Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OhTKs_ch46NxpCnVkkn8anXNc4A.roa
File: OhTKs_ch46NxpCnVkkn8anXNc4A.roa (raw, json)
Hash identifier: 7NWiICQ4BZ7IcFw71DJUHPw+5NfpYeoZ6B/MFI8YkKk=
Subject key identifier: 3A:14:CA:B3:F7:21:E3:A3:71:A4:29:D5:92:49:FC:6A:75:CD:73:80
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0183DF431009812C5E152A3DE9001FB89C0E
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OhTKs_ch46NxpCnVkkn8anXNc4A.roa
Signing time: Sun 16 Oct 2022 05:27:37 +0000
ROA not before: Sun 16 Oct 2022 05:27:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205719
IP address blocks: 2a0f:6287:10::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:df:43:10:09:81:2c:5e:15:2a:3d:e9:00:1f:b8:9c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Oct 16 05:27:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a14cab3f721e3a371a429d59249fc6a75cd7380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:56:2e:f7:aa:f0:f6:b0:c9:84:c7:f6:8f:ce:
62:3e:11:fb:8d:c8:53:20:4a:6e:c3:51:0d:f0:83:
f7:39:78:36:a8:40:c5:4d:ad:69:54:a8:86:d5:a3:
1e:88:93:1d:5e:e0:81:ce:29:a2:2f:82:5b:9f:5d:
a0:51:ca:52:c6:79:51:bd:70:6d:d1:24:c5:d4:33:
be:ba:f9:18:a2:fd:db:7f:b2:cd:9c:07:96:31:3e:
ed:52:53:97:3a:32:55:ad:fa:7b:f9:60:c0:04:59:
56:26:9a:c4:4c:28:00:8c:5f:08:44:fc:43:f5:3b:
9d:5c:dc:89:72:4d:24:ef:5a:a8:75:75:cf:10:df:
cf:5d:9a:b0:fe:65:7f:6b:ca:86:9a:5a:e3:aa:30:
3a:0e:d2:a5:e2:29:21:a8:45:f5:a6:da:9c:65:5a:
cb:55:ef:a0:59:67:16:6b:62:b0:38:76:94:48:87:
6f:77:c1:89:28:c3:11:80:1b:3f:a0:9d:d7:29:c0:
a5:5e:c3:61:2e:ab:f5:23:51:33:00:58:40:71:e0:
44:77:bf:c6:33:ad:ce:10:48:03:e1:0c:b7:ad:2d:
1c:7a:e7:49:03:2e:a2:e5:6e:20:cd:39:51:ba:cd:
95:b6:75:ad:df:70:26:ed:b4:f6:3e:8c:59:65:73:
1c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:CA:B3:F7:21:E3:A3:71:A4:29:D5:92:49:FC:6A:75:CD:73:80
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/OhTKs_ch46NxpCnVkkn8anXNc4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6287:10::/48
Signature Algorithm: sha256WithRSAEncryption
96:59:e7:5d:85:c7:85:c7:f2:72:20:c0:65:1c:07:b5:86:0e:
8a:02:f1:a7:a6:52:b6:4e:f3:ea:8f:25:1e:8f:36:3b:e5:3e:
29:00:9d:e3:5e:44:f5:ac:a8:ba:ae:3b:66:d5:f6:24:68:56:
20:83:35:75:2d:fa:e3:7d:83:e1:e2:ec:89:f7:42:7d:ea:7c:
ea:ec:08:ae:9b:8e:36:dc:ed:b6:7a:11:dc:9d:99:b9:c0:7a:
1d:b7:25:61:9a:aa:81:e3:84:7a:d4:39:3e:f9:ff:4d:20:00:
2d:c4:41:64:49:2a:c4:d0:fb:eb:d8:de:93:fe:05:f4:2f:c8:
77:26:0d:cf:a7:de:94:c2:4b:74:74:03:6c:e9:8e:8c:d3:c1:
3e:55:90:c2:c0:a2:3f:8c:3e:fb:56:6e:83:cc:5a:21:a6:3e:
7e:d0:89:42:ae:03:4d:43:2e:7f:d5:e6:7c:e0:b5:7b:7e:3c:
02:df:58:3c:b4:65:cf:ff:29:27:4d:41:5a:02:9e:78:b7:4c:
bb:15:f6:62:89:c4:35:a8:cb:14:8c:80:03:43:cb:ce:75:2f:
20:c9:4d:da:fe:94:c8:f3:2e:cc:1c:59:8b:1a:c3:f6:3e:bd:
0b:56:f6:2a:6d:ba:e8:c2:6d:86:cc:85:e4:25:a7:97:61:49:
0c:a1:e9:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYPfQxAJgSxeFSo96QAfuJwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjIxMDE2MDUyNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE0Y2FiM2Y3MjFlM2EzNzFhNDI5ZDU5MjQ5ZmM2YTc1Y2Q3MzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lYu96rw9rDJhMf2j85iPhH7jchT
IEpuw1EN8IP3OXg2qEDFTa1pVKiG1aMeiJMdXuCBzimiL4Jbn12gUcpSxnlRvXBt
0STF1DO+uvkYov3bf7LNnAeWMT7tUlOXOjJVrfp7+WDABFlWJprETCgAjF8IRPxD
9TudXNyJck0k71qodXXPEN/PXZqw/mV/a8qGmlrjqjA6DtKl4ikhqEX1ptqcZVrL
Ve+gWWcWa2KwOHaUSIdvd8GJKMMRgBs/oJ3XKcClXsNhLqv1I1EzAFhAceBEd7/G
M63OEEgD4Qy3rS0ceudJAy6i5W4gzTlRus2VtnWt33Am7bT2PoxZZXMcuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDoUyrP3IeOjcaQp1ZJJ/Gp1zXOAMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvT2hUS3NfY2g0Nk54cENuVmtrbjhhblhOYzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9ihwAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCWWeddhceFx/JyIMBlHAe1hg6KAvGnplK2TvPq
jyUejzY75T4pAJ3jXkT1rKi6rjtm1fYkaFYggzV1LfrjfYPh4uyJ90J96nzq7Aiu
m4423O22ehHcnZm5wHodtyVhmqqB44R61Dk++f9NIAAtxEFkSSrE0Pvr2N6T/gX0
L8h3Jg3Pp96Uwkt0dANs6Y6M08E+VZDCwKI/jD77Vm6DzFohpj5+0IlCrgNNQy5/
1eZ84LV7fjwC31g8tGXP/yknTUFaAp54t0y7FfZiicQ1qMsUjIADQ8vOdS8gyU3a
/pTI8y7MHFmLGsP2Pr0LVvYqbbrowm2GzIXkJaeXYUkMoelA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:18 2024 by rpki-client on console-fra.rpki-client.org