Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/OmoxL8Q0BUM_KHLr_cw4ovBUmYI.roa
File: OmoxL8Q0BUM_KHLr_cw4ovBUmYI.roa (raw, json)
Hash identifier: ZNsvoUDERXzYfoDOBhOdo7wScr+WsqomLD+7gc6A2yc=
Subject key identifier: 3A:6A:31:2F:C4:34:05:43:3F:28:72:EB:FD:CC:38:A2:F0:54:99:82
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 01833201E58BF6B50BD4D4957E4000683050
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/OmoxL8Q0BUM_KHLr_cw4ovBUmYI.roa
Signing time: Mon 12 Sep 2022 14:02:08 +0000
ROA not before: Mon 12 Sep 2022 14:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3261
IP address blocks: 5.153.128.0/18 maxlen: 24
92.242.96.0/19 maxlen: 32
2a02:300::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:01:e5:8b:f6:b5:0b:d4:d4:95:7e:40:00:68:30:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Sep 12 14:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a6a312fc43405433f2872ebfdcc38a2f0549982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:10:ef:73:91:14:23:ad:26:b4:74:52:e9:
03:2c:04:a6:53:20:37:cc:26:cc:08:2c:17:e4:12:
a4:a2:1a:d8:b5:7a:a2:9d:3f:ed:9f:a9:2c:95:10:
fd:64:99:bf:f7:73:52:1c:c8:11:ac:6c:25:ad:5f:
44:04:15:87:87:c1:24:38:b0:11:26:a3:da:95:a5:
c0:d4:38:ec:dc:4d:84:d8:bf:7e:ac:bb:ad:57:7b:
eb:26:ec:b9:20:b2:a6:f8:4b:35:4e:56:f8:1b:56:
5d:45:fb:57:97:16:be:05:45:e5:bb:0a:9f:ec:fb:
7f:22:9e:0c:22:06:c8:fe:a6:a8:11:f5:ae:08:08:
cc:72:7c:43:f6:f9:53:cd:6b:08:ce:12:b7:33:19:
08:06:68:c7:00:fe:9f:2e:1b:e1:97:48:bf:af:0e:
ca:22:07:e0:9f:11:f0:d1:ea:84:6b:ea:20:09:db:
37:44:c1:d7:55:ca:fe:22:fc:9c:29:f8:6a:1b:91:
b8:d2:3f:77:6c:fd:a9:2c:38:f4:a0:6c:a8:5a:9c:
3b:cf:60:93:fd:34:06:29:90:52:29:c4:47:e4:82:
0c:90:a7:c0:cb:b7:d0:ac:bd:56:cc:bd:3a:69:a1:
47:21:44:c7:9e:10:3a:ed:52:7a:a6:52:b9:34:81:
e8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6A:31:2F:C4:34:05:43:3F:28:72:EB:FD:CC:38:A2:F0:54:99:82
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/OmoxL8Q0BUM_KHLr_cw4ovBUmYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.128.0/18
92.242.96.0/19
IPv6:
2a02:300::/32
Signature Algorithm: sha256WithRSAEncryption
6d:df:45:89:22:bd:3b:dd:fa:0e:05:72:54:a7:35:6b:37:c5:
33:df:fb:08:b9:55:0c:91:af:86:40:90:aa:63:95:08:f0:1f:
77:f6:23:6a:c9:be:a0:d8:e1:a9:8d:b3:13:24:dc:fa:f3:0a:
5f:33:e3:32:b7:97:6f:83:71:ab:4b:50:67:15:34:11:fd:a7:
c8:3f:6f:90:61:55:87:f3:b8:8b:b4:ea:73:10:c4:0a:79:44:
45:52:e3:68:16:84:73:6c:85:16:e6:52:4e:22:80:57:60:be:
78:db:cb:d7:52:7a:71:58:f8:3b:d6:25:3b:d0:b9:99:2e:68:
d6:08:31:0b:fd:42:75:3e:29:1f:7b:5d:09:05:aa:ab:ea:36:
39:da:35:c1:ad:32:57:56:9c:e0:a3:21:eb:99:ca:81:89:38:
d1:33:98:ec:87:86:c2:9d:5c:f8:e6:cf:7f:16:06:bc:1e:90:
df:24:cc:03:cd:69:3a:1e:d2:0a:1c:7b:34:ab:9f:8e:53:51:
4b:16:df:00:7f:32:a7:c2:13:8b:a1:57:ce:d6:29:53:de:f1:
3f:c2:89:c2:4a:42:0d:e6:fa:3f:f0:7f:d7:1c:86:d9:9b:e2:
e6:04:37:b3:ca:a0:e9:14:a3:e0:59:b2:2b:32:d9:91:8c:f6:
33:2f:e8:2f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYMyAeWL9rUL1NSVfkAAaDBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDc5OWFlMGVmZGQ5ODZkZGU3N2ZiMzVhZDBhMTA4MjNj
Yjk3MmYwHhcNMjIwOTEyMTQwMjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZhMzEyZmM0MzQwNTQzM2YyODcyZWJmZGNjMzhhMmYwNTQ5OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM0Q73ORFCOtJrR0UukDLASmUyA3
zCbMCCwX5BKkohrYtXqinT/tn6kslRD9ZJm/93NSHMgRrGwlrV9EBBWHh8EkOLAR
JqPalaXA1Djs3E2E2L9+rLutV3vrJuy5ILKm+Es1Tlb4G1ZdRftXlxa+BUXluwqf
7Pt/Ip4MIgbI/qaoEfWuCAjMcnxD9vlTzWsIzhK3MxkIBmjHAP6fLhvhl0i/rw7K
IgfgnxHw0eqEa+ogCds3RMHXVcr+IvycKfhqG5G40j93bP2pLDj0oGyoWpw7z2CT
/TQGKZBSKcRH5IIMkKfAy7fQrL1WzL06aaFHIUTHnhA67VJ6plK5NIHo2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDpqMS/ENAVDPyhy6/3MOKLwVJmCMB8GA1UdIwQY
MBaAFOfXma4O/dmG3ed/s1rQoQgjy5cvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMt
Mjg3OTM3OTQwZDdiLzEvT21veEw4UTBCVU1fS0hMcl9jdzRvdkJVbVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMtMjg3OTM3OTQwZDdi
LzEvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGBZmAAwQF
XPJgMA0EAgACMAcDBQAqAgMAMA0GCSqGSIb3DQEBCwUAA4IBAQBt30WJIr073foO
BXJUpzVrN8Uz3/sIuVUMka+GQJCqY5UI8B939iNqyb6g2OGpjbMTJNz68wpfM+My
t5dvg3GrS1BnFTQR/afIP2+QYVWH87iLtOpzEMQKeURFUuNoFoRzbIUW5lJOIoBX
YL5428vXUnpxWPg71iU70LmZLmjWCDEL/UJ1Pikfe10JBaqr6jY52jXBrTJXVpzg
oyHrmcqBiTjRM5jsh4bCnVz45s9/Fga8HpDfJMwDzWk6HtIKHHs0q5+OU1FLFt8A
fzKnwhOLoVfO1ilT3vE/wonCSkIN5vo/8H/XHIbZm+LmBDezyqDpFKPgWbIrMtmR
jPYzL+gv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:50 2023 by rpki-client on console-ams.rpki-client.org