IF3ApgJMTpxtjXRzlXtWFuhv+2xgAnpi3E0pHU77PjWkD3m1Q9F
d3ulrQ6F8bPjtSpvKFUs+sTGGOTEZ8bTNIMm/VRhTnJh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org