Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/owgi_FraKxZAAP2uMivhykU0yK0.roa
File: owgi_FraKxZAAP2uMivhykU0yK0.roa (raw, json)
Hash identifier: B8xepIGgBC09Vu/Ot5Z7bBgHGhvtycp9rSOxTxlqUEA=
Subject key identifier: A3:08:22:FC:5A:DA:2B:16:40:00:FD:AE:32:2B:E1:CA:45:34:C8:AD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D5650B436EE7C44339AF2F75DDD377
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/owgi_FraKxZAAP2uMivhykU0yK0.roa
Signing time: Mon 02 Jan 2023 04:55:11 +0000
ROA not before: Mon 02 Jan 2023 04:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204084
IP address blocks: 2a0d:fcc4::/30 maxlen: 30
2a0d:97c0::/30 maxlen: 30
2a09:4283::/32 maxlen: 32
2a09:e703::/32 maxlen: 32
2a0d:28c4::/30 maxlen: 30
2a06:77c3::/32 maxlen: 32
2a0d:6a40::/30 maxlen: 30
2a0e:e682::/32 maxlen: 32
2a0d:28c0::/30 maxlen: 30
2a0d:34c0::/30 maxlen: 30
2a0d:6ec4::/30 maxlen: 30
2a0d:a3c4::/30 maxlen: 30
2a0d:b2c0::/30 maxlen: 30
2a07:cc44::/30 maxlen: 30
2a09:af82::/32 maxlen: 32
2a09:9982::/32 maxlen: 32
2a0f:b742::/32 maxlen: 32
2a0e:4b43::/32 maxlen: 32
2a09:3a82::/32 maxlen: 32
2a09:7882::/32 maxlen: 32
2a0d:7140::/30 maxlen: 30
2a09:4483::/32 maxlen: 32
2a09:7b83::/32 maxlen: 32
2a0e:c483::/32 maxlen: 32
2a0e:19c3::/32 maxlen: 32
2a07:cc40::/30 maxlen: 30
2a0d:6ec0::/30 maxlen: 30
2a0d:b2c4::/30 maxlen: 30
2a0d:34c4::/30 maxlen: 30
2a09:7883::/32 maxlen: 32
2a09:9382::/32 maxlen: 32
2a0d:9744::/30 maxlen: 30
2a0d:a3c0::/30 maxlen: 30
2a09:9383::/32 maxlen: 32
2a0d:7144::/30 maxlen: 30
2a0e:4b42::/32 maxlen: 32
2a0d:9740::/30 maxlen: 30
2a0e:19c2::/32 maxlen: 32
2a0e:c482::/32 maxlen: 32
2a09:7b82::/32 maxlen: 32
2a0e:e683::/32 maxlen: 32
2a0d:97c4::/30 maxlen: 30
2a0d:fcc0::/30 maxlen: 30
2a09:9983::/32 maxlen: 32
2a09:4482::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
2a06:77c2::/32 maxlen: 32
2a09:3a83::/32 maxlen: 32
2a0d:f5c0::/30 maxlen: 30
2a09:af83::/32 maxlen: 32
2a0d:6a44::/30 maxlen: 30
2a0f:b743::/32 maxlen: 32
2a09:4282::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:65:0b:43:6e:e7:c4:43:39:af:2f:75:dd:d3:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a30822fc5ada2b164000fdae322be1ca4534c8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b6:42:65:42:af:d9:c6:e1:6b:3d:15:1a:e6:
e8:73:48:d6:53:93:3f:b3:18:58:8a:98:05:3a:69:
0e:e0:36:1b:db:1e:1a:58:2f:d8:5e:61:e9:58:22:
b9:59:1f:7d:29:be:a0:ae:f4:03:8a:99:56:87:9f:
23:a8:ae:6a:c4:b5:a4:a7:f3:e7:da:9c:49:50:2f:
0b:81:a6:ca:52:c1:1b:7a:0d:38:35:88:bc:86:36:
dd:c9:0d:39:0f:f4:73:c6:37:41:c0:df:cb:9e:ad:
10:ea:ef:4a:8d:26:7b:78:c7:2e:e5:36:b9:dc:15:
df:72:19:69:92:ab:81:97:63:c3:47:f1:1e:8d:e6:
d1:16:4c:6e:cb:0b:2f:35:d6:09:ff:5d:56:9d:a8:
0d:57:a5:fe:27:a5:20:6a:aa:b3:ce:63:37:55:8b:
35:ac:c8:81:93:53:5d:b4:49:06:47:d5:da:bc:51:
5d:c7:e1:f4:b8:f8:44:d8:4f:39:20:d1:ac:81:b1:
7e:51:cc:2c:6a:d0:6e:3e:27:6a:23:92:1f:e7:a5:
0f:1e:c5:ca:2b:f5:b7:ed:e1:87:c7:65:f6:42:f3:
77:1d:6b:39:19:be:10:bc:00:f3:9e:07:cf:43:b4:
