Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/O2xL3kIfmKqP5F9RA3vA7qhJ00s.roa
File: O2xL3kIfmKqP5F9RA3vA7qhJ00s.roa (raw, json)
Hash identifier: bcl3heUtOXQg+rhb1XJ8f21WQNboZkYlczCbfXf4xcE=
Subject key identifier: 3B:6C:4B:DE:42:1F:98:AA:8F:E4:5F:51:03:7B:C0:EE:A8:49:D3:4B
Certificate issuer: /CN=0c6f182804b56e508aa372c03cceb73ef8c2c68b
Certificate serial: 01856D8AE90A0918EA3601AFC34B40532DE0
Authority key identifier: 0C:6F:18:28:04:B5:6E:50:8A:A3:72:C0:3C:CE:B7:3E:F8:C2:C6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DG8YKAS1blCKo3LAPM63PvjCxos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/O2xL3kIfmKqP5F9RA3vA7qhJ00s.roa
Signing time: Sun 01 Jan 2023 13:34:58 +0000
ROA not before: Sun 01 Jan 2023 13:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29061
IP address blocks: 92.62.64.0/21 maxlen: 24
92.62.64.0/20 maxlen: 24
92.62.66.0/23 maxlen: 23
92.62.65.0/24 maxlen: 24
95.87.64.0/19 maxlen: 24
185.53.229.0/24 maxlen: 24
185.53.228.0/22 maxlen: 22
185.53.228.0/24 maxlen: 24
185.53.231.0/24 maxlen: 24
185.53.230.0/24 maxlen: 24
217.29.17.0/24 maxlen: 24
217.29.16.0/24 maxlen: 24
217.29.16.0/21 maxlen: 24
217.29.16.0/20 maxlen: 24
217.29.24.0/24 maxlen: 24
217.29.23.0/24 maxlen: 24
217.29.24.0/21 maxlen: 21
217.29.20.0/24 maxlen: 24
217.29.22.0/24 maxlen: 24
217.29.21.0/24 maxlen: 24
217.29.19.0/24 maxlen: 24
217.29.18.0/24 maxlen: 24
217.29.26.0/24 maxlen: 24
217.29.25.0/24 maxlen: 24
217.29.31.0/24 maxlen: 24
217.29.27.0/24 maxlen: 24
217.29.28.0/24 maxlen: 24
2a02:820::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:e9:0a:09:18:ea:36:01:af:c3:4b:40:53:2d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6f182804b56e508aa372c03cceb73ef8c2c68b
Validity
Not Before: Jan 1 13:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b6c4bde421f98aa8fe45f51037bc0eea849d34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:53:35:5c:cf:62:88:c4:bf:7b:6b:8c:42:d1:
1d:9b:f7:5a:9d:63:cf:3f:20:e3:60:1a:b4:f3:50:
d1:e3:9f:6b:ec:1d:bc:76:2a:39:d9:d7:81:ad:6c:
80:d7:0d:a7:ae:e4:84:02:7c:56:13:65:20:e9:b8:
61:31:99:5e:cb:d6:89:e6:4f:20:07:20:93:9b:40:
65:14:ae:f4:a8:32:5f:d4:d5:60:7e:e6:00:17:3a:
5e:33:99:cd:9b:0e:9a:12:6c:c1:1c:d8:8e:ce:cc:
53:69:48:f1:15:49:be:38:93:25:77:2c:35:8e:96:
2e:91:fc:ba:36:3e:d8:57:51:91:4e:59:23:d4:c3:
a0:a3:5b:2e:1a:1f:80:32:85:37:0a:36:58:3c:47:
2f:41:62:75:c8:a8:f2:3c:fc:1a:4f:d9:64:a6:5d:
50:e1:4a:29:39:75:f7:d8:13:36:b0:d8:dc:c1:f2:
75:9f:00:44:c5:61:79:7e:4d:cc:d9:05:11:d3:15:
88:8c:d5:9f:fd:f8:c9:83:1f:c9:3e:5f:73:b2:e2:
3e:80:3e:d0:2f:91:48:9e:24:13:9e:0f:fd:f3:5b:
3d:38:c6:fa:97:f9:7d:b4:7a:49:3c:86:76:73:df:
0c:c1:90:db:91:88:9c:77:29:67:8d:21:90:b4:62:
6c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6C:4B:DE:42:1F:98:AA:8F:E4:5F:51:03:7B:C0:EE:A8:49:D3:4B
X509v3 Authority Key Identifier:
keyid:0C:6F:18:28:04:B5:6E:50:8A:A3:72:C0:3C:CE:B7:3E:F8:C2:C6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DG8YKAS1blCKo3LAPM63PvjCxos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/O2xL3kIfmKqP5F9RA3vA7qhJ00s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6c0e22-fb61-49db-b065-993cd8388fd5/1/DG8YKAS1blCKo3LAPM63PvjCxos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.64.0/20
95.87.64.0/19
185.53.228.0/22
217.29.16.0/20
IPv6:
2a02:820::/32
Signature Algorithm: sha256WithRSAEncryption
5f:93:87:63:1f:f7:4d:89:c2:d5:05:e4:68:6e:85:31:75:8c:
fc:1f:bf:65:6b:ef:b4:fb:74:86:2b:0c:0e:93:01:ef:9e:37:
cb:27:e9:41:d1:0b:46:a5:60:1b:12:46:43:f9:48:01:bd:22:
75:d5:33:d9:d1:ce:ca:a6:9a:99:0f:05:31:19:04:76:ae:b9:
49:55:d7:4d:83:40:ff:69:e9:50:49:3f:5c:07:58:5e:49:7f:
0b:89:fd:a0:1c:d5:20:30:1a:3f:4c:f0:61:88:fe:a0:00:2c:
bb:ce:bd:e6:48:40:ad:47:a2:a2:ff:95:42:e8:33:9b:3a:8a:
79:b7:d2:e8:0f:44:bd:2e:cd:78:37:52:ab:14:fd:f7:43:24:
4d:db:7f:e3:85:95:b8:e2:63:20:fe:60:75:eb:ef:9f:83:85:
be:6f:1e:a8:97:ca:2a:a8:66:da:5b:01:59:7d:f5:23:54:5d:
a4:40:04:ef:44:d9:bd:94:9c:94:55:af:62:db:e2:27:45:43:
44:51:bc:9d:9f:f2:ac:d4:76:07:49:0d:3e:90:de:29:a2:e7:
7f:3f:5f:ad:13:4a:54:bb:d4:64:f4:0d:b2:19:17:14:c5:a9:
90:9a:d4:ba:8a:e1:9b:fc:0c:d7:db:59:1b:53:64:4d:37:ac:
7d:c0:6d:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtiukKCRjqNgGvw0tAUy3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNmYxODI4MDRiNTZlNTA4YWEzNzJjMDNjY2ViNzNlZjhj
MmM2OGIwHhcNMjMwMTAxMTMzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZjNGJkZTQyMWY5OGFhOGZlNDVmNTEwMzdiYzBlZWE4NDlkMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVM1XM9iiMS/e2uMQtEdm/danWPP
PyDjYBq081DR459r7B28dio52deBrWyA1w2nruSEAnxWE2Ug6bhhMZley9aJ5k8g
ByCTm0BlFK70qDJf1NVgfuYAFzpeM5nNmw6aEmzBHNiOzsxTaUjxFUm+OJMldyw1
jpYukfy6Nj7YV1GRTlkj1MOgo1suGh+AMoU3CjZYPEcvQWJ1yKjyPPwaT9lkpl1Q
4UopOXX32BM2sNjcwfJ1nwBExWF5fk3M2QUR0xWIjNWf/fjJgx/JPl9zsuI+gD7Q
L5FIniQTng/981s9OMb6l/l9tHpJPIZ2c98MwZDbkYicdylnjSGQtGJs1QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDtsS95CH5iqj+RfUQN7wO6oSdNLMB8GA1UdIwQY
MBaAFAxvGCgEtW5QiqNywDzOtz74wsaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREc4WUtBUzFibENLbzNMQVBNNjNQdmpDeG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82YzBlMjItZmI2MS00OWRiLWIwNjUt
OTkzY2Q4Mzg4ZmQ1LzEvTzJ4TDNrSWZtS3FQNUY5UkEzdkE3cWhKMDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82YzBlMjItZmI2MS00OWRiLWIwNjUtOTkzY2Q4Mzg4ZmQ1
LzEvREc4WUtBUzFibENLbzNMQVBNNjNQdmpDeG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXD5AAwQF
X1dAAwQCuTXkAwQE2R0QMA0EAgACMAcDBQAqAgggMA0GCSqGSIb3DQEBCwUAA4IB
AQBfk4djH/dNicLVBeRoboUxdYz8H79la++0+3SGKwwOkwHvnjfLJ+lB0QtGpWAb
EkZD+UgBvSJ11TPZ0c7KppqZDwUxGQR2rrlJVddNg0D/aelQST9cB1heSX8Lif2g
HNUgMBo/TPBhiP6gACy7zr3mSECtR6Ki/5VC6DObOop5t9LoD0S9Ls14N1KrFP33
QyRN23/jhZW44mMg/mB16++fg4W+bx6ol8oqqGbaWwFZffUjVF2kQATvRNm9lJyU
Va9i2+InRUNEUbydn/Ks1HYHSQ0+kN4poud/P1+tE0pUu9Rk9A2yGRcUxamQmtS6
iuGb/AzX21kbU2RNN6x9wG1q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:27 2025 by rpki-client