Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/omDzovtRCoowj6zh2GD1I3_eR9s.roa
File: omDzovtRCoowj6zh2GD1I3_eR9s.roa (raw, json)
Hash identifier: TczpHScyF1n1Al6FWMBIhOt9cytW0WijthIwyHAEAiw=
Subject key identifier: A2:60:F3:A2:FB:51:0A:8A:30:8F:AC:E1:D8:60:F5:23:7F:DE:47:DB
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018D827FE210E65ECE3619377DE53469A025
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/omDzovtRCoowj6zh2GD1I3_eR9s.roa
Signing time: Wed 07 Feb 2024 07:37:15 +0000
ROA not before: Wed 07 Feb 2024 07:37:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45211056
IP address blocks: 185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:7f:e2:10:e6:5e:ce:36:19:37:7d:e5:34:69:a0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Feb 7 07:37:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a260f3a2fb510a8a308face1d860f5237fde47db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:ac:1a:29:94:75:0a:dd:0d:9e:7b:7d:44:
c3:57:ec:3a:55:a7:1f:e3:30:18:d1:44:1c:eb:9b:
41:8d:33:9c:55:fa:18:0d:20:06:08:f2:32:57:c8:
78:91:eb:c4:66:38:39:98:01:8d:e8:cf:70:4c:c3:
cc:e2:9e:76:26:ba:4e:06:d3:82:f5:f4:8e:9f:28:
b4:fc:37:97:f4:0c:52:69:ca:93:87:07:1e:3b:5c:
f9:0e:e5:95:91:95:fb:86:be:4b:0d:b9:15:75:f7:
5b:70:2c:c0:22:67:11:0d:e4:6f:bd:fd:8b:41:54:
be:4e:bf:66:e5:51:66:d2:4c:f7:c7:e9:5d:9d:d0:
9e:e3:2d:7f:64:3b:75:56:c9:4d:aa:23:e4:74:ff:
7f:6d:bf:24:ab:9b:07:c0:fe:3a:a6:19:63:47:5e:
91:92:38:75:21:bb:66:a9:71:00:12:8b:fa:36:55:
ed:9f:5e:eb:17:39:c7:07:5d:1f:66:7f:d1:ac:cd:
52:1f:fa:30:f7:27:97:af:ac:66:f6:fc:f2:a8:aa:
53:d6:55:a8:51:d0:5d:52:85:09:b0:6e:c4:50:5c:
45:c1:e5:5a:65:25:e4:bb:47:e3:da:34:09:84:51:
0e:95:c2:ca:4d:67:4f:79:b5:45:f1:68:50:0c:da:
20:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:60:F3:A2:FB:51:0A:8A:30:8F:AC:E1:D8:60:F5:23:7F:DE:47:DB
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/omDzovtRCoowj6zh2GD1I3_eR9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
83:82:b5:af:9f:13:f6:ea:84:9a:cf:73:1b:fe:11:15:7b:c9:
55:38:b3:f9:84:e4:69:94:a0:35:a1:8c:04:b4:84:f7:db:1e:
b9:c2:d6:0c:59:03:d6:eb:bf:dc:78:21:3f:37:d3:73:52:b5:
1a:38:3d:83:3b:4b:39:45:61:cc:94:0d:80:56:14:07:28:56:
b2:e5:e8:3d:b8:1f:48:68:4f:3a:02:d4:b4:b9:c0:a9:68:db:
19:ce:3b:64:bd:81:2d:6e:fd:20:44:23:b4:21:7c:82:ea:4f:
e5:a8:80:0a:3d:fe:24:41:29:28:1a:80:74:c4:2d:c9:38:bb:
72:68:72:2e:49:c4:ff:e9:c0:9f:4e:8a:28:7d:ab:e2:27:4e:
ba:d6:dc:9e:2f:5d:fe:b8:f5:94:22:6d:9a:10:be:70:2d:34:
a9:d4:85:77:3a:31:f9:19:14:92:54:cb:8a:11:02:0b:96:d5:
36:6f:5b:51:35:f1:30:cc:35:7a:a3:58:fd:15:76:2e:17:70:
53:85:dc:c4:fc:e9:24:37:2b:cb:3d:65:a8:c8:b9:5e:14:a3:
4d:41:fd:16:f8:33:60:bd:51:48:5d:88:0b:da:e7:75:ed:de:
ce:c9:f4:cf:ff:39:99:5f:d2:06:b2:e8:cc:09:a0:0a:df:0e:
5e:83:f1:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Cf+IQ5l7ONhk3feU0aaAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMjA3MDczNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjYwZjNhMmZiNTEwYThhMzA4ZmFjZTFkODYwZjUyMzdmZGU0N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaCsGimUdQrdDZ57fUTDV+w6Vacf
4zAY0UQc65tBjTOcVfoYDSAGCPIyV8h4kevEZjg5mAGN6M9wTMPM4p52JrpOBtOC
9fSOnyi0/DeX9AxSacqThwceO1z5DuWVkZX7hr5LDbkVdfdbcCzAImcRDeRvvf2L
QVS+Tr9m5VFm0kz3x+ldndCe4y1/ZDt1VslNqiPkdP9/bb8kq5sHwP46phljR16R
kjh1IbtmqXEAEov6NlXtn17rFznHB10fZn/RrM1SH/ow9yeXr6xm9vzyqKpT1lWo
UdBdUoUJsG7EUFxFweVaZSXku0fj2jQJhFEOlcLKTWdPebVF8WhQDNogzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJg86L7UQqKMI+s4dhg9SN/3kfbMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvb21Eem92dFJDb293ajZ6aDJHRDFJM19lUjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckxMA0G
CSqGSIb3DQEBCwUAA4IBAQCDgrWvnxP26oSaz3Mb/hEVe8lVOLP5hORplKA1oYwE
tIT32x65wtYMWQPW67/ceCE/N9NzUrUaOD2DO0s5RWHMlA2AVhQHKFay5eg9uB9I
aE86AtS0ucCpaNsZzjtkvYEtbv0gRCO0IXyC6k/lqIAKPf4kQSkoGoB0xC3JOLty
aHIuScT/6cCfTooofaviJ0661tyeL13+uPWUIm2aEL5wLTSp1IV3OjH5GRSSVMuK
EQILltU2b1tRNfEwzDV6o1j9FXYuF3BThdzE/OkkNyvLPWWoyLleFKNNQf0W+DNg
vVFIXYgL2ud17d7OyfTP/zmZX9IGsujMCaAK3w5eg/GF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org