Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/O-0e_dhT333n6h4NuL4rq1s5r2I.roa
File: O-0e_dhT333n6h4NuL4rq1s5r2I.roa (raw, json)
Hash identifier: J8zRlXR6YimXwnYfmjWpa9hiDJiwOh5R6VqEsfu1ouk=
Subject key identifier: 3B:ED:1E:FD:D8:53:DF:7D:E7:EA:1E:0D:B8:BE:2B:AB:5B:39:AF:62
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018B665BB9B80F94636A9D1CE038898C9D5D
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/O-0e_dhT333n6h4NuL4rq1s5r2I.roa
Signing time: Wed 25 Oct 2023 10:22:49 +0000
ROA not before: Wed 25 Oct 2023 10:22:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44620
IP address blocks: 188.132.206.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:5b:b9:b8:0f:94:63:6a:9d:1c:e0:38:89:8c:9d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 25 10:22:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bed1efdd853df7de7ea1e0db8be2bab5b39af62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:11:0a:f2:4f:87:93:c5:13:e0:8c:bf:3b:
9c:19:a9:d4:1c:64:4d:d7:a8:61:05:8b:0a:7b:2b:
00:be:68:c0:72:62:3b:18:bb:ea:95:0b:ec:1b:31:
1d:07:6c:41:74:d0:c4:22:42:e2:29:31:84:b7:6a:
ab:e2:3a:ed:0d:91:6f:ac:ab:15:cd:73:f8:b8:6b:
e8:9a:1d:fd:60:8f:39:d1:4f:72:d1:47:02:7a:ac:
33:d5:4a:11:e6:c9:32:59:f9:3c:79:27:ac:31:44:
9a:46:da:f5:54:92:64:26:28:f5:ad:d6:76:92:c3:
64:33:29:4c:e0:c5:c1:b0:2c:e9:f6:32:fa:bc:4e:
09:a2:a7:77:bc:0d:0b:c1:37:51:27:49:7b:1d:39:
02:99:a4:3a:e7:1c:25:a1:9e:7a:2a:80:d8:3b:0e:
d6:8a:c7:e0:02:c9:7f:3a:53:2c:34:6c:ed:a5:56:
f2:0b:4e:13:45:40:89:1d:12:0e:6e:4a:52:98:13:
e7:8b:f9:90:85:08:b6:a1:ee:6c:6d:b5:b8:ff:71:
db:46:37:d9:34:7e:89:15:3b:fe:b2:c1:ff:3c:ed:
ec:f4:a5:af:97:1f:27:4c:fd:91:b2:02:4c:b6:ce:
b9:14:f9:49:12:a6:b1:4a:30:ef:31:be:34:bd:9f:
4b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:ED:1E:FD:D8:53:DF:7D:E7:EA:1E:0D:B8:BE:2B:AB:5B:39:AF:62
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/O-0e_dhT333n6h4NuL4rq1s5r2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.206.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ac:b0:f0:cd:11:c6:14:f7:bc:61:7b:6b:0a:1b:1a:b0:29:
74:2d:2e:8e:1b:20:62:63:78:bc:58:44:2e:4a:fd:b7:93:f3:
6e:46:ed:5b:54:c2:70:e9:50:b1:c7:c0:93:a3:51:0a:cb:2d:
b8:8a:c5:03:8f:d4:81:7d:21:19:3a:9d:47:1b:e3:e8:b5:6a:
65:ad:17:84:a5:08:8a:34:fa:1b:39:7a:23:ff:9e:3f:b5:c5:
2f:b9:ae:a7:de:26:1b:43:40:26:fd:ab:6c:83:f6:0b:cf:f4:
3b:0f:4c:82:a9:c5:1c:7d:a7:b1:24:7d:b2:41:5f:3e:8b:6b:
97:ce:81:7b:22:c7:ee:d0:2c:11:aa:c0:ad:8b:51:9d:66:48:
64:99:ee:fe:d8:4c:54:9c:66:c0:6a:c4:eb:64:9c:e6:6e:f8:
94:ab:0e:4c:76:6c:49:aa:42:d6:fb:50:92:95:9d:fa:9c:b4:
28:0c:ce:29:35:9f:99:b8:ff:f2:ed:7e:e7:32:50:98:7a:f0:
61:a0:30:84:64:f7:18:f9:29:d1:89:fc:c5:16:61:83:f8:84:
c2:c8:a2:df:07:5d:e2:0e:50:a7:4e:a0:02:7d:b4:bc:0a:da:
93:d9:f0:91:7d:9f:e5:e5:dd:df:16:15:3d:b5:07:66:ea:64:
1c:18:18:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtmW7m4D5Rjap0c4DiJjJ1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDI1MTAyMjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVkMWVmZGQ4NTNkZjdkZTdlYTFlMGRiOGJlMmJhYjViMzlhZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+YRCvJPh5PFE+CMvzucGanUHGRN
16hhBYsKeysAvmjAcmI7GLvqlQvsGzEdB2xBdNDEIkLiKTGEt2qr4jrtDZFvrKsV
zXP4uGvomh39YI850U9y0UcCeqwz1UoR5skyWfk8eSesMUSaRtr1VJJkJij1rdZ2
ksNkMylM4MXBsCzp9jL6vE4Joqd3vA0LwTdRJ0l7HTkCmaQ65xwloZ56KoDYOw7W
isfgAsl/OlMsNGztpVbyC04TRUCJHRIObkpSmBPni/mQhQi2oe5sbbW4/3HbRjfZ
NH6JFTv+ssH/PO3s9KWvlx8nTP2RsgJMts65FPlJEqaxSjDvMb40vZ9LnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvtHv3YU9995+oeDbi+K6tbOa9iMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvTy0wZV9kaFQzMzNuNmg0TnVMNHJxMXM1cjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITOMA0G
CSqGSIb3DQEBCwUAA4IBAQAmrLDwzRHGFPe8YXtrChsasCl0LS6OGyBiY3i8WEQu
Sv23k/NuRu1bVMJw6VCxx8CTo1EKyy24isUDj9SBfSEZOp1HG+PotWplrReEpQiK
NPobOXoj/54/tcUvua6n3iYbQ0Am/atsg/YLz/Q7D0yCqcUcfaexJH2yQV8+i2uX
zoF7Isfu0CwRqsCti1GdZkhkme7+2ExUnGbAasTrZJzmbviUqw5MdmxJqkLW+1CS
lZ36nLQoDM4pNZ+ZuP/y7X7nMlCYevBhoDCEZPcY+SnRifzFFmGD+ITCyKLfB13i
DlCnTqACfbS8CtqT2fCRfZ/l5d3fFhU9tQdm6mQcGBgO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org