Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/OllyXAcLSxx0S6sOWUGPFB13GNg.roa
File: OllyXAcLSxx0S6sOWUGPFB13GNg.roa (raw, json)
Hash identifier: +Wr96qUh5RqiH71Pdc/jDhjvl/S8nBH4xkSrVBs7NC0=
Subject key identifier: 3A:59:72:5C:07:0B:4B:1C:74:4B:AB:0E:59:41:8F:14:1D:77:18:D8
Certificate issuer: /CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Certificate serial: 018D9D6DE6442747EEE37C11C35BD0644E77
Authority key identifier: A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/OllyXAcLSxx0S6sOWUGPFB13GNg.roa
Signing time: Mon 12 Feb 2024 13:07:21 +0000
ROA not before: Mon 12 Feb 2024 13:07:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9080
IP address blocks: 79.127.128.0/18 maxlen: 24
85.132.140.0/22 maxlen: 24
85.132.160.0/20 maxlen: 24
85.132.176.0/21 maxlen: 24
85.132.188.0/22 maxlen: 24
212.71.128.0/18 maxlen: 24
213.168.160.0/20 maxlen: 24
2001:ae8::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:6d:e6:44:27:47:ee:e3:7c:11:c3:5b:d0:64:4e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Validity
Not Before: Feb 12 13:07:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a59725c070b4b1c744bab0e59418f141d7718d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:27:8c:5b:f4:ad:cf:0d:20:83:aa:e4:f5:f9:
6d:28:d4:7e:b3:63:a8:b8:d0:69:4a:e7:13:36:0c:
64:fb:5a:d1:8c:68:00:68:6b:d5:08:0d:63:1a:ce:
18:ed:69:b8:a5:02:4a:78:20:37:c6:0c:f3:c8:f1:
8a:27:fe:2d:d1:9b:a7:79:97:c0:02:c5:da:92:02:
c6:61:fb:a3:1a:1f:b3:85:88:b1:60:81:f9:ba:ae:
87:b3:d3:15:39:f7:d7:cc:1c:56:5f:d9:be:1b:ca:
f4:98:44:40:5c:9e:a8:53:fc:bd:17:3a:b4:ec:54:
71:36:06:a5:b8:7b:37:9e:a4:dc:34:e0:8f:2b:12:
f4:de:c9:80:7e:33:33:94:ee:ed:30:cb:3d:61:b8:
84:a7:b1:2a:e5:ce:33:34:be:c7:26:44:b4:b8:cd:
72:57:72:89:ae:48:b0:24:b0:cf:9c:b1:58:36:67:
c2:8f:29:12:63:a7:06:6b:c7:f6:e8:1d:77:3f:7a:
94:b6:e8:75:11:f9:a8:39:c1:98:96:1d:0b:50:8c:
d1:4d:d1:fc:3e:a4:68:da:ce:35:63:14:ce:c1:2b:
a4:7f:74:45:33:2f:9a:d0:09:2d:86:74:ec:86:b5:
46:c6:9a:e3:7c:0a:2a:f7:b5:94:61:70:f8:d0:44:
1d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:59:72:5C:07:0B:4B:1C:74:4B:AB:0E:59:41:8F:14:1D:77:18:D8
X509v3 Authority Key Identifier:
keyid:A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/OllyXAcLSxx0S6sOWUGPFB13GNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.127.128.0/18
85.132.140.0/22
85.132.160.0-85.132.183.255
85.132.188.0/22
212.71.128.0/18
213.168.160.0/20
IPv6:
2001:ae8::/32
