Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/oBd_HZH_dpZ_-eFpPZBd-bpqqLM.roa
File: oBd_HZH_dpZ_-eFpPZBd-bpqqLM.roa (raw, json)
Hash identifier: TBD1TivFkVd/PRBRt8albyVY+QjFijqqUA47YTPgegw=
Subject key identifier: A0:17:7F:1D:91:FF:76:96:7F:F9:E1:69:3D:90:5D:F9:BA:6A:A8:B3
Certificate issuer: /CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
Certificate serial: 01856D53E0AD306CC0CE3F94AC2AC06003FA
Authority key identifier: 46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/oBd_HZH_dpZ_-eFpPZBd-bpqqLM.roa
Signing time: Sun 01 Jan 2023 12:34:51 +0000
ROA not before: Sun 01 Jan 2023 12:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50926
IP address blocks: 212.34.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:e0:ad:30:6c:c0:ce:3f:94:ac:2a:c0:60:03:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
Validity
Not Before: Jan 1 12:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0177f1d91ff76967ff9e1693d905df9ba6aa8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0b:3c:95:df:50:f2:e1:20:af:59:90:83:33:
99:98:91:9f:ba:b9:c3:8d:2f:be:33:3a:0c:00:cb:
25:7d:98:91:be:ed:6f:67:15:47:6d:a9:e1:fc:ee:
57:9f:82:56:8b:17:ec:e3:45:67:d6:79:2a:8b:6b:
37:a7:51:b7:c3:ab:3c:05:55:fb:c6:83:1d:9b:5d:
fe:54:8d:27:36:be:6c:e5:03:e9:62:4f:4e:c5:0d:
fc:58:66:0d:8a:34:85:5c:c3:bf:bf:39:78:f4:6b:
50:0e:a2:cb:a3:4a:28:6a:3d:8b:0b:6e:2e:d8:f6:
12:75:55:f8:8d:38:6f:7b:3b:d6:dc:c8:b7:c6:fa:
fa:d2:3a:fd:85:c3:70:76:03:63:de:9c:54:6d:92:
f8:e1:f1:65:9b:a8:f2:f1:6a:3a:4d:43:41:af:75:
ba:d2:83:fa:d8:30:f0:05:3e:17:0d:46:26:e3:56:
14:df:6f:36:32:69:8c:46:82:c1:85:c6:4a:7d:e6:
e5:c2:4b:fc:3c:96:88:14:d8:f5:52:36:18:db:63:
bb:af:2b:f1:44:92:45:e6:16:ac:44:30:48:92:19:
1e:95:b3:98:64:57:b8:7b:dc:77:61:bb:19:1b:68:
7c:65:f4:71:00:ea:97:f9:04:5c:fc:34:df:3e:36:
4f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:17:7F:1D:91:FF:76:96:7F:F9:E1:69:3D:90:5D:F9:BA:6A:A8:B3
X509v3 Authority Key Identifier:
keyid:46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/oBd_HZH_dpZ_-eFpPZBd-bpqqLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/RspNyccGYfch1ozlNgHT1fmqjDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:bf:eb:f5:ad:27:a9:c0:07:17:00:77:92:8f:15:e8:85:67:
d4:c2:27:8a:4b:85:21:4d:b0:64:79:e1:0f:61:dd:eb:62:be:
26:d5:40:7c:b4:b1:b0:39:54:2f:b2:34:e4:c0:c9:fb:29:75:
f6:8d:28:ec:e1:aa:d8:74:ce:d9:f5:93:19:6b:59:b1:65:8e:
32:e7:fd:26:1b:a0:21:62:cf:5c:34:c4:60:75:04:f2:c8:94:
9a:2e:d2:e9:ba:04:e9:f9:d8:11:55:e7:40:b4:7a:ed:80:2e:
18:f3:b4:b4:4d:67:da:61:d5:40:6c:e8:6b:9d:8f:89:d8:4f:
07:46:24:cd:75:a3:73:4c:ae:45:59:91:42:59:0d:a6:02:04:
2b:53:9a:5d:8d:d6:02:ea:45:20:98:89:84:39:47:be:70:18:
d5:2b:e3:05:8c:9a:3f:e2:a9:fb:fb:91:0d:f2:f0:9d:ba:91:
55:a0:00:d1:d3:25:88:4e:7c:ce:b8:9f:57:89:53:a2:e8:bb:
a8:3d:13:04:c6:ba:66:de:0a:ba:0b:46:29:88:77:b5:79:14:
d1:76:9a:29:d9:05:4c:a5:af:be:e1:63:42:c5:b2:6f:c3:31:
17:e0:f9:47:15:e7:81:3d:6d:2d:4c:79:d8:22:80:db:7a:12:
71:47:1c:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU+CtMGzAzj+UrCrAYAP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2E0ZGM5YzcwNjYxZjcyMWQ2OGNlNTM2MDFkM2Q1Zjlh
YThjMzIwHhcNMjMwMTAxMTIzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDE3N2YxZDkxZmY3Njk2N2ZmOWUxNjkzZDkwNWRmOWJhNmFhOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQs8ld9Q8uEgr1mQgzOZmJGfurnD
jS++MzoMAMslfZiRvu1vZxVHbanh/O5Xn4JWixfs40Vn1nkqi2s3p1G3w6s8BVX7
xoMdm13+VI0nNr5s5QPpYk9OxQ38WGYNijSFXMO/vzl49GtQDqLLo0ooaj2LC24u
2PYSdVX4jThvezvW3Mi3xvr60jr9hcNwdgNj3pxUbZL44fFlm6jy8Wo6TUNBr3W6
0oP62DDwBT4XDUYm41YU3282MmmMRoLBhcZKfeblwkv8PJaIFNj1UjYY22O7ryvx
RJJF5hasRDBIkhkelbOYZFe4e9x3YbsZG2h8ZfRxAOqX+QRc/DTfPjZP/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAXfx2R/3aWf/nhaT2QXfm6aqizMB8GA1UdIwQY
MBaAFEbKTcnHBmH3IdaM5TYB09X5qowyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODct
YTA3YTRmYzdiNDVjLzEvb0JkX0haSF9kcFpfLWVGcFBaQmQtYnBxcUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODctYTA3YTRmYzdiNDVj
LzEvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1CKAMA0G
CSqGSIb3DQEBCwUAA4IBAQAev+v1rSepwAcXAHeSjxXohWfUwieKS4UhTbBkeeEP
Yd3rYr4m1UB8tLGwOVQvsjTkwMn7KXX2jSjs4arYdM7Z9ZMZa1mxZY4y5/0mG6Ah
Ys9cNMRgdQTyyJSaLtLpugTp+dgRVedAtHrtgC4Y87S0TWfaYdVAbOhrnY+J2E8H
RiTNdaNzTK5FWZFCWQ2mAgQrU5pdjdYC6kUgmImEOUe+cBjVK+MFjJo/4qn7+5EN
8vCdupFVoADR0yWITnzOuJ9XiVOi6LuoPRMExrpm3gq6C0YpiHe1eRTRdpop2QVM
pa++4WNCxbJvwzEX4PlHFeeBPW0tTHnYIoDbehJxRxxM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:32 2024 by rpki-client on console-fra.rpki-client.org