Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/o5mvUsa3SXQi_ssOLgdpOSHaciE.roa
File: o5mvUsa3SXQi_ssOLgdpOSHaciE.roa (raw, json)
Hash identifier: FGmOnCbLknwAK/IrW4QwOjY/vCWo1nHoIS5dqpKEc0Q=
Subject key identifier: A3:99:AF:52:C6:B7:49:74:22:FE:CB:0E:2E:07:69:39:21:DA:72:21
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 0183ABBC62100ACFAABD85A955A27D8234CC
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/o5mvUsa3SXQi_ssOLgdpOSHaciE.roa
Signing time: Thu 06 Oct 2022 05:19:53 +0000
ROA not before: Thu 06 Oct 2022 05:19:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 147049
IP address blocks: 93.185.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ab:bc:62:10:0a:cf:aa:bd:85:a9:55:a2:7d:82:34:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Oct 6 05:19:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a399af52c6b7497422fecb0e2e07693921da7221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:46:6c:8a:35:ea:a6:df:07:b2:f6:f8:c4:
80:0b:1d:d3:49:92:3b:23:da:5e:9f:d1:f5:3b:14:
38:73:ba:69:32:e3:91:34:97:00:24:b1:31:85:f1:
90:01:4f:e5:6d:f3:db:6d:2a:a0:62:2a:9b:ef:d0:
04:46:51:b5:43:41:27:2b:29:7c:5e:d3:44:68:eb:
39:c3:c8:43:46:16:56:c9:f4:d2:09:24:94:88:9b:
6b:66:2c:8f:06:b7:20:aa:80:ca:ce:29:a1:03:df:
a3:01:f8:a6:9b:08:f7:2f:a8:b9:cf:0c:f6:ff:0b:
0a:cf:a1:03:86:ab:d8:a6:d4:74:82:98:91:0a:52:
c9:f5:1f:69:fe:6f:74:4f:5d:b6:c8:a3:86:87:2c:
df:30:a9:7c:04:34:97:5c:83:0f:75:18:f4:6a:38:
16:41:0a:5f:b0:9b:5c:71:c1:bc:0e:8a:46:1f:4c:
d3:e4:74:7e:fd:fa:d1:85:03:d9:d3:4b:46:77:6b:
1c:37:67:66:3a:77:0c:db:63:e6:af:b0:bb:d0:9a:
d6:37:bd:f6:fb:cc:c0:c3:3e:d3:f6:c5:cb:35:35:
25:b3:dc:cd:9a:98:f4:f7:06:bb:cc:8a:69:98:e5:
8c:24:b6:91:d6:22:20:fc:d9:9a:0a:71:6d:51:87:
61:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:99:AF:52:C6:B7:49:74:22:FE:CB:0E:2E:07:69:39:21:DA:72:21
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/o5mvUsa3SXQi_ssOLgdpOSHaciE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.162.0/24
Signature Algorithm: sha256WithRSAEncryption
75:37:68:54:a3:bb:ce:d2:e7:63:16:ee:27:24:fd:3b:60:66:
db:e8:66:4f:ad:f6:2e:a3:fe:ac:dc:85:8e:1f:8b:6f:4a:f1:
57:ff:fd:c6:5a:89:88:7a:2a:e3:61:0c:82:74:60:68:97:52:
49:30:f2:92:9e:56:b5:65:63:13:1d:43:e2:21:a8:e4:58:9c:
46:4c:d1:8f:df:fa:fe:af:8b:27:eb:97:54:ef:65:55:0b:b6:
c8:a9:6f:61:89:df:06:76:3c:ec:a3:e4:4d:c5:74:c3:20:f8:
8d:ba:23:36:d5:1f:9c:00:56:43:c4:08:43:8b:0e:ae:8e:ea:
d5:bb:fe:3e:01:7e:e7:60:07:8f:bd:ac:ee:22:42:ba:d7:fa:
03:dc:85:08:72:ec:cb:9c:89:f5:ea:47:23:51:fc:27:e1:7c:
ad:d1:60:64:76:f9:5a:77:56:ec:63:68:f1:80:42:22:1d:4d:
ec:9f:c1:fa:c5:18:07:2d:ef:10:15:de:81:55:b3:bb:35:c2:
1e:b2:57:4b:93:bf:6b:ba:83:b1:f1:01:3a:68:fd:2c:15:fe:
8f:17:4d:16:26:32:34:b3:d3:94:06:79:f3:af:1e:67:d8:c7:
81:7f:20:28:45:76:06:f4:e6:28:e9:59:6a:db:76:81:dd:b6:
f7:d0:9c:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOrvGIQCs+qvYWpVaJ9gjTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjIxMDA2MDUxOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk5YWY1MmM2Yjc0OTc0MjJmZWNiMGUyZTA3NjkzOTIxZGE3MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjutGbIo16qbfB7L2+MSACx3TSZI7
I9pen9H1OxQ4c7ppMuORNJcAJLExhfGQAU/lbfPbbSqgYiqb79AERlG1Q0EnKyl8
XtNEaOs5w8hDRhZWyfTSCSSUiJtrZiyPBrcgqoDKzimhA9+jAfimmwj3L6i5zwz2
/wsKz6EDhqvYptR0gpiRClLJ9R9p/m90T122yKOGhyzfMKl8BDSXXIMPdRj0ajgW
QQpfsJtcccG8DopGH0zT5HR+/frRhQPZ00tGd2scN2dmOncM22Pmr7C70JrWN732
+8zAwz7T9sXLNTUls9zNmpj09wa7zIppmOWMJLaR1iIg/NmaCnFtUYdhmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOZr1LGt0l0Iv7LDi4HaTkh2nIhMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvbzVtdlVzYTNTWFFpX3NzT0xnZHBPU0hhY2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbmiMA0G
CSqGSIb3DQEBCwUAA4IBAQB1N2hUo7vO0udjFu4nJP07YGbb6GZPrfYuo/6s3IWO
H4tvSvFX//3GWomIeirjYQyCdGBol1JJMPKSnla1ZWMTHUPiIajkWJxGTNGP3/r+
r4sn65dU72VVC7bIqW9hid8Gdjzso+RNxXTDIPiNuiM21R+cAFZDxAhDiw6ujurV
u/4+AX7nYAePvazuIkK61/oD3IUIcuzLnIn16kcjUfwn4Xyt0WBkdvlad1bsY2jx
gEIiHU3sn8H6xRgHLe8QFd6BVbO7NcIesldLk79ruoOx8QE6aP0sFf6PF00WJjI0
s9OUBnnzrx5n2MeBfyAoRXYG9OYo6Vlq23aB3bb30Jym
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:08 2023 by rpki-client on console-fra.rpki-client.org