Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OLT7okT24gbonnY7fp588tJ-XzM.roa
File: OLT7okT24gbonnY7fp588tJ-XzM.roa (raw, json)
Hash identifier: Z2ttE3Xsx0gsaEWoTma4Tb0RxqdpyKkEVt3IuFQpTlw=
Subject key identifier: 38:B4:FB:A2:44:F6:E2:06:E8:9E:76:3B:7E:9E:7C:F2:D2:7E:5F:33
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0182AFB34AA4A91A2DFCA96D72A6C934B9F5
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OLT7okT24gbonnY7fp588tJ-XzM.roa
Signing time: Thu 18 Aug 2022 06:45:39 +0000
ROA not before: Thu 18 Aug 2022 06:45:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207616
IP address blocks: 91.193.56.0/23 maxlen: 24
2a0f:6280::/30 maxlen: 48
2a0f:6284::/30 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:b3:4a:a4:a9:1a:2d:fc:a9:6d:72:a6:c9:34:b9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Aug 18 06:45:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38b4fba244f6e206e89e763b7e9e7cf2d27e5f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:a0:d9:35:fe:e5:3e:11:bf:fb:4b:d4:43:
9d:4e:6d:c0:63:f6:49:5a:7d:56:cb:e5:3c:b0:90:
d3:3b:37:16:10:79:c3:81:02:28:67:85:d3:d9:04:
c9:34:b5:c6:97:5e:71:98:f8:67:d9:eb:2e:ab:db:
fd:73:30:77:6e:ac:82:2e:de:28:cb:8a:9d:a8:5c:
c8:cf:a4:d0:ce:1b:da:44:f0:65:d9:8f:d3:05:69:
0a:3d:86:9a:cf:06:fa:6a:44:b3:ff:91:73:2e:43:
d4:17:80:b5:49:d4:79:b1:06:b5:af:bd:82:62:cb:
fc:aa:f1:67:e9:f3:c1:eb:64:ef:72:10:eb:b0:ec:
5a:6b:f1:8d:3f:7b:1e:c3:54:f1:a1:bf:f1:c9:2d:
21:b1:2f:93:3f:52:22:68:f5:e8:f9:52:38:00:29:
55:34:bc:5a:d0:1b:06:d6:4a:c9:01:61:7b:3e:6f:
9f:81:48:18:56:43:2c:98:fd:75:b8:01:ce:8e:c3:
b8:0c:e4:0c:9a:fd:46:42:84:c5:52:2f:74:b6:e2:
0c:11:42:cc:8c:a2:94:a4:15:46:f8:c3:87:7f:70:
72:82:25:34:06:18:e0:74:17:ff:4a:cb:b6:10:3b:
ac:57:95:da:fb:55:e9:48:51:5e:a3:18:49:6a:67:
40:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B4:FB:A2:44:F6:E2:06:E8:9E:76:3B:7E:9E:7C:F2:D2:7E:5F:33
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OLT7okT24gbonnY7fp588tJ-XzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.56.0/23
IPv6:
2a0f:6280::/29
Signature Algorithm: sha256WithRSAEncryption
52:0f:02:e1:78:a6:20:6d:82:47:ae:33:78:b5:15:f5:2b:71:
d2:36:ed:3e:c2:39:a7:f0:26:4d:45:de:be:9a:c2:39:52:cc:
ad:d4:bf:94:14:8f:51:ee:0e:0b:da:2a:c6:8e:04:c6:d4:fe:
ce:42:28:82:d5:7e:8e:c3:88:2a:0e:d3:61:f1:d3:75:6f:95:
74:ed:4d:a5:f8:eb:2e:81:89:0d:d7:9c:49:bd:ab:1a:ad:0c:
7c:60:ee:b5:21:8a:d3:28:fe:f1:69:e6:77:ad:4c:bd:b3:23:
ed:b1:3f:a1:36:35:52:32:ff:62:8d:da:73:65:e4:f7:72:df:
06:3b:c2:48:06:7a:b7:3b:02:8d:f8:ab:50:5c:1d:3a:ca:04:
3a:9d:56:de:e8:f9:25:18:52:5d:7b:32:ec:56:ac:89:39:1f:
ca:d0:69:b7:54:95:cb:39:32:43:21:c0:c2:17:be:31:c0:d2:
2d:49:18:13:83:7e:93:73:f3:ac:b6:73:c1:ce:5c:12:94:27:
10:11:54:44:e7:ad:bc:c5:80:8e:b7:02:9d:26:58:a0:ac:d3:
6a:54:60:ad:a7:ad:be:3b:2d:ce:33:67:a3:db:44:03:70:cc:
da:f7:d9:fe:45:17:bc:c8:a7:70:ed:2d:b6:5d:2b:b7:30:38:
a6:6d:15:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYKvs0qkqRot/KltcqbJNLn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIwODE4MDY0NTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI0ZmJhMjQ0ZjZlMjA2ZTg5ZTc2M2I3ZTllN2NmMmQyN2U1ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoOg2TX+5T4Rv/tL1EOdTm3AY/ZJ
Wn1Wy+U8sJDTOzcWEHnDgQIoZ4XT2QTJNLXGl15xmPhn2esuq9v9czB3bqyCLt4o
y4qdqFzIz6TQzhvaRPBl2Y/TBWkKPYaazwb6akSz/5FzLkPUF4C1SdR5sQa1r72C
Ysv8qvFn6fPB62TvchDrsOxaa/GNP3sew1Txob/xyS0hsS+TP1IiaPXo+VI4AClV
NLxa0BsG1krJAWF7Pm+fgUgYVkMsmP11uAHOjsO4DOQMmv1GQoTFUi90tuIMEULM
jKKUpBVG+MOHf3BygiU0BhjgdBf/Ssu2EDusV5Xa+1XpSFFeoxhJamdAGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDi0+6JE9uIG6J52O36efPLSfl8zMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvT0xUN29rVDI0Z2Jvbm5ZN2ZwNTg4dEotWHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8E4MA0E
AgACMAcDBQMqD2KAMA0GCSqGSIb3DQEBCwUAA4IBAQBSDwLheKYgbYJHrjN4tRX1
K3HSNu0+wjmn8CZNRd6+msI5Usyt1L+UFI9R7g4L2irGjgTG1P7OQiiC1X6Ow4gq
DtNh8dN1b5V07U2l+OsugYkN15xJvasarQx8YO61IYrTKP7xaeZ3rUy9syPtsT+h
NjVSMv9ijdpzZeT3ct8GO8JIBnq3OwKN+KtQXB06ygQ6nVbe6PklGFJdezLsVqyJ
OR/K0Gm3VJXLOTJDIcDCF74xwNItSRgTg36Tc/OstnPBzlwSlCcQEVRE5628xYCO
twKdJligrNNqVGCtp62+Oy3OM2ej20QDcMza99n+RRe8yKdw7S22XSu3MDimbRUE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:27 2025 by rpki-client