Signature Algorithm: sha256WithRSAEncryption
2f:58:e4:8f:85:f2:f4:3f:f7:01:49:39:8d:4d:0e:31:cc:9c:
f5:9d:77:2c:ac:01:dc:e2:07:ad:84:6f:be:ed:83:aa:ef:af:
f4:b1:37:61:a4:c3:00:f8:2b:cc:d9:26:24:ad:83:b6:11:9a:
49:ca:93:e1:18:d8:16:13:ab:a7:02:bc:48:86:02:3c:dc:d9:
37:0b:c7:e9:d3:a7:52:ba:e5:eb:50:4c:6e:77:5c:2a:ef:a1:
f8:c1:52:80:0d:93:35:51:bc:76:cf:29:5a:9a:d1:3e:b3:19:
4b:38:e8:62:3e:c7:3c:3e:80:70:de:d7:26:53:b5:9c:ab:c6:
a3:83:56:cb:42:36:bb:fe:e4:6d:df:a2:c1:25:c4:c8:10:cb:
d7:c7:f3:57:79:32:68:b3:5f:42:03:39:23:8b:40:b5:95:4f:
9e:c5:41:ff:e3:89:97:3f:06:15:e5:0c:5f:63:b0:2d:64:6c:
7c:cf:2f:31:c0:d6:a9:db:60:54:0f:06:c5:6e:7c:e4:44:c5:
dc:1b:2a:60:9a:28:6f:98:a8:41:7e:e5:0d:cb:21:dd:8e:31:
29:35:65:36:4d:b2:31:c7:d3:bf:8e:58:51:a6:50:55:4b:78:
55:26:d1:53:71:d1:45:b1:97:6c:96:a2:e7:bf:58:17:45:d4:
18:67:c5:3b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY2dbeZEJ0fu43wRw1vQZE53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Y2FkOWE5NzdiZjhiNmI0MGYwYjhlOTk4ZTU3ODdjNmFl
NjQxYzAwHhcNMjQwMjEyMTMwNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU5NzI1YzA3MGI0YjFjNzQ0YmFiMGU1OTQxOGYxNDFkNzcxOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yeMW/Stzw0gg6rk9fltKNR+s2Oo
uNBpSucTNgxk+1rRjGgAaGvVCA1jGs4Y7Wm4pQJKeCA3xgzzyPGKJ/4t0ZuneZfA
AsXakgLGYfujGh+zhYixYIH5uq6Hs9MVOffXzBxWX9m+G8r0mERAXJ6oU/y9Fzq0
7FRxNgaluHs3nqTcNOCPKxL03smAfjMzlO7tMMs9YbiEp7Eq5c4zNL7HJkS0uM1y
V3KJrkiwJLDPnLFYNmfCjykSY6cGa8f26B13P3qUtuh1EfmoOcGYlh0LUIzRTdH8
PqRo2s41YxTOwSukf3RFMy+a0AkthnTshrVGxprjfAoq97WUYXD40EQdtwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDpZclwHC0scdEurDllBjxQddxjYMB8GA1UdIwQY
MBaAFKnK2al3v4trQPC46ZjleHxq5kHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjct
ZGIzZWM3NWZhMjBjLzEvT2xseVhBY0xTeHgwUzZzT1dVR1BGQjEzR05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjctZGIzZWM3NWZhMjBj
LzEvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQGT3+AAwQC
VYSMMAwDBAVVhKADBANVhLADBAJVhLwDBAbUR4ADBATVqKAwDQQCAAIwBwMFACAB
CugwDQYJKoZIhvcNAQELBQADggEBAC9Y5I+F8vQ/9wFJOY1NDjHMnPWddyysAdzi
B62Eb77tg6rvr/SxN2GkwwD4K8zZJiStg7YRmknKk+EY2BYTq6cCvEiGAjzc2TcL
x+nTp1K65etQTG53XCrvofjBUoANkzVRvHbPKVqa0T6zGUs46GI+xzw+gHDe1yZT
tZyrxqODVstCNrv+5G3fosElxMgQy9fH81d5MmizX0IDOSOLQLWVT57FQf/jiZc/
BhXlDF9jsC1kbHzPLzHA1qnbYFQPBsVufORExdwbKmCaKG+YqEF+5Q3LId2OMSk1
ZTZNsjHH07+OWFGmUFVLeFUm0VNx0UWxl2yWoue/WBdF1BhnxTs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:28 2025 by rpki-client