52:83:0f:15:77:82:89:11:66:dc:b6:40:ef:f0:0a:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:08:22:FC:5A:DA:2B:16:40:00:FD:AE:32:2B:E1:CA:45:34:C8:AD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/owgi_FraKxZAAP2uMivhykU0yK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:77c2::/31
2a07:cc40::/29
2a09:3a82::/31
2a09:4282::/31
2a09:4482::/31
2a09:7882::/31
2a09:7b82::/31
2a09:9382::/31
2a09:9982::/31
2a09:af82::/31
2a09:e702::/31
2a0d:28c0::/29
2a0d:34c0::/29
2a0d:6a40::/29
2a0d:6ec0::/29
2a0d:7140::/29
2a0d:9740::/29
2a0d:97c0::/29
2a0d:a3c0::/29
2a0d:b2c0::/29
2a0d:f5c0::/30
2a0d:fcc0::/29
2a0e:19c2::/31
2a0e:4b42::/31
2a0e:c482::/31
2a0e:e682::/31
2a0f:b742::/31
Signature Algorithm: sha256WithRSAEncryption
ad:0b:7d:16:8c:74:49:e9:67:99:e1:95:40:12:a5:3d:69:a9:
78:b2:d1:74:80:dd:d7:b3:55:21:b2:57:2c:67:f4:ce:d6:fb:
18:30:00:11:b0:58:17:fd:c7:1f:00:ca:e2:10:a5:7b:18:41:
f0:a3:a5:8c:cb:a7:c6:d9:7d:48:f1:ca:e1:de:bf:70:4f:49:
49:60:9d:a4:a8:6e:5c:1f:b7:e5:ee:50:2f:0b:d5:86:eb:80:
57:2d:c1:98:e8:84:62:ac:6e:54:3a:f0:9d:f0:72:9f:db:45:
06:80:30:86:b0:f1:f8:c2:19:26:f1:3c:ea:80:c3:00:5a:f6:
ed:9e:06:10:6d:f7:98:80:a8:45:0a:89:01:15:9f:ef:68:39:
26:48:ba:08:4d:c7:16:ab:35:7f:1f:92:05:aa:d9:b0:24:31:
c3:e6:70:8a:4b:ca:50:45:15:01:00:c5:a1:2d:02:68:e3:c9:
e7:5a:68:79:bf:07:dd:14:a0:05:89:99:69:7f:7c:cf:f4:f5:
2a:3f:54:6a:a9:01:49:e9:47:12:41:42:3f:f8:0b:0a:2d:a3:
b7:a1:ab:ca:1a:de:cc:85:3b:68:d9:3b:46:0f:cf:40:bc:b2:
fe:79:5c:0b:8e:e7:01:59:08:2f:f4:aa:ec:81:01:23:41:54:
a7:6a:de:b4
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAYVw1WULQ27nxEM5ry913dN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzA4MjJmYzVhZGEyYjE2NDAwMGZkYWUzMjJiZTFjYTQ1MzRjOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37ZCZUKv2cbhaz0VGuboc0jWU5M/
sxhYipgFOmkO4DYb2x4aWC/YXmHpWCK5WR99Kb6grvQDiplWh58jqK5qxLWkp/Pn
2pxJUC8LgabKUsEbeg04NYi8hjbdyQ05D/RzxjdBwN/Lnq0Q6u9KjSZ7eMcu5Ta5
3BXfchlpkquBl2PDR/EejebRFkxuywsvNdYJ/11WnagNV6X+J6UgaqqzzmM3VYs1
rMiBk1NdtEkGR9XavFFdx+H0uPhE2E85INGsgbF+UcwsatBuPidqI5If56UPHsXK
K/W37eGHx2X2QvN3HWs5Gb4QvADzngfPQ7RSgw8Vd4KJEWbctkDv8Ao4yQIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFKMIIvxa2isWQAD9rjIr4cpFNMitMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvb3dnaV9GcmFLeFpBQVAydU1pdmh5a1UweUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBxAQCAAIwgb0DBQEq
BnfCAwUDKgfMQAMFASoJOoIDBQEqCUKCAwUBKglEggMFASoJeIIDBQEqCXuCAwUB
KgmTggMFASoJmYIDBQEqCa+CAwUBKgnnAgMFAyoNKMADBQMqDTTAAwUDKg1qQAMF
AyoNbsADBQMqDXFAAwUDKg2XQAMFAyoNl8ADBQMqDaPAAwUDKg2ywAMFAioN9cAD
BQMqDfzAAwUBKg4ZwgMFASoOS0IDBQEqDsSCAwUBKg7mggMFASoPt0IwDQYJKoZI
hvcNAQELBQADggEBAK0LfRaMdEnpZ5nhlUASpT1pqXiy0XSA3dezVSGyVyxn9M7W
+xgwABGwWBf9xx8AyuIQpXsYQfCjpYzLp8bZfUjxyuHev3BPSUlgnaSoblwft+Xu
UC8L1YbrgFctwZjohGKsblQ68J3wcp/bRQaAMIaw8fjCGSbxPOqAwwBa9u2eBhBt
95iAqEUKiQEVn+9oOSZIughNxxarNX8fkgWq2bAkMcPmcIpLylBFFQEAxaEtAmjj
yedaaHm/B90UoAWJmWl/fM/09So/VGqpAUnpRxJBQj/4Cwoto7ehq8oa3syFO2jZ
O0YPz0C8sv55XAuO5wFZCC/0quyBASNBVKdq3rQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org