Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/OBCj7FLHgch7na31n_5WJl-B7lk.roa
File: OBCj7FLHgch7na31n_5WJl-B7lk.roa (raw, json)
Hash identifier: 1I6SqM4elccxfd8CVHM7JkFX3mCPMYSnzZGF+JCmWYY=
Subject key identifier: 38:10:A3:EC:52:C7:81:C8:7B:9D:AD:F5:9F:FE:56:26:5F:81:EE:59
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 01915652E8C2970C560951DFCF4F0E95A5D9
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/OBCj7FLHgch7na31n_5WJl-B7lk.roa
Signing time: Thu 15 Aug 2024 13:55:59 +0000
ROA not before: Thu 15 Aug 2024 13:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56382
IP address blocks: 185.244.27.0/24 maxlen: 24
194.5.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:52:e8:c2:97:0c:56:09:51:df:cf:4f:0e:95:a5:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Aug 15 13:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3810a3ec52c781c87b9dadf59ffe56265f81ee59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9f:64:47:b1:d1:00:7c:d8:41:1a:22:4b:96:
5a:c0:2b:62:df:fe:ac:1f:03:cd:e0:a8:e1:39:db:
7f:6e:7e:40:0e:83:e8:f4:01:57:88:8c:90:09:fd:
cb:b4:bd:e4:bf:09:75:1b:72:90:44:75:00:6d:49:
24:3d:b3:f1:b3:1a:94:3f:c1:43:be:cc:8d:96:1a:
05:fb:5a:a8:f7:bd:51:51:d5:e0:f1:1f:c0:24:1b:
04:70:2e:e7:0f:11:7e:f2:29:9c:9e:88:42:68:a6:
3e:f6:ba:0e:dd:67:e3:c5:dc:67:40:06:30:45:cd:
19:f4:b5:21:db:52:8b:98:58:df:1d:bd:dc:ee:8c:
84:d3:4a:0e:aa:ec:15:1b:48:c5:70:67:b5:27:bb:
a0:0a:de:83:71:ca:ef:c4:2e:6c:04:a0:22:96:3f:
d6:80:de:1f:fa:62:25:7c:dc:af:8d:6f:8c:f8:3c:
28:51:b2:10:3f:0e:29:67:ee:e2:76:60:d8:05:0e:
9b:f0:95:c6:8e:ba:30:f0:e1:c0:1b:f4:40:a8:3e:
be:b0:bf:b5:8a:1d:f3:33:be:7e:99:ad:9e:aa:5d:
b6:6c:99:cf:eb:1d:08:50:92:f9:4a:fc:b2:e6:f4:
eb:b6:35:ee:f0:2e:1b:53:9f:4e:91:aa:96:5e:e4:
6d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:10:A3:EC:52:C7:81:C8:7B:9D:AD:F5:9F:FE:56:26:5F:81:EE:59
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/OBCj7FLHgch7na31n_5WJl-B7lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.27.0/24
194.5.99.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a1:82:f6:7e:f3:10:3e:32:be:a6:2b:e2:e1:7b:5a:0c:80:
9d:1f:78:51:b4:e4:70:de:a7:d6:3f:7c:28:f8:09:38:fd:01:
db:47:f6:75:0d:82:f5:a7:e5:cb:1d:6d:2b:ed:05:24:bb:b4:
31:40:9d:63:ab:89:65:90:ac:4a:20:fe:b5:67:11:f1:2f:8d:
2f:c6:8c:62:e4:0c:52:ff:71:a3:b1:ab:d3:1a:f4:a3:b0:8e:
6b:dc:70:c2:23:d6:07:cd:f7:f4:89:32:57:0c:f5:f3:00:6d:
b0:59:bd:e5:61:93:59:94:3c:72:16:e2:7f:56:a1:f1:50:e7:
11:a3:ff:b0:30:0d:4b:88:25:a8:23:6e:2a:09:cb:d3:0e:c0:
80:82:6f:ee:22:b0:d9:aa:78:ff:9a:59:1e:ca:3e:a3:dd:a8:
86:e6:08:d9:22:7e:51:37:75:6a:12:ed:a7:86:91:48:73:1a:
18:1a:0d:a9:97:d4:d4:be:03:d5:a5:31:9e:f5:b7:3c:e8:27:
80:3b:d6:05:be:12:b7:92:e5:73:ce:14:19:7f:e9:fd:30:89:
d5:9b:92:58:92:67:b2:e7:ca:07:07:c5:51:8f:1f:28:5d:da:
20:71:4f:4b:dd:34:99:70:b3:29:a2:b1:07:9f:38:40:70:e3:
f0:82:79:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFWUujClwxWCVHfz08OlaXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwODE1MTM1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODEwYTNlYzUyYzc4MWM4N2I5ZGFkZjU5ZmZlNTYyNjVmODFlZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1J9kR7HRAHzYQRoiS5ZawCti3/6s
HwPN4KjhOdt/bn5ADoPo9AFXiIyQCf3LtL3kvwl1G3KQRHUAbUkkPbPxsxqUP8FD
vsyNlhoF+1qo971RUdXg8R/AJBsEcC7nDxF+8imcnohCaKY+9roO3WfjxdxnQAYw
Rc0Z9LUh21KLmFjfHb3c7oyE00oOquwVG0jFcGe1J7ugCt6DccrvxC5sBKAilj/W
gN4f+mIlfNyvjW+M+DwoUbIQPw4pZ+7idmDYBQ6b8JXGjrow8OHAG/RAqD6+sL+1
ih3zM75+ma2eql22bJnP6x0IUJL5Svyy5vTrtjXu8C4bU59OkaqWXuRtqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDgQo+xSx4HIe52t9Z/+ViZfge5ZMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvT0JDajdGTEhnY2g3bmEzMW5fNVdKbC1CN2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufQbAwQA
wgVjMA0GCSqGSIb3DQEBCwUAA4IBAQB2oYL2fvMQPjK+pivi4XtaDICdH3hRtORw
3qfWP3wo+Ak4/QHbR/Z1DYL1p+XLHW0r7QUku7QxQJ1jq4llkKxKIP61ZxHxL40v
xoxi5AxS/3GjsavTGvSjsI5r3HDCI9YHzff0iTJXDPXzAG2wWb3lYZNZlDxyFuJ/
VqHxUOcRo/+wMA1LiCWoI24qCcvTDsCAgm/uIrDZqnj/mlkeyj6j3aiG5gjZIn5R
N3VqEu2nhpFIcxoYGg2pl9TUvgPVpTGe9bc86CeAO9YFvhK3kuVzzhQZf+n9MInV
m5JYkmey58oHB8VRjx8oXdogcU9L3TSZcLMporEHnzhAcOPwgnmB
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:13 2024 by rpki-client on console-ams.rpki-client.org