Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/ogPVQun-kSurPSUY9Yqd5RjYnqo.roa
File: ogPVQun-kSurPSUY9Yqd5RjYnqo.roa (raw, json)
Hash identifier: BNJpJ8R7NWfa1ofblNFD5aC/9+ALBo+Aa9vt8zDPH/I=
Subject key identifier: A2:03:D5:42:E9:FE:91:2B:AB:3D:25:18:F5:8A:9D:E5:18:D8:9E:AA
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 01856F94AD2F680DC645FDFD1D7316DD3889
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/ogPVQun-kSurPSUY9Yqd5RjYnqo.roa
Signing time: Sun 01 Jan 2023 23:04:52 +0000
ROA not before: Sun 01 Jan 2023 23:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12888
IP address blocks: 195.27.162.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:ad:2f:68:0d:c6:45:fd:fd:1d:73:16:dd:38:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 23:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a203d542e9fe912bab3d2518f58a9de518d89eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:28:cf:de:e7:5a:1c:02:38:b0:88:85:ba:13:
e1:e2:b0:6a:09:df:64:1c:11:9f:49:15:aa:45:22:
34:8d:47:e8:a3:cf:cd:41:0c:74:c7:ab:41:e4:b5:
0e:5d:13:c4:3f:3a:1e:90:a0:f3:23:ac:76:04:2a:
1d:52:02:88:d8:1b:3f:85:09:1b:1e:aa:18:17:cb:
84:b4:2f:61:18:32:ab:64:ee:b9:39:63:ac:68:aa:
0e:fd:f2:36:29:32:ea:a1:37:d5:4f:20:1d:ab:96:
64:59:8e:25:af:b4:97:71:61:1c:36:6d:f4:cd:d6:
80:bf:1d:22:8d:36:1c:6b:48:8d:40:86:0f:1f:c1:
df:30:68:85:17:23:41:31:1b:ad:40:83:fe:f8:66:
c3:be:07:56:69:8f:c6:69:8e:86:4a:87:9b:ca:d0:
86:1c:ca:62:8a:9d:03:02:3f:66:18:8f:91:46:3b:
ec:45:f9:60:c6:6a:6f:82:26:32:f1:04:3f:ca:51:
73:d6:dc:4e:cd:78:f3:82:9e:0e:ec:23:be:fd:d9:
a7:50:c4:a2:c8:af:42:49:4e:1a:65:38:79:1e:ea:
ef:94:ca:64:bc:e6:0a:f2:36:5c:85:b5:ce:d3:59:
59:bb:0d:51:e4:53:ce:11:90:0c:b7:dd:9c:3b:8a:
8a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:03:D5:42:E9:FE:91:2B:AB:3D:25:18:F5:8A:9D:E5:18:D8:9E:AA
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/ogPVQun-kSurPSUY9Yqd5RjYnqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.27.162.0/23
Signature Algorithm: sha256WithRSAEncryption
25:28:fa:1f:f4:b5:d8:73:15:ae:91:33:3d:7b:f9:f2:4a:2d:
bc:bb:38:85:bf:c4:24:c1:17:50:19:95:09:91:ee:8e:12:88:
38:15:99:e2:63:f2:6d:bf:b5:e5:a7:3e:be:38:58:a1:b0:18:
c9:80:00:53:fd:ca:2d:d9:d6:ae:14:1b:cd:1a:d3:33:04:30:
ad:8b:cc:88:56:8f:8a:5c:17:02:55:8d:cf:1f:ce:54:a1:67:
ef:74:2e:e2:9a:f4:6d:f2:63:a5:8d:56:83:53:04:6c:6e:58:
a3:13:24:98:8b:06:89:c4:f0:b0:34:c2:0d:74:06:64:3e:ba:
3a:d2:02:9c:03:b8:fc:d0:6a:c9:bc:8c:b6:ed:bf:fe:b0:93:
4a:bf:6c:27:9d:a1:e0:92:ba:03:62:ed:ab:e9:f1:03:7d:69:
4e:87:c0:1f:a5:04:46:23:06:f6:b8:42:70:e5:c5:55:ca:78:
30:89:47:c2:25:2f:8c:9f:13:db:5e:1f:17:21:5a:5f:60:d9:
0f:9d:83:78:42:5d:56:78:a1:3f:9d:9a:42:11:41:92:a9:b3:
86:60:2f:a2:d2:56:17:90:a9:d0:ae:ca:ba:ce:80:6e:a8:74:
b0:e7:ac:ad:1b:eb:c4:6b:37:f5:97:fa:61:1d:7f:e3:73:c4:
88:3a:fd:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlK0vaA3GRf39HXMW3TiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjMwMTAxMjMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjAzZDU0MmU5ZmU5MTJiYWIzZDI1MThmNThhOWRlNTE4ZDg5ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyjP3udaHAI4sIiFuhPh4rBqCd9k
HBGfSRWqRSI0jUfoo8/NQQx0x6tB5LUOXRPEPzoekKDzI6x2BCodUgKI2Bs/hQkb
HqoYF8uEtC9hGDKrZO65OWOsaKoO/fI2KTLqoTfVTyAdq5ZkWY4lr7SXcWEcNm30
zdaAvx0ijTYca0iNQIYPH8HfMGiFFyNBMRutQIP++GbDvgdWaY/GaY6GSoebytCG
HMpiip0DAj9mGI+RRjvsRflgxmpvgiYy8QQ/ylFz1txOzXjzgp4O7CO+/dmnUMSi
yK9CSU4aZTh5HurvlMpkvOYK8jZchbXO01lZuw1R5FPOEZAMt92cO4qKsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKID1ULp/pErqz0lGPWKneUY2J6qMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvb2dQVlF1bi1rU3VyUFNVWTlZcWQ1UmpZbnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxuiMA0G
CSqGSIb3DQEBCwUAA4IBAQAlKPof9LXYcxWukTM9e/nySi28uziFv8QkwRdQGZUJ
ke6OEog4FZniY/Jtv7Xlpz6+OFihsBjJgABT/cot2dauFBvNGtMzBDCti8yIVo+K
XBcCVY3PH85UoWfvdC7imvRt8mOljVaDUwRsblijEySYiwaJxPCwNMINdAZkPro6
0gKcA7j80GrJvIy27b/+sJNKv2wnnaHgkroDYu2r6fEDfWlOh8AfpQRGIwb2uEJw
5cVVyngwiUfCJS+MnxPbXh8XIVpfYNkPnYN4Ql1WeKE/nZpCEUGSqbOGYC+i0lYX
kKnQrsq6zoBuqHSw56ytG+vEazf1l/phHX/jc8SIOv1f
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:41 2025 by rpki-client