Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/OBgxrGWg8lOCr1FhxC7hCU7aQJQ.roa
File: OBgxrGWg8lOCr1FhxC7hCU7aQJQ.roa (raw, json)
Hash identifier: 1QUSJ2loClya4RNyPcVSfpAFcxWsDVw6hI1xJW6S59w=
Subject key identifier: 38:18:31:AC:65:A0:F2:53:82:AF:51:61:C4:2E:E1:09:4E:DA:40:94
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018C3421D59E8B4B21FC9F37B9C74DD13835
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/OBgxrGWg8lOCr1FhxC7hCU7aQJQ.roa
Signing time: Mon 04 Dec 2023 09:21:21 +0000
ROA not before: Mon 04 Dec 2023 09:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215911
IP address blocks: 188.132.223.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:21:d5:9e:8b:4b:21:fc:9f:37:b9:c7:4d:d1:38:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Dec 4 09:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=381831ac65a0f25382af5161c42ee1094eda4094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:af:9d:84:04:69:e8:d4:b1:b7:39:dd:f2:45:
87:2f:2b:50:29:d3:9e:55:a8:b0:c2:f0:c4:57:01:
89:c5:32:f1:74:c7:f1:8f:ae:3f:38:f7:ec:0e:0c:
1a:b6:44:c8:cc:1b:fe:14:fe:a4:a9:8e:fd:d6:59:
ee:e9:e3:17:6e:cd:e8:95:91:75:82:29:6b:71:8a:
a7:34:4b:74:0a:96:6c:03:6a:de:58:a8:98:22:6e:
30:c9:00:ce:04:af:aa:e9:61:b7:76:24:9c:44:80:
b5:8d:93:cb:50:61:dd:28:c2:d8:d2:6b:95:94:90:
7d:c0:53:f6:2b:db:d8:77:41:6d:5d:43:e9:d2:6f:
ff:95:21:c7:ff:94:7f:1d:ed:ab:1c:b4:b1:7d:f4:
0d:fd:79:6f:ce:ae:d9:8f:76:46:24:22:2f:de:53:
f8:7a:be:fd:4e:99:af:a5:21:92:92:ff:ea:64:4a:
a8:b7:05:03:bd:1c:af:8c:b3:40:f6:e3:7b:10:7f:
18:a4:06:6b:a6:d5:38:66:e5:eb:b8:98:4f:13:33:
51:e5:9f:c4:5a:80:4e:37:f2:af:53:2b:30:c1:17:
d4:f3:ae:c0:ac:67:cb:8d:8d:13:0b:60:90:ae:53:
c7:6f:ff:49:1b:05:7f:0d:05:f8:63:4d:49:08:ce:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:18:31:AC:65:A0:F2:53:82:AF:51:61:C4:2E:E1:09:4E:DA:40:94
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/OBgxrGWg8lOCr1FhxC7hCU7aQJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b8:95:26:87:e8:c3:a5:2d:e0:06:6f:ca:5f:6e:b3:fb:f2:
15:12:2d:40:9e:6c:10:d4:72:f9:cb:ec:bd:23:cb:38:29:56:
08:16:ce:3d:c2:9b:0d:bd:30:50:eb:82:67:a7:24:dc:4e:12:
84:0a:2f:20:e2:9a:b7:ed:f9:cb:38:40:4b:67:c4:fb:d7:0b:
ba:b7:1c:37:1f:c0:16:5b:8f:31:2c:eb:25:31:d7:3e:17:65:
ae:d9:d2:fd:5b:c3:9a:23:23:89:cd:ab:e1:cf:59:b2:59:63:
7d:f7:89:c1:0e:cd:0f:93:a4:95:d3:22:8a:42:cd:8d:d1:31:
7e:28:46:aa:fe:8d:eb:a8:0e:8a:6b:e6:f2:30:bc:73:30:8f:
5c:68:e1:9b:12:9b:4c:10:19:0f:77:80:19:18:1b:cd:5a:41:
59:a5:c8:d1:0a:5a:a3:d3:58:cf:31:84:cc:5a:e0:62:a8:d4:
96:70:15:b1:84:a1:24:cc:b2:05:6a:a6:2b:96:a9:00:bc:ef:
e1:7c:c4:76:9d:7d:92:01:8f:09:50:b7:4c:03:01:eb:33:5d:
23:f1:21:38:6b:5a:a3:f0:0f:f3:82:2e:e9:e2:50:0c:3c:ca:
af:cb:39:7b:22:3f:ac:6c:33:41:9e:57:53:8f:ff:cf:80:57:
ae:8b:17:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw0IdWei0sh/J83ucdN0Tg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMjA0MDkyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE4MzFhYzY1YTBmMjUzODJhZjUxNjFjNDJlZTEwOTRlZGE0MDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6+dhARp6NSxtznd8kWHLytQKdOe
VaiwwvDEVwGJxTLxdMfxj64/OPfsDgwatkTIzBv+FP6kqY791lnu6eMXbs3olZF1
gilrcYqnNEt0CpZsA2reWKiYIm4wyQDOBK+q6WG3diScRIC1jZPLUGHdKMLY0muV
lJB9wFP2K9vYd0FtXUPp0m//lSHH/5R/He2rHLSxffQN/Xlvzq7Zj3ZGJCIv3lP4
er79TpmvpSGSkv/qZEqotwUDvRyvjLNA9uN7EH8YpAZrptU4ZuXruJhPEzNR5Z/E
WoBON/KvUyswwRfU867ArGfLjY0TC2CQrlPHb/9JGwV/DQX4Y01JCM7MIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgYMaxloPJTgq9RYcQu4QlO2kCUMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvT0JneHJHV2c4bE9DcjFGaHhDN2hDVTdhUUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITfMA0G
CSqGSIb3DQEBCwUAA4IBAQChuJUmh+jDpS3gBm/KX26z+/IVEi1AnmwQ1HL5y+y9
I8s4KVYIFs49wpsNvTBQ64JnpyTcThKECi8g4pq37fnLOEBLZ8T71wu6txw3H8AW
W48xLOslMdc+F2Wu2dL9W8OaIyOJzavhz1myWWN994nBDs0Pk6SV0yKKQs2N0TF+
KEaq/o3rqA6Ka+byMLxzMI9caOGbEptMEBkPd4AZGBvNWkFZpcjRClqj01jPMYTM
WuBiqNSWcBWxhKEkzLIFaqYrlqkAvO/hfMR2nX2SAY8JULdMAwHrM10j8SE4a1qj
8A/zgi7p4lAMPMqvyzl7Ij+sbDNBnldTj//PgFeuixfA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:32 2025 by rpki-client