Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Oj_vXWwwnQJyWeL-JNcnj4MjlpE.roa
File: Oj_vXWwwnQJyWeL-JNcnj4MjlpE.roa (raw, json)
Hash identifier: bAbi2GNwWM82DgKfsYSBpkFSnk4e1PDV5YOrTPk5awk=
Subject key identifier: 3A:3F:EF:5D:6C:30:9D:02:72:59:E2:FE:24:D7:27:8F:83:23:96:91
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018CC8DE2F4831C5F5771B049AAF9D766A80
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Oj_vXWwwnQJyWeL-JNcnj4MjlpE.roa
Signing time: Tue 02 Jan 2024 06:30:53 +0000
ROA not before: Tue 02 Jan 2024 06:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35278
IP address blocks: 45.91.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:2f:48:31:c5:f5:77:1b:04:9a:af:9d:76:6a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 06:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a3fef5d6c309d027259e2fe24d7278f83239691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3a:ea:c9:e8:1b:27:29:8c:6c:53:5d:e5:73:
e2:2d:1b:a2:12:ad:14:78:7b:c5:fd:4a:0e:d9:82:
2c:64:8b:9a:98:cc:1f:09:b8:c1:0c:6e:c3:73:80:
17:79:6f:a8:b7:af:fd:fc:8e:60:41:f8:5d:a0:61:
57:99:6e:3b:35:20:bc:e4:b5:20:68:7d:0d:a3:ac:
db:2d:5e:02:89:50:c5:80:54:8a:e7:15:98:29:9a:
56:76:d4:b9:4a:24:f7:86:b4:8b:a2:2a:83:f1:c0:
17:97:ca:99:3c:9a:5c:62:6e:49:ab:7f:ee:5d:ce:
d3:18:8e:64:94:a5:3b:e8:8a:16:65:51:9d:bf:40:
90:64:59:6b:77:65:55:ca:8d:1f:68:85:e8:df:f2:
f5:48:ed:f8:e4:a7:43:b2:75:ad:61:f2:ed:b9:9f:
ea:06:cb:34:9e:00:46:bf:63:b5:bc:98:63:4a:91:
6b:ba:f7:ba:b9:74:97:ed:72:27:3e:e5:d6:22:3a:
ad:b4:a8:e3:4a:be:f5:9f:dd:60:f0:70:cb:ef:96:
1c:93:91:09:42:c0:d0:5d:ad:7a:37:de:46:0f:97:
43:a6:98:4b:24:05:97:42:5b:7b:83:a9:d7:54:dc:
8b:56:b6:e9:ff:89:65:df:85:af:f5:79:6a:ad:75:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3F:EF:5D:6C:30:9D:02:72:59:E2:FE:24:D7:27:8F:83:23:96:91
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/Oj_vXWwwnQJyWeL-JNcnj4MjlpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.8.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:de:09:15:4b:90:a0:01:95:2b:21:ae:39:80:e0:68:3d:db:
5a:92:3a:91:ba:ac:57:b1:9b:83:80:de:5d:a9:e5:5c:d2:47:
da:62:1f:7f:37:93:d9:b8:12:d6:41:8a:47:f3:d1:ae:d9:ea:
42:24:18:66:8c:1a:f7:f0:1c:7f:83:c7:ec:5e:ea:e9:13:12:
d1:d1:dc:ac:9c:6f:d9:16:42:ab:42:ae:1e:c9:3c:f4:b3:4e:
38:c4:22:19:b6:93:85:0d:b7:7b:35:79:0d:a4:49:3e:f5:46:
6b:b0:00:fc:21:74:cc:43:d9:5c:52:41:57:f1:ef:15:f7:6a:
c2:87:4d:5e:f2:63:a3:74:f7:74:75:2f:8c:58:9c:6e:00:79:
8b:be:e0:08:a6:a9:fc:55:40:13:85:e7:6f:e3:e6:9d:c0:5f:
91:5f:fe:84:21:dc:de:88:82:b6:aa:4e:71:2f:1f:40:4d:bd:
e7:a4:2b:0c:ed:2e:bf:48:9c:20:0e:fc:a3:4a:f2:e3:a3:a0:
7c:f9:50:be:0d:1a:26:21:b9:20:42:b3:ed:53:10:0a:fd:cd:
c7:3d:c7:6b:91:da:76:d7:bf:88:fc:1c:c9:ea:f4:27:34:32:
35:65:84:a2:c5:39:63:f9:26:e5:9d:db:d1:b2:95:35:98:bc:
d2:aa:88:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3i9IMcX1dxsEmq+ddmqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTAyMDYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTNmZWY1ZDZjMzA5ZDAyNzI1OWUyZmUyNGQ3Mjc4ZjgzMjM5NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTrqyegbJymMbFNd5XPiLRuiEq0U
eHvF/UoO2YIsZIuamMwfCbjBDG7Dc4AXeW+ot6/9/I5gQfhdoGFXmW47NSC85LUg
aH0No6zbLV4CiVDFgFSK5xWYKZpWdtS5SiT3hrSLoiqD8cAXl8qZPJpcYm5Jq3/u
Xc7TGI5klKU76IoWZVGdv0CQZFlrd2VVyo0faIXo3/L1SO345KdDsnWtYfLtuZ/q
Bss0ngBGv2O1vJhjSpFruve6uXSX7XInPuXWIjqttKjjSr71n91g8HDL75Yck5EJ
QsDQXa16N95GD5dDpphLJAWXQlt7g6nXVNyLVrbp/4ll34Wv9XlqrXWVZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDo/711sMJ0Cclni/iTXJ4+DI5aRMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvT2pfdlhXd3duUUp5V2VMLUpOY25qNE1qbHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVsIMA0G
CSqGSIb3DQEBCwUAA4IBAQCn3gkVS5CgAZUrIa45gOBoPdtakjqRuqxXsZuDgN5d
qeVc0kfaYh9/N5PZuBLWQYpH89Gu2epCJBhmjBr38Bx/g8fsXurpExLR0dysnG/Z
FkKrQq4eyTz0s044xCIZtpOFDbd7NXkNpEk+9UZrsAD8IXTMQ9lcUkFX8e8V92rC
h01e8mOjdPd0dS+MWJxuAHmLvuAIpqn8VUAThedv4+adwF+RX/6EIdzeiIK2qk5x
Lx9ATb3npCsM7S6/SJwgDvyjSvLjo6B8+VC+DRomIbkgQrPtUxAK/c3HPcdrkdp2
17+I/BzJ6vQnNDI1ZYSixTlj+SblndvRspU1mLzSqojk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org