Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/3omgaLWYynQnfslqydDcIaKBOjA.roa
File: 3omgaLWYynQnfslqydDcIaKBOjA.roa (raw, json)
Hash identifier: O+3FU34CcYRffJ6jXa2PUpW0GUSyQLhKtZgsx5/gfc0=
Subject key identifier: DE:89:A0:68:B5:98:CA:74:27:7E:C9:6A:C9:D0:DC:21:A2:81:3A:30
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 01828ADF3C88F53490A33D6AEA17ACBD31D6
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/3omgaLWYynQnfslqydDcIaKBOjA.roa
Signing time: Thu 11 Aug 2022 03:07:42 +0000
ROA not before: Thu 11 Aug 2022 03:07:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.137.18.0/24 maxlen: 24
81.28.254.0/23 maxlen: 24
45.132.80.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8a:df:3c:88:f5:34:90:a3:3d:6a:ea:17:ac:bd:31:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Aug 11 03:07:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de89a068b598ca74277ec96ac9d0dc21a2813a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:50:6a:5e:6c:fb:3a:d4:ee:a0:80:d8:5b:
30:54:26:e5:54:e6:d0:99:ed:e4:18:82:d4:7c:1c:
c9:7e:9c:9e:cc:77:88:44:63:26:5a:87:38:af:a3:
86:0c:57:64:e4:8f:60:82:1b:a8:6e:65:f7:9f:6a:
09:7a:e8:5a:18:fe:a6:e2:01:3b:7e:68:c9:ba:df:
d0:1d:88:61:3b:d1:21:90:92:9b:f9:11:bc:67:df:
ec:92:56:9f:64:18:96:3b:0d:ef:c5:b1:82:8b:80:
9c:4f:30:cb:ce:fb:de:78:3f:61:0a:71:f1:47:0c:
b0:16:46:1f:3b:6d:e1:c3:c6:cd:d0:c0:9e:70:10:
03:5d:f0:36:09:13:39:f7:67:24:c2:f5:6e:69:8a:
5c:b1:82:1f:02:35:b9:6a:61:75:16:2a:39:5a:ef:
b5:8b:54:27:5b:56:22:4a:59:81:e9:77:6c:e1:31:
45:16:2a:67:b8:dd:77:14:94:3b:c7:bc:d2:a7:b6:
77:c3:49:9d:1f:e5:05:1c:62:e4:e5:69:7f:e7:e3:
10:62:88:dc:18:a8:fe:e2:36:30:b3:2a:64:a8:dc:
bd:7f:b9:b8:2b:a9:bc:d1:80:1a:d2:3f:9a:6c:bd:
96:06:35:80:3c:c2:05:13:12:c0:92:8c:de:26:5f:
ba:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:89:A0:68:B5:98:CA:74:27:7E:C9:6A:C9:D0:DC:21:A2:81:3A:30
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/3omgaLWYynQnfslqydDcIaKBOjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.137.18.0/24
81.28.254.0/23
176.105.228.0/22
Signature Algorithm: sha256WithRSAEncryption
86:e0:6e:97:07:a9:3c:20:ea:b5:b9:f7:7b:b8:c5:8c:2e:d2:
9c:1c:bf:b6:17:f2:66:34:7c:c1:ab:a0:97:0c:c4:61:c3:07:
82:2a:3d:48:76:16:b0:90:0b:4b:14:87:61:b6:4c:ca:43:9f:
8d:0f:b5:bb:15:a4:04:05:e7:d2:b0:d2:aa:06:c2:cd:32:02:
56:ec:55:45:a3:42:30:5d:d8:43:3d:9e:30:6d:89:a0:10:5e:
7d:f8:78:f1:c0:cc:e7:a3:49:e3:2a:c9:79:17:33:7a:bd:48:
78:c5:1f:2a:21:b6:55:a9:90:a0:e3:5c:1d:48:a3:4f:c7:0b:
f2:95:cd:50:96:8b:f9:b9:9f:90:6a:ae:3f:b8:9a:db:19:e7:
f3:8f:4b:28:fa:e4:ed:1d:e9:59:01:79:3e:1b:1c:f2:03:59:
f2:c2:05:e0:1b:db:f5:50:bf:66:ad:c4:de:c2:8b:4b:fb:fa:
06:09:78:6b:e1:47:c9:d2:98:93:cf:e9:a9:1b:8d:00:3a:ce:
b5:90:0c:a5:9b:31:14:ef:33:e2:9e:82:0c:39:18:30:9f:57:
41:65:b5:a4:3c:10:fa:b2:2f:5a:bd:21:b0:88:5f:ac:fe:b6:
97:7d:ec:51:0e:b6:8a:4d:74:10:ac:01:b8:1b:5f:9b:19:73:
00:b8:b6:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKK3zyI9TSQoz1q6hesvTHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwODExMDMwNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg5YTA2OGI1OThjYTc0Mjc3ZWM5NmFjOWQwZGMyMWEyODEzYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZpQal5s+zrU7qCA2FswVCblVObQ
me3kGILUfBzJfpyezHeIRGMmWoc4r6OGDFdk5I9gghuobmX3n2oJeuhaGP6m4gE7
fmjJut/QHYhhO9EhkJKb+RG8Z9/sklafZBiWOw3vxbGCi4CcTzDLzvveeD9hCnHx
RwywFkYfO23hw8bN0MCecBADXfA2CRM592ckwvVuaYpcsYIfAjW5amF1Fio5Wu+1
i1QnW1YiSlmB6Xds4TFFFipnuN13FJQ7x7zSp7Z3w0mdH+UFHGLk5Wl/5+MQYojc
GKj+4jYwsypkqNy9f7m4K6m80YAa0j+abL2WBjWAPMIFExLAkozeJl+6tQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN6JoGi1mMp0J37JasnQ3CGigTowMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvM29tZ2FMV1l5blFuZnNscXlkRGNJYUtCT2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYRQAwQA
LYkSAwQBURz+AwQCsGnkMA0GCSqGSIb3DQEBCwUAA4IBAQCG4G6XB6k8IOq1ufd7
uMWMLtKcHL+2F/JmNHzBq6CXDMRhwweCKj1IdhawkAtLFIdhtkzKQ5+ND7W7FaQE
BefSsNKqBsLNMgJW7FVFo0IwXdhDPZ4wbYmgEF59+HjxwMzno0njKsl5FzN6vUh4
xR8qIbZVqZCg41wdSKNPxwvylc1Qlov5uZ+Qaq4/uJrbGefzj0so+uTtHelZAXk+
GxzyA1nywgXgG9v1UL9mrcTewotL+/oGCXhr4UfJ0piTz+mpG40AOs61kAylmzEU
7zPinoIMORgwn1dBZbWkPBD6si9avSGwiF+s/raXfexRDraKTXQQrAG4G1+bGXMA
uLZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org