Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/6e615f-5fd7-45b6-8acb-76999bf9999f/1/sOKUBu8jgs_c2a7-LD0DNc9uXKw.roa
File: sOKUBu8jgs_c2a7-LD0DNc9uXKw.roa (raw, json)
Hash identifier: zh9QwD5XB2qPF8KJ4I18Zz0wPiiFbUFTny/nnVsfHR0=
Subject key identifier: B0:E2:94:06:EF:23:82:CF:DC:D9:AE:FE:2C:3D:03:35:CF:6E:5C:AC
Certificate issuer: /CN=468c267a6474fcb7cc49cf325d0e9dcc5fe8d20d
Certificate serial: 01857283687C3CA71239B99BF7ABA2260764
Authority key identifier: 46:8C:26:7A:64:74:FC:B7:CC:49:CF:32:5D:0E:9D:CC:5F:E8:D2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RowmemR0_LfMSc8yXQ6dzF_o0g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/6e615f-5fd7-45b6-8acb-76999bf9999f/1/sOKUBu8jgs_c2a7-LD0DNc9uXKw.roa
Signing time: Mon 02 Jan 2023 12:44:52 +0000
ROA not before: Mon 02 Jan 2023 12:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41114
IP address blocks: 109.106.24.0/22 maxlen: 24
77.83.228.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:68:7c:3c:a7:12:39:b9:9b:f7:ab:a2:26:07:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468c267a6474fcb7cc49cf325d0e9dcc5fe8d20d
Validity
Not Before: Jan 2 12:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0e29406ef2382cfdcd9aefe2c3d0335cf6e5cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:1c:a9:2d:9c:ac:85:7f:46:fa:63:85:c8:
da:ee:7e:04:a8:3a:e1:9c:2d:a0:26:90:1f:a9:19:
97:4d:70:e8:53:0b:06:1d:6f:2e:7e:ef:cc:15:35:
6b:39:34:44:6f:5b:a4:d8:b6:f4:d4:9d:68:44:35:
7b:5a:55:cc:8a:a9:62:73:08:a6:10:69:54:cb:d9:
01:ef:45:13:f2:3c:f9:47:b8:4b:06:c3:ac:0a:a2:
08:f3:a4:d4:92:18:3f:d7:21:be:b7:25:b9:08:57:
3f:3c:18:0d:23:30:db:64:88:40:4a:dc:9e:f2:3b:
73:f7:fe:d0:c8:8b:18:3d:b2:65:1d:e2:dd:2d:c1:
ef:5d:44:5e:60:d1:0c:4a:5f:0b:75:b3:8a:99:f8:
89:89:6c:87:14:55:17:55:b7:79:9c:78:df:c1:c4:
4c:9a:c2:bd:fb:6b:51:f2:30:4c:fd:f4:ef:49:ba:
41:02:fb:87:fb:6d:97:80:a4:be:79:cb:3b:ea:27:
f8:1b:c6:4f:5d:55:0e:78:83:07:fa:16:37:f0:e9:
09:aa:29:69:40:fb:e4:e7:4c:44:8e:ee:13:d5:98:
b5:a1:7e:84:69:c4:2e:95:57:67:5e:ae:13:7c:52:
50:a6:df:79:a6:c6:77:1e:23:66:20:57:f2:ce:76:
08:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E2:94:06:EF:23:82:CF:DC:D9:AE:FE:2C:3D:03:35:CF:6E:5C:AC
X509v3 Authority Key Identifier:
keyid:46:8C:26:7A:64:74:FC:B7:CC:49:CF:32:5D:0E:9D:CC:5F:E8:D2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RowmemR0_LfMSc8yXQ6dzF_o0g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/6e615f-5fd7-45b6-8acb-76999bf9999f/1/sOKUBu8jgs_c2a7-LD0DNc9uXKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/6e615f-5fd7-45b6-8acb-76999bf9999f/1/RowmemR0_LfMSc8yXQ6dzF_o0g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.228.0/22
109.106.24.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:28:ed:6a:4e:0b:be:03:62:bc:62:3c:1a:21:8f:61:66:b0:
23:bd:31:c8:8e:cb:fd:d2:e5:5a:2e:26:9f:ea:d2:6c:e1:15:
6d:40:0f:46:ee:e9:19:31:4e:cf:67:34:fa:5a:15:8e:de:03:
b5:00:2b:39:a2:1c:c6:fa:dd:71:e8:d4:74:f6:46:6a:ed:cd:
43:0b:e5:3d:e1:66:c1:56:40:a1:d4:55:6e:6b:a9:ed:2f:8d:
e3:75:69:d3:de:be:f1:d6:80:ed:15:c0:fd:d6:ec:ae:65:8b:
07:8f:91:10:5e:a4:14:cb:08:d1:d0:19:1e:e4:9b:28:48:a4:
3a:86:64:ca:5d:99:85:0f:bf:f4:44:c7:68:23:81:79:61:d7:
1c:77:8b:f9:d5:54:e6:9b:7f:c4:f2:7f:49:f4:c8:9e:e5:95:
dd:1d:92:77:dc:80:b1:45:1c:74:08:fb:3d:35:90:33:e6:a2:
31:40:82:40:8f:b9:54:bc:3c:ce:ce:9b:74:7d:3b:11:1e:07:
7c:79:91:e4:26:56:00:fd:fd:9f:73:45:8e:05:c2:af:fc:b1:
e8:21:b5:66:64:4f:4d:9d:bc:70:86:5b:53:2b:52:ca:ff:2e:
c8:bd:65:c2:bd:09:f7:02:37:c5:f6:5b:c5:f3:79:27:f6:e3:
48:ed:b2:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg2h8PKcSObmb96uiJgdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGMyNjdhNjQ3NGZjYjdjYzQ5Y2YzMjVkMGU5ZGNjNWZl
OGQyMGQwHhcNMjMwMTAyMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUyOTQwNmVmMjM4MmNmZGNkOWFlZmUyYzNkMDMzNWNmNmU1Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0EcqS2crIV/Rvpjhcja7n4EqDrh
nC2gJpAfqRmXTXDoUwsGHW8ufu/MFTVrOTREb1uk2Lb01J1oRDV7WlXMiqlicwim
EGlUy9kB70UT8jz5R7hLBsOsCqII86TUkhg/1yG+tyW5CFc/PBgNIzDbZIhAStye
8jtz9/7QyIsYPbJlHeLdLcHvXUReYNEMSl8LdbOKmfiJiWyHFFUXVbd5nHjfwcRM
msK9+2tR8jBM/fTvSbpBAvuH+22XgKS+ecs76if4G8ZPXVUOeIMH+hY38OkJqilp
QPvk50xEju4T1Zi1oX6EacQulVdnXq4TfFJQpt95psZ3HiNmIFfyznYIUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDilAbvI4LP3Nmu/iw9AzXPblysMB8GA1UdIwQY
MBaAFEaMJnpkdPy3zEnPMl0Oncxf6NINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm93bWVtUjBfTGZNU2M4eVhRNmR6Rl9vMGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82ZTYxNWYtNWZkNy00NWI2LThhY2It
NzY5OTliZjk5OTlmLzEvc09LVUJ1OGpnc19jMmE3LUxEMEROYzl1WEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82ZTYxNWYtNWZkNy00NWI2LThhY2ItNzY5OTliZjk5OTlm
LzEvUm93bWVtUjBfTGZNU2M4eVhRNmR6Rl9vMGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTVPkAwQC
bWoYMA0GCSqGSIb3DQEBCwUAA4IBAQCfKO1qTgu+A2K8YjwaIY9hZrAjvTHIjsv9
0uVaLiaf6tJs4RVtQA9G7ukZMU7PZzT6WhWO3gO1ACs5ohzG+t1x6NR09kZq7c1D
C+U94WbBVkCh1FVua6ntL43jdWnT3r7x1oDtFcD91uyuZYsHj5EQXqQUywjR0Bke
5JsoSKQ6hmTKXZmFD7/0RMdoI4F5Ydccd4v51VTmm3/E8n9J9Mie5ZXdHZJ33ICx
RRx0CPs9NZAz5qIxQIJAj7lUvDzOzpt0fTsRHgd8eZHkJlYA/f2fc0WOBcKv/LHo
IbVmZE9NnbxwhltTK1LK/y7IvWXCvQn3AjfF9lvF83kn9uNI7bLM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:15 2024 by rpki-client on console-fra.rpki-client.org