Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/hOzJ8fEz8tUrXR-h63sd_qdyv_I.roa
File: hOzJ8fEz8tUrXR-h63sd_qdyv_I.roa (raw, json)
Hash identifier: 90RwbyeWYHrL6oo0YWCULDqD65ROwAipW+ldAC+ccvQ=
Subject key identifier: 84:EC:C9:F1:F1:33:F2:D5:2B:5D:1F:A1:EB:7B:1D:FE:A7:72:BF:F2
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 029C5760
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/hOzJ8fEz8tUrXR-h63sd_qdyv_I.roa
Signing time: Wed 23 Feb 2022 20:31:06 +0000
ROA not before: Wed 23 Feb 2022 20:31:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 168.220.128.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43800416 (0x29c5760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Feb 23 20:31:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84ecc9f1f133f2d52b5d1fa1eb7b1dfea772bff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bd:0f:f1:6a:aa:56:8d:ba:d7:f7:cc:36:5e:
db:47:ef:e6:e0:38:31:2a:a1:b7:aa:af:32:68:5b:
9c:d2:e0:90:bc:79:d8:13:1e:ae:30:b5:58:55:7f:
e8:71:86:be:a3:f4:03:41:7b:7b:02:97:ee:d8:87:
e9:eb:cf:68:ad:1f:26:f6:a4:26:d6:92:22:a7:65:
93:b9:4d:1f:b2:42:1d:a7:4d:95:1e:c8:94:b7:2f:
bb:ff:07:e7:c2:f9:bb:30:e7:79:b7:23:be:55:a9:
18:5c:f8:b5:49:78:7f:5a:3d:72:ac:ad:5d:af:49:
ce:f7:d3:54:dc:38:06:a0:3a:78:07:f4:71:34:cd:
d9:26:5c:7f:31:e3:d1:cc:82:ce:85:d0:82:f5:db:
3d:fc:6a:ca:00:9f:c7:07:5b:c4:9e:c5:6a:1c:f1:
5e:04:fc:04:4f:3c:e1:74:e0:ba:81:6b:ef:ff:c5:
99:ca:d5:91:ae:10:6b:14:a0:15:9c:0f:94:9f:94:
23:22:aa:b3:6a:4b:ef:57:98:3a:8a:ff:27:70:9c:
3f:a8:71:b1:6a:55:b1:c3:9e:1e:74:8c:1e:df:9f:
88:bf:22:a8:e6:a1:5d:cb:15:9a:2f:ca:06:51:ca:
26:5d:9a:bf:55:6c:fa:c5:2b:3f:92:d2:9b:fb:3a:
ec:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EC:C9:F1:F1:33:F2:D5:2B:5D:1F:A1:EB:7B:1D:FE:A7:72:BF:F2
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/hOzJ8fEz8tUrXR-h63sd_qdyv_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.220.128.0/19
Signature Algorithm: sha256WithRSAEncryption
0f:12:28:a2:56:9e:1b:3c:0f:7e:88:8f:04:87:91:04:98:b5:
ad:7b:d9:fc:86:83:6a:9e:78:77:4e:0a:42:dc:4f:9f:9b:b0:
b8:c9:1f:f6:eb:66:2f:f1:ec:25:67:d8:da:35:77:69:39:9a:
4b:ac:20:cc:60:14:c1:98:02:40:17:7c:50:01:25:e7:ec:19:
e0:93:64:01:ac:b9:6e:8e:f9:07:15:7e:17:ca:d7:73:13:8d:
42:7e:d1:4d:b4:48:f7:7e:91:47:4a:2b:e3:72:61:81:2f:0a:
c2:98:51:51:2d:f3:7b:36:45:b3:f7:6d:c2:1a:9c:9b:28:cb:
d3:f1:5b:42:31:7c:82:c5:1d:fc:03:f9:42:3f:5a:2f:e2:3e:
b4:e4:21:a0:49:17:f6:72:97:a5:8e:e1:5b:a8:cb:12:8b:6f:
97:9c:1c:74:cf:16:3e:00:0d:a4:45:c2:9e:2a:90:9f:91:8c:
3f:ad:48:8e:b6:9f:b7:d0:e5:e6:9a:3a:1a:ad:cc:e5:f2:a1:
e0:43:a9:cb:f9:79:10:70:c4:cf:56:cc:b3:af:60:aa:a4:35:
b8:b1:9f:1b:70:0c:61:39:37:46:4f:15:ab:ac:4f:48:1c:2f:
a6:e6:47:53:28:81:d7:e5:1e:f5:13:39:95:57:1c:10:48:d8:
62:6f:b7:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApxXYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NWM5NjA2NTA5Mzk5OGJhNDJjZmJhMTFiZjBkMTdkM2FjNDAzZDQwMB4XDTIyMDIy
MzIwMzEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRlY2M5ZjFmMTMz
ZjJkNTJiNWQxZmExZWI3YjFkZmVhNzcyYmZmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJC9D/FqqlaNutf3zDZe20fv5uA4MSqht6qvMmhbnNLgkLx5
2BMerjC1WFV/6HGGvqP0A0F7ewKX7tiH6evPaK0fJvakJtaSIqdlk7lNH7JCHadN
lR7IlLcvu/8H58L5uzDnebcjvlWpGFz4tUl4f1o9cqytXa9JzvfTVNw4BqA6eAf0
cTTN2SZcfzHj0cyCzoXQgvXbPfxqygCfxwdbxJ7FahzxXgT8BE884XTguoFr7//F
mcrVka4QaxSgFZwPlJ+UIyKqs2pL71eYOor/J3CcP6hxsWpVscOeHnSMHt+fiL8i
qOahXcsVmi/KBlHKJl2av1Vs+sUrP5LSm/s67AUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSE7Mnx8TPy1StdH6Hrex3+p3K/8jAfBgNVHSMEGDAWgBQ1yWBlCTmYukLP
uhG/DRfTrEA9QDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05jbGdaUWs1bUxwQ3o3b1J2dzBYMDZ4QVBVQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvNjI3NjRiLTlhYTYtNGYxMi1hNzFjLTZiYWMzNDk4NzAxOS8x
L2hPeko4ZkV6OHRVclhSLWg2M3NkX3FkeXZfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
NjI3NjRiLTlhYTYtNGYxMi1hNzFjLTZiYWMzNDk4NzAxOS8xL05jbGdaUWs1bUxw
Q3o3b1J2dzBYMDZ4QVBVQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBajcgDANBgkqhkiG9w0BAQsFAAOC
AQEADxIoolaeGzwPfoiPBIeRBJi1rXvZ/IaDap54d04KQtxPn5uwuMkf9utmL/Hs
JWfY2jV3aTmaS6wgzGAUwZgCQBd8UAEl5+wZ4JNkAay5bo75BxV+F8rXcxONQn7R
TbRI936RR0or43JhgS8KwphRUS3zezZFs/dtwhqcmyjL0/FbQjF8gsUd/AP5Qj9a
L+I+tOQhoEkX9nKXpY7hW6jLEotvl5wcdM8WPgANpEXCniqQn5GMP61Ijraft9Dl
5po6Gq3M5fKh4EOpy/l5EHDEz1bMs69gqqQ1uLGfG3AMYTk3Rk8Vq6xPSBwvpuZH
UyiB1+Ue9RM5lVccEEjYYm+3RA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:41 2023 by rpki-client on console-fra.rpki-client.org