Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/3O5G_AXgdXFDDVcJHwH4kbObjrE.roa
File: 3O5G_AXgdXFDDVcJHwH4kbObjrE.roa (raw, json)
Hash identifier: dU4GG6R6udLTfFnepf0o3F073+Ym2IdEv3KjZqFSTyg=
Subject key identifier: DC:EE:46:FC:05:E0:75:71:43:0D:57:09:1F:01:F8:91:B3:9B:8E:B1
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FB6FCD8
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/3O5G_AXgdXFDDVcJHwH4kbObjrE.roa
Signing time: Sat 01 Jan 2022 10:04:48 +0000
ROA not before: Sat 01 Jan 2022 10:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12469
IP address blocks: 194.45.183.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800521432 (0x2fb6fcd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcee46fc05e07571430d57091f01f891b39b8eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:90:cb:8a:46:83:4d:f3:25:d7:ef:ee:1f:
e4:c1:17:67:4c:8b:c1:68:cf:b7:b4:fa:5a:d2:fc:
3c:f0:2b:97:5d:98:5f:de:cf:65:9c:8e:b2:36:bd:
2e:fe:76:48:ab:2d:84:ac:ef:71:08:10:80:98:fb:
8e:1f:59:a0:d0:aa:b1:52:e2:97:8c:f6:17:93:e9:
ae:a3:31:79:8d:26:ad:86:cc:91:0e:14:8a:7c:a0:
da:0e:85:23:55:82:f3:bc:e8:e0:49:34:49:1c:6f:
00:25:ba:89:b0:3f:24:73:c8:86:38:15:5c:bd:d9:
44:72:e8:b0:65:06:ad:b3:fb:23:b6:f3:6a:93:aa:
5b:2f:e6:d3:7b:1b:af:79:59:28:5e:b9:00:b8:c7:
75:d6:95:64:48:21:af:5f:0f:a6:a9:b1:bd:46:d3:
77:58:b2:36:01:29:5f:54:bd:bf:f2:b1:d3:d5:a0:
d1:25:d9:e5:5b:b2:b3:24:7d:2e:d7:5b:fd:03:a3:
c4:14:1b:5f:44:36:b5:64:ec:5d:9d:b9:a0:67:13:
40:71:f9:6f:c5:fd:c5:02:d3:0b:b6:9e:fc:e7:68:
ae:cd:9d:07:b4:31:6d:eb:35:0b:43:eb:d5:15:67:
86:fa:b2:2d:4e:61:d5:51:a3:fd:e2:25:2a:77:20:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EE:46:FC:05:E0:75:71:43:0D:57:09:1F:01:F8:91:B3:9B:8E:B1
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/3O5G_AXgdXFDDVcJHwH4kbObjrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.183.0/24
Signature Algorithm: sha256WithRSAEncryption
37:55:d0:87:3b:24:e2:80:c4:87:d4:b1:f4:4d:70:e9:7a:f0:
cb:65:ba:29:08:30:a7:35:5a:9c:7b:58:3a:ae:f7:3f:ed:f1:
e5:3c:cd:84:91:ae:c7:ea:d2:8f:cd:d3:7c:d3:f3:ed:1d:1e:
78:e8:74:d0:3d:c1:f1:a6:1e:56:80:d0:7b:95:af:89:c0:29:
cc:3d:95:2d:d9:36:36:24:e4:03:21:c0:4d:ca:68:eb:54:4b:
3c:71:2a:d9:c2:5d:e0:04:34:e8:f0:88:02:62:99:e3:47:69:
e0:01:0a:a1:66:18:75:dc:d7:13:38:b5:2a:7e:aa:72:10:b3:
f2:6e:8e:ad:6c:a2:c6:00:93:60:b8:b9:77:70:55:70:46:63:
cb:07:6f:dd:dd:1c:b0:0b:ba:aa:bf:b6:24:6b:70:5f:63:c4:
88:e1:98:8d:18:b6:11:2d:4f:77:6b:1e:ee:17:4b:07:10:e1:
4a:7e:d3:1c:b1:21:b0:31:ae:0d:bf:90:3d:ec:de:a4:3d:5a:
ab:96:f0:03:9a:35:23:ff:73:15:4f:8d:b6:9b:e1:6d:50:4a:
da:1d:8d:aa:9a:1b:96:44:f5:3d:92:41:1c:25:7d:61:84:d5:
c6:30:de:6d:2c:93:dd:ca:80:ef:68:e6:e0:27:57:3a:7d:2a:
5f:e7:0c:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEL7b82DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNlZTQ2ZmMwNWUw
NzU3MTQzMGQ1NzA5MWYwMWY4OTFiMzliOGViMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIepkMuKRoNN8yXX7+4f5MEXZ0yLwWjPt7T6WtL8PPArl12Y
X97PZZyOsja9Lv52SKsthKzvcQgQgJj7jh9ZoNCqsVLil4z2F5PprqMxeY0mrYbM
kQ4Uinyg2g6FI1WC87zo4Ek0SRxvACW6ibA/JHPIhjgVXL3ZRHLosGUGrbP7I7bz
apOqWy/m03sbr3lZKF65ALjHddaVZEghr18PpqmxvUbTd1iyNgEpX1S9v/Kx09Wg
0SXZ5VuysyR9Ltdb/QOjxBQbX0Q2tWTsXZ25oGcTQHH5b8X9xQLTC7ae/Odors2d
B7Qxbes1C0Pr1RVnhvqyLU5h1VGj/eIlKncgmeECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTc7kb8BeB1cUMNVwkfAfiRs5uOsTAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
LzNPNUdfQVhnZFhGRERWY0pId0g0a2JPYmpyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIttzANBgkqhkiG9w0BAQsFAAOC
AQEAN1XQhzsk4oDEh9Sx9E1w6Xrwy2W6KQgwpzVanHtYOq73P+3x5TzNhJGux+rS
j83TfNPz7R0eeOh00D3B8aYeVoDQe5WvicApzD2VLdk2NiTkAyHATcpo61RLPHEq
2cJd4AQ06PCIAmKZ40dp4AEKoWYYddzXEzi1Kn6qchCz8m6OrWyixgCTYLi5d3BV
cEZjywdv3d0csAu6qr+2JGtwX2PEiOGYjRi2ES1Pd2se7hdLBxDhSn7THLEhsDGu
Db+QPezepD1aq5bwA5o1I/9zFU+NtpvhbVBK2h2NqpoblkT1PZJBHCV9YYTVxjDe
bSyT3cqA72jm4CdXOn0qX+cMlